login-control 0.0.9 → 0.0.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +12 -4
- data/lib/login_control_module.rb +3 -3
- data/lib/login_control_view_helper.rb +9 -9
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 04536373b256d917d6cfa71c8f75c1b3c0ea1c82b40067a9cdc562b30fdf9fb6
|
4
|
+
data.tar.gz: 79725f93e115f88ae440f509795629283d3cf8f7024af1eba5f37ec191a9d8b3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 633f01b07051b6df77522f40468dbc3af370af527f89fb528f370c91614d9ca4a1ad84266552643e89db8873ca96ac1c3d21086c6dc3cd32289dbfe356d2e8cc
|
7
|
+
data.tar.gz: e280825da69501748afb49d94539255166a8758c0cac1fde58bce9eccddb96063ce68e6d9dcc2fcdaa5fe022ef1b1d4843a7fe32ff7ba7b3a7e05a70a1b66481
|
data/README.md
CHANGED
@@ -16,7 +16,7 @@ On localhost captcha is never required.
|
|
16
16
|
|
17
17
|
## Installation
|
18
18
|
|
19
|
-
`gem 'request-control'
|
19
|
+
`gem 'request-control'`
|
20
20
|
|
21
21
|
run
|
22
22
|
```
|
@@ -25,9 +25,17 @@ $ rails g model login_control session_id:string login_name:string scope:string s
|
|
25
25
|
$ rails db:migrate
|
26
26
|
```
|
27
27
|
|
28
|
-
|
28
|
+
initializer
|
29
|
+
```
|
30
|
+
require 'login_control_module'
|
31
|
+
require 'login_control_view_helper'
|
32
|
+
```
|
29
33
|
|
30
|
-
|
34
|
+
ApplicationHelper
|
35
|
+
|
36
|
+
`include LoginControlViewHelper`
|
37
|
+
|
38
|
+
Login Form
|
31
39
|
|
32
40
|
```
|
33
41
|
- if captcha_tag?
|
@@ -39,7 +47,7 @@ Controller example for subclassed devise controller
|
|
39
47
|
```
|
40
48
|
class SessionsController < Devise::SessionsController
|
41
49
|
|
42
|
-
include
|
50
|
+
include LoginControlModule
|
43
51
|
|
44
52
|
def create
|
45
53
|
notice_request_attempt
|
data/lib/login_control_module.rb
CHANGED
@@ -3,7 +3,7 @@ module LoginControlModule
|
|
3
3
|
# check if captcha is to validate (does not store a cookie)
|
4
4
|
def captcha_validation?(scope: :global, login_name: nil)
|
5
5
|
rec = rc_record(scope, login_name)
|
6
|
-
logger.info "
|
6
|
+
logger.info "LoginControlModule => get captcha #{rec&.validate_captcha ? '' : 'NOT '}requested from record LoginControl.#{rec&.id}" if debug_request_control
|
7
7
|
rec ? rec.validate_captcha : true
|
8
8
|
end
|
9
9
|
|
@@ -15,7 +15,7 @@ module LoginControlModule
|
|
15
15
|
rec.last_attempt = DateTime.now
|
16
16
|
rec.attempts = 1
|
17
17
|
rec.save!
|
18
|
-
logger.info "
|
18
|
+
logger.info "LoginControlModule.notice_successful_request => #{rec.sign_in_success}. successful request noticed" if debug_request_control
|
19
19
|
end
|
20
20
|
|
21
21
|
# stores cookie, counts up attempts
|
@@ -25,7 +25,7 @@ module LoginControlModule
|
|
25
25
|
rec.attempts = rec.attempts.to_i + 1
|
26
26
|
rec.last_attempt = DateTime.now
|
27
27
|
rec.save!
|
28
|
-
logger.info "
|
28
|
+
logger.info "LoginControlModule.notice_request_attempt => #{rec.attempts}. request attempt noticed" if debug_request_control
|
29
29
|
end
|
30
30
|
|
31
31
|
private
|
@@ -8,38 +8,38 @@ module LoginControlViewHelper
|
|
8
8
|
rc_id = cookies.encrypted.permanent[:login_control]
|
9
9
|
captcha_requested = true
|
10
10
|
if request.host == 'localhost'
|
11
|
-
logger.info '
|
11
|
+
logger.info 'LoginControlViewHelper.captcha_tag? => no captcha because of localhost' if debug
|
12
12
|
captcha_requested = false
|
13
13
|
elsif !rc_id.present?
|
14
|
-
logger.info '
|
14
|
+
logger.info 'LoginControlViewHelper.captcha_tag? => captcha because no cookie stored yet' if debug
|
15
15
|
captcha_requested = true
|
16
16
|
else
|
17
|
-
logger.info '
|
17
|
+
logger.info 'LoginControlViewHelper.captcha_tag? => cookie found ...' if debug
|
18
18
|
rec = LoginControl.find_by(session_id: rc_id, scope: scope, login_name: login_name)
|
19
19
|
if !rec
|
20
|
-
logger.info '
|
20
|
+
logger.info 'LoginControlViewHelper.captcha_tag? => captcha required because no record found(!)' if debug
|
21
21
|
true
|
22
22
|
else
|
23
|
-
logger.info '
|
23
|
+
logger.info 'LoginControlViewHelper.captcha_tag? => record found ...' if debug
|
24
24
|
|
25
25
|
attempts_allowed = (Rails.configuration.x.login_control.attempts_allowed || 10)
|
26
26
|
retry_after_seconds = (Rails.configuration.x.login_control.retry_after_seconds || 30)
|
27
|
-
logger.info "
|
27
|
+
logger.info "LoginControlViewHelper.captcha_tag? => #{rec.attempts.to_i}. attempt (config.x.attempts_allowed: #{attempts_allowed})" if debug
|
28
28
|
|
29
29
|
if rec.attempts == 1
|
30
30
|
captcha_requested = false
|
31
|
-
logger.info "
|
31
|
+
logger.info "LoginControlViewHelper.captcha_tag? => captcha NOT requested: because first attempt after successful login" if debug
|
32
32
|
elsif rec.attempts.to_i <= attempts_allowed
|
33
33
|
secs = Time.now - (rec.last_attempt || Time.now)
|
34
34
|
if secs >= retry_after_seconds.to_f
|
35
35
|
captcha_requested = false
|
36
|
-
logger.info "
|
36
|
+
logger.info "LoginControlViewHelper.captcha_tag? => captcha #{captcha_requested ? '' : 'NOT '}requested: config.x.retry_after_seconds(#{retry_after_seconds}) >= secs(#{secs})" if debug
|
37
37
|
end
|
38
38
|
end
|
39
39
|
|
40
40
|
end
|
41
41
|
rec.update!(validate_captcha: captcha_requested)
|
42
|
-
logger.info "
|
42
|
+
logger.info "LoginControlViewHelper.captcha_tag? => set captcha #{captcha_requested ? '' : 'NOT '}requested to record LoginControl.#{rec.id}" if debug
|
43
43
|
captcha_requested
|
44
44
|
end
|
45
45
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: login-control
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.11
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Christian Sedlmair
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-01-
|
11
|
+
date: 2023-01-13 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Based on Login Attempts check if captcha is necessary. It stores a permanent
|
14
14
|
cookie and uses a table for tracking login requests.
|