RubyGems - login_attack_report - Versions diffs - 0.2.2 → 0.3.0 - Mend

login_attack_report 0.2.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/README.md +8 -3
data/lib/login_attack_report/l_a_r_version_concern.rb +19 -17
data/lib/login_attack_report/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3c84dbee098b60e3f36fe5817ea823f35ae78384
-  data.tar.gz: 0768bdf44ec1f936f31e1dbc6dbf3587f4a40461
+  metadata.gz: 50fb79257560920c395c4dd4601307ec6830e65d
+  data.tar.gz: 45ed6e2f496da28277109484f7cbfa1cad78632c
 SHA512:
-  metadata.gz: 627e90342d48447d920b8796afd8a13aa05dd849c56a43146b5a47768f7d3816459a60e740d4001c90cf646bb81643f44bf93f0cb29e2e1ea832008247bf106a
-  data.tar.gz: 738e90ffd92db5072a383a4d4dfaeda7f89f3a536652c1336d185d175226dc78ad6acaed99eda127c2124ed9074fa24b8329ef7ec856af190d610a2bbf0f09a5
+  metadata.gz: 61efa806137b58d78779386550e02dcf3a316e915fa89a3b2e53ad32bba7f5ca74b9e140ea5fec13253aca6e401a7cd60b4a473619655ada13bffc387f326fd1
+  data.tar.gz: efb87ec42dd59bb604750422f14bad0953d3fbd8c17f7ba680680474702b568e5e952bf512cdf4ac60dd9e1423d3ff1dddfdf080759c6eaa5bb7da0e210cd185

data/README.md CHANGED Viewed

@@ -52,22 +52,27 @@ end
 前月のログイン成功回数のlimitを超えたユーザを抽出します。
 ※ 異常に多い場合、どこかでID/パスワードが漏れている、もしくはIDが共有されている可能性あり
 ```ruby
-    # @return ActiveRecord::Relation::ActiveRecord_Relation_PaperTrail_Version
+    example:
+    # @return ActiveRecord::Relation::ActiveRecord_Relation_PaperTrail_Version. 'attack_count' you can confirm the number of attacks.
     LoginAttackReport::LARVersion.login_ok_limit_over(:User)
+    LoginAttackReport::LARVersion.login_ok_limit_over(:User).first.attack_count
 ```
 前月のログイン失敗回数のlimitを超えたユーザを抽出します。
 ※ 異常に多い場合、リスト型攻撃を受けている可能性あり
 ```ruby
-    # @return ActiveRecord::Relation::ActiveRecord_Relation_PaperTrail_Version
+    example:
+    # @return ActiveRecord::Relation::ActiveRecord_Relation_PaperTrail_Version. 'attack_count' you can confirm the number of attacks.
     LoginAttackReport::LARVersion.login_ng_limit_over(:User)
 ```
-（未実装）前月のログイン元同一ipのlimitを超えたIPアドレスの一覧を抽出します。
+前月のログイン元同一ipのlimitを超えたIPアドレスの一覧を抽出します。
 ※ 同一ipでログイン失敗回数が多かったら、攻撃されている可能性あり
 ```ruby
+    example:
     # @return Hash IPs list {ip: count, ...}
     LoginAttackReport::LARVersion.ip_limit_over(:User)
 ```

data/lib/login_attack_report/l_a_r_version_concern.rb CHANGED Viewed

@@ -7,26 +7,28 @@ module LoginAttackReport
     module ClassMethods
       def login_ok_limit_over(model)
         PaperTrail::Version
-          .where(item_type: model)
+          .where(item_type: model) \
           .where(
-            'created_at >= ? and created_at <= ? and '\
-            'object_changes like \'%sign_in_count:%\'',
-            Time.now.prev_month.beginning_of_month,
-            Time.now.prev_month.end_of_month
-          ).group(:item_id).having('count(item_id) > ?', LoginAttackReport.login_ok_limit)
+            'created_at >= ? and created_at <= ? and ' \
+            + 'object_changes like \'%sign_in_count:%\'' \
+            , Time.now.prev_month.beginning_of_month \
+            , Time.now.prev_month.end_of_month
+          ).select('versions.*, count(item_id) as attack_count') \
+          .group(:item_id).having('count(item_id) > ?', LoginAttackReport.login_ok_limit)
       end
       def login_ng_limit_over(model)
         PaperTrail::Version
           .where(item_type: model)
           .where(
-            'created_at >= ? and created_at <= ? and '\
-            'object_changes not like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:\n- _\n- 0%\' and '\
-            'object_changes not like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:\n- __\n- 0%\' and '\
-            'object_changes like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:%\'',
-            Time.now.prev_month.beginning_of_month,
-            Time.now.prev_month.end_of_month
-          ).group(:item_id).having('count(item_id) > ?', LoginAttackReport.login_ng_limit)
+            'created_at >= ? and created_at <= ? and ' \
+            + 'object_changes not like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:\n- _\n- 0%\' and ' \
+            + 'object_changes not like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:\n- __\n- 0%\' and ' \
+            + 'object_changes like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:%\'' \
+            , Time.now.prev_month.beginning_of_month \
+            , Time.now.prev_month.end_of_month
+          ).select('versions.*, count(item_id) as attack_count') \
+          .group(:item_id).having('count(item_id) > ?', LoginAttackReport.login_ng_limit)
       end
       def ip_limit_over(model)
@@ -35,10 +37,10 @@ module LoginAttackReport
                               .where(item_type: model)
                               .where(
                                 'created_at >= ? and created_at <= ? and '\
-                                '(object_changes not like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:\n- _\n- 0%\' and '\
-                                  'object_changes not like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:\n- __\n- 0%\' and '\
-                                  'object_changes like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:%\''\
-                                ')',
+                                + '(object_changes not like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:\n- _\n- 0%\' and '\
+                                  + 'object_changes not like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:\n- __\n- 0%\' and '\
+                                  + 'object_changes like \'--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess\nfailed_attempts:%\''\
+                                + ')',
                                 Time.now.prev_month.beginning_of_month,
                                 Time.now.prev_month.end_of_month
                               )

data/lib/login_attack_report/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module LoginAttackReport
-  VERSION = '0.2.2'
+  VERSION = '0.3.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: login_attack_report
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.3.0
 platform: ruby
 authors:
 - taru m
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-07-01 00:00:00.000000000 Z
+date: 2015-08-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -195,3 +195,4 @@ summary: login attack report in Rails.
 test_files:
 - spec/login_attack_report_spec.rb
 - spec/spec_helper.rb
+has_rdoc: