reputable 0.1.4 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +12 -2
- data/lib/reputable/configuration.rb +6 -2
- data/lib/reputable/version.rb +1 -1
- data/lib/reputable.rb +8 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3c8047e39b4f09d6580aeba68d04e3231c2774b9f0eac1d7c70591b7e45e11df
|
|
4
|
+
data.tar.gz: 14aecba661b4bd57381f496274dfd0185cc7ef1e7332ab71d2ce56d623935cb8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 34507a4124cca8739008ccf9bc1762226aeef05c994fb861be47bc08eb4e4b06dcad501082750cf56b6f9025b0e1d7596bc057da761bba23c94b583048096425
|
|
7
|
+
data.tar.gz: 67d7c49193f2c2492d49cc34a0e5051f45db49ed98f7d62a7623fc32cfc753f481da5c6ba9a9fba71f624d68cab535334d409b7c74532c102ffd4f29f338e2ba
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -80,6 +80,9 @@ All configuration can be set via environment variables:
|
|
|
80
80
|
# Required
|
|
81
81
|
REPUTABLE_REDIS_URL=rediss://user:password@your-dragonfly.example.com:6379
|
|
82
82
|
|
|
83
|
+
# Optional: Base URL for verification and API endpoints (domain only)
|
|
84
|
+
REPUTABLE_BASE_URL=https://api.reputable.click
|
|
85
|
+
|
|
83
86
|
# Optional: Disable entirely (useful for test environments)
|
|
84
87
|
REPUTABLE_ENABLED=false
|
|
85
88
|
|
|
@@ -138,7 +141,7 @@ Reputable.configure do |config|
|
|
|
138
141
|
# Verification Configuration
|
|
139
142
|
# Supports comma-separated list in REPUTABLE_TRUSTED_KEYS or single key in REPUTABLE_TRUSTED_KEY
|
|
140
143
|
config.trusted_keys = ENV['REPUTABLE_TRUSTED_KEYS']&.split(',') || ENV['REPUTABLE_TRUSTED_KEY']
|
|
141
|
-
config.
|
|
144
|
+
config.base_url = ENV['REPUTABLE_BASE_URL'] # Domain only
|
|
142
145
|
|
|
143
146
|
# Error callback (optional)
|
|
144
147
|
config.on_error = ->(error, context) {
|
|
@@ -378,13 +381,20 @@ if suspicious_activity_detected?
|
|
|
378
381
|
redirect_url = Reputable.verification_url(
|
|
379
382
|
return_url: request.original_url, # Where to send them back after verification
|
|
380
383
|
failure_url: root_url, # Optional: where to send if they fail/garbage token
|
|
381
|
-
session_id: session.id
|
|
384
|
+
session_id: session.id, # Optional: link specific session
|
|
385
|
+
force_challenge: false # Optional: if true, always show CAPTCHA (for testing)
|
|
382
386
|
)
|
|
383
387
|
|
|
384
388
|
redirect_to redirect_url
|
|
385
389
|
end
|
|
386
390
|
```
|
|
387
391
|
|
|
392
|
+
**Options:**
|
|
393
|
+
- `return_url` (required): Where to redirect after successful verification
|
|
394
|
+
- `failure_url` (optional): Where to redirect on failure (defaults to return_url)
|
|
395
|
+
- `session_id` (optional): Bind verification to a specific session
|
|
396
|
+
- `force_challenge` (optional): If `true`, always show CAPTCHA even for trusted users. Useful for testing the challenge flow.
|
|
397
|
+
|
|
388
398
|
### 2. Handling the Return Redirect
|
|
389
399
|
|
|
390
400
|
When the user passes verification (or is determined to be already trusted/clean), they are immediately redirected back to your `return_url` with signed parameters.
|
|
@@ -14,7 +14,11 @@ module Reputable
|
|
|
14
14
|
:default_ttls, :pool_size, :pool_timeout,
|
|
15
15
|
:connect_timeout, :read_timeout, :write_timeout,
|
|
16
16
|
:ssl_params, :trusted_proxies, :ip_header_priority,
|
|
17
|
-
:on_error, :trusted_keys, :
|
|
17
|
+
:on_error, :trusted_keys, :base_url
|
|
18
|
+
|
|
19
|
+
# Alias for backward compatibility
|
|
20
|
+
alias_method :verification_base_url, :base_url
|
|
21
|
+
alias_method :verification_base_url=, :base_url=
|
|
18
22
|
|
|
19
23
|
# Default TTLs in seconds (0 = forever)
|
|
20
24
|
DEFAULT_TTLS = {
|
|
@@ -73,7 +77,7 @@ module Reputable
|
|
|
73
77
|
elsif ENV["REPUTABLE_SECRET_KEY"]
|
|
74
78
|
@trusted_keys = [ENV["REPUTABLE_SECRET_KEY"]]
|
|
75
79
|
end
|
|
76
|
-
@
|
|
80
|
+
@base_url = ENV.fetch("REPUTABLE_BASE_URL", "https://api.reputable.click")
|
|
77
81
|
end
|
|
78
82
|
|
|
79
83
|
# Alias for backward compatibility
|
data/lib/reputable/version.rb
CHANGED
data/lib/reputable.rb
CHANGED
|
@@ -126,7 +126,12 @@ module Reputable
|
|
|
126
126
|
end
|
|
127
127
|
|
|
128
128
|
# Generate a signed verification URL
|
|
129
|
-
|
|
129
|
+
# @param return_url [String] URL to redirect to after successful verification
|
|
130
|
+
# @param failure_url [String, nil] URL to redirect to on failure (optional)
|
|
131
|
+
# @param session_id [String, nil] Session ID to bind the verification to (optional)
|
|
132
|
+
# @param force_challenge [Boolean] If true, always show CAPTCHA even for trusted users (default: false)
|
|
133
|
+
# @return [String] The signed verification URL
|
|
134
|
+
def verification_url(return_url:, failure_url: nil, session_id: nil, force_challenge: false)
|
|
130
135
|
keys = configuration.trusted_keys
|
|
131
136
|
if keys.nil? || keys.empty?
|
|
132
137
|
logger&.warn "Reputable: Missing trusted_keys, cannot generate verification URL"
|
|
@@ -136,7 +141,7 @@ module Reputable
|
|
|
136
141
|
# Use the first key for signing new requests
|
|
137
142
|
secret = keys.first
|
|
138
143
|
|
|
139
|
-
base_url = configuration.
|
|
144
|
+
base_url = configuration.base_url
|
|
140
145
|
# Ensure base_url doesn't have a trailing slash, then append the verify path
|
|
141
146
|
base_url = base_url.chomp("/")
|
|
142
147
|
verify_url = "#{base_url}/_reputable/verify"
|
|
@@ -150,6 +155,7 @@ module Reputable
|
|
|
150
155
|
returnUrl: return_url,
|
|
151
156
|
failureUrl: failure_url,
|
|
152
157
|
sessionId: session_id,
|
|
158
|
+
forceChallenge: force_challenge,
|
|
153
159
|
iat: Time.now.to_i
|
|
154
160
|
}
|
|
155
161
|
encoded_payload = base64url_encode(JSON.generate(payload))
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: reputable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Reputable
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-12-
|
|
11
|
+
date: 2025-12-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: redis
|