reputable 0.1.8 → 0.1.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0b987ffa68c839c4a7d7a288fbe89f530eebeed3ba7f793ae7f9dc99ffa09063
-  data.tar.gz: 4d83e36696d0b1164958dc32be975f4b18dbdc9e2d67e25e586cbdced3c690f3
+  metadata.gz: 10ace4d8c54f4fe4bcf4a1a2bbba66015dbff719b353ee9331e9f3ad56400c69
+  data.tar.gz: d3044684df204b097e1a739f29425947306ed9c5533d4a20c66b1064dafc8892
 SHA512:
-  metadata.gz: a89be2adeabee55f6ef8599dff51e6fbdff659de9cc7657b1d82ae61e14d61a52985533f067939500f89b19e36b844be4baf9b882d2926f29c7d899b5da6fa1a
-  data.tar.gz: bb16577e080d26d0ba106e8dbbc777b48b030c1bdc83bae5fba75df56f06db46557a0aa92318e9e82e7f04722065e0f3b7fb28adcf80dd400b9f3810e14b84a2
+  metadata.gz: d3e578a48821efe6610ee60d0560c366fa2136e4fcbc93274822abda5cfb776e0aa924fe7877ff3c2164b177328fe630734fbf5d972103d741d5fc5f8db3f65b
+  data.tar.gz: 077b28a5af24557650e4e82759f63656532da2586f200b68a1dee2ebb6315c238efa44bf8dbb5a58634eb3cecb1819649772abeb65f78efcd064339453d842e3

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    reputable (0.1.6)
+    reputable (0.1.10)
       connection_pool (~> 2.2)
       redis (>= 4.0, < 6.0)
 

data/README.md

@@ -4,6 +4,8 @@ Ruby gem for integrating with Reputable - bot detection and reputation scoring f
 
 **Resilience First**: This gem is designed to never break your application. All operations fail silently with safe defaults.
 
+Release notes and version bumps: see `clients/ruby/RELEASING.md`.
+
 ## Installation
 
 Add to your Gemfile:
@@ -83,6 +85,11 @@ REPUTABLE_REDIS_URL=rediss://user:password@your-dragonfly.example.com:6379
 # Optional: Base URL for verification and API endpoints (domain only)
 REPUTABLE_BASE_URL=https://api.reputable.click
 
+# Optional: Blocked page branding/support info
+REPUTABLE_SITE_NAME="Example Store"
+REPUTABLE_SUPPORT_EMAIL=support@example.com
+REPUTABLE_SUPPORT_URL=https://example.com/support
+
 # Optional: Disable entirely (useful for test environments)
 REPUTABLE_ENABLED=false
 
@@ -122,7 +129,7 @@ Reputable.configure do |config|
   # Customize TTLs (in seconds, 0 = forever)
   config.default_ttls = {
     trusted_verified: 0,              # Forever
-    trusted_behavior: 30 * 24 * 3600, # 30 days
+    trusted_behavior: 365 * 24 * 3600, # 1 year
     untrusted_challenge: 7 * 24 * 3600,
     untrusted_block: 7 * 24 * 3600,
     untrusted_ignore: 7 * 24 * 3600
@@ -142,6 +149,11 @@ Reputable.configure do |config|
   # Supports comma-separated list in REPUTABLE_TRUSTED_KEYS or single key in REPUTABLE_TRUSTED_KEY
   config.trusted_keys = ENV['REPUTABLE_TRUSTED_KEYS']&.split(',') || ENV['REPUTABLE_TRUSTED_KEY']
   config.base_url = ENV['REPUTABLE_BASE_URL'] # Domain only
+
+  # Optional: blocked page branding/support info
+  config.site_name = ENV['REPUTABLE_SITE_NAME']
+  config.support_email = ENV['REPUTABLE_SUPPORT_EMAIL']
+  config.support_url = ENV['REPUTABLE_SUPPORT_URL']
   
   # Error callback (optional)
   config.on_error = ->(error, context) {
@@ -260,6 +272,27 @@ config.middleware.use Reputable::Middleware,
   async: true
 ```
 
+### Optional Reputation Gate
+
+If you want the middleware to enforce IP reputation decisions, enable the gate:
+
+```ruby
+config.middleware.use Reputable::Middleware,
+  reputation_gate: true,
+  challenge_action: :verify,      # Redirect to verification for untrusted_challenge
+  block_action: :blocked_page_remote, # Redirect to hosted blocked page (uses app UI settings)
+  blocked_page_path: "/_reputable/blocked" # Only used for local blocked page
+```
+
+Notes:
+- For `untrusted_challenge`, the middleware redirects to the Reputable verification URL.
+- For `untrusted_block`, the default is to redirect to the hosted blocked page (`/_reputable/verify/blocked`).
+- The hosted blocked page uses the same app UI settings as the verify/failure pages (`siteName`, `supportEmail`).
+- To render a local blocked page instead, set `block_action: :blocked_page` and pass `blocked_page` options.
+- To use a custom hosted page, set `blocked_redirect_url: "https://example.com/blocked"`.
+- Use `blocked_page_path` only for local blocked pages (or to build a custom `failure_url`).
+- Override `challenge_redirect_status` (default `302`) or `verification_force_challenge` if needed.
+
 ### Default Skipped Paths
 
 The middleware automatically skips:
@@ -330,6 +363,31 @@ reputable_verified?
 clear_reputable_verification!
 ```
 
+### Reputation Gate Helpers
+
+```ruby
+class SessionsController < ApplicationController
+  def new
+    require_reputable_reputation!
+    # If not blocked/challenged, continue
+  end
+end
+```
+
+`require_reputable_reputation!` will:
+- Render a blocked page for `untrusted_block`
+- Run verification flow for `untrusted_challenge`
+
+You can also render the blocked page directly:
+
+```ruby
+render_reputable_blocked_page(
+  site_name: "Example Store",
+  support_email: "support@example.com",
+  support_url: "https://example.com/support"
+)
+```
+
 ---
 
 ## Manual API Usage
@@ -358,8 +416,17 @@ Reputable.track_request_async(
 ### Reputation Management
 
 ```ruby
-# Trust IP forever (after payment, verification, etc.)
-Reputable.trust_ip(request.ip, reason: 'payment_completed', order_id: order.id)
+# Trust IP (behavioral by default, uses default TTL)
+Reputable.trust_ip(request.ip, reason: 'behavior_trust', order_id: order.id)
+
+# Trust IP as verified (forever, explicitly)
+Reputable.trust_ip(
+  request.ip,
+  reason: 'payment_completed',
+  status: :trusted_verified,
+  ttl: 0,
+  order_id: order.id
+)
 
 # Challenge (require CAPTCHA, etc.)
 Reputable.challenge_ip(request.ip, reason: 'unusual_activity')

data/RELEASING.md

@@ -0,0 +1,26 @@
+# Releasing the Ruby Gem
+
+## Update version + changelog
+
+1. Bump the version in `clients/ruby/lib/reputable/version.rb`.
+2. Add a matching entry in `CHANGELOG.md` (repo root).
+
+## Build the gem (optional local check)
+
+```bash
+cd clients/ruby
+bundle exec rake build
+```
+
+## Build + push from repo root (npm script)
+
+```bash
+npm run release:gem
+```
+
+## Publish (if applicable)
+
+```bash
+cd clients/ruby
+gem push pkg/reputable-<version>.gem
+```

data/lib/reputable/blocked_page.rb

@@ -0,0 +1,171 @@
+# frozen_string_literal: true
+
+module Reputable
+  # Simple HTML blocked page renderer for Rack/Rails usage.
+  module BlockedPage
+    class << self
+      def response(
+        site_name: nil,
+        support_email: nil,
+        support_url: nil,
+        client_ip: nil,
+        heading: "Access blocked",
+        message: nil,
+        status: 403,
+        show_ip: true
+      )
+        html = build_html(
+          site_name: site_name,
+          support_email: support_email,
+          support_url: support_url,
+          client_ip: client_ip,
+          heading: heading,
+          message: message,
+          show_ip: show_ip
+        )
+
+        headers = {
+          "Content-Type" => "text/html; charset=utf-8",
+          "Cache-Control" => "no-store"
+        }
+
+        [status, headers, [html]]
+      end
+
+      def html(**options)
+        build_html(**options)
+      end
+
+      private
+
+      def build_html(site_name:, support_email:, support_url:, client_ip:, heading:, message:, show_ip:)
+        display_name = escape_html(site_name || "this site")
+        safe_support_email = support_email ? escape_html(support_email) : nil
+        safe_support_url = support_url ? escape_html(support_url) : nil
+        safe_heading = escape_html(heading || "Access blocked")
+        safe_message = escape_html(
+          message || "We cannot allow this request for #{display_name}. Your connection was blocked by a security policy."
+        )
+
+        contact_line = if safe_support_email || safe_support_url
+                         parts = []
+                         parts << if safe_support_email
+                                    %(at <a href="mailto:#{safe_support_email}">#{safe_support_email}</a>)
+                                  else
+                                    nil
+                                  end
+                         parts << if safe_support_url
+                                    %(via <a href="#{safe_support_url}">support</a>)
+                                  else
+                                    nil
+                                  end
+                         parts.compact.join(" or ")
+                       else
+                         "by contacting the site owner"
+                       end
+
+        ip_line = if show_ip && client_ip && !client_ip.to_s.empty?
+                    %(<div class="ip-text">Your IP: #{escape_html(client_ip.to_s)}</div>)
+                  else
+                    ""
+                  end
+
+        <<~HTML
+          <!DOCTYPE html>
+          <html lang="en">
+          <head>
+              <meta charset="UTF-8">
+              <meta name="viewport" content="width=device-width, initial-scale=1.0">
+              <title>Access blocked</title>
+              <style>
+                  :root {
+                      --bg-color: #fafafa;
+                      --card-bg: #ffffff;
+                      --text-color: #333333;
+                      --text-muted: #6b7280;
+                      --border-color: #e5e7eb;
+                      --link-color: #2563eb;
+                  }
+                  @media (prefers-color-scheme: dark) {
+                      :root {
+                          --bg-color: #0f0f0f;
+                          --card-bg: #1a1a1a;
+                          --text-color: #f3f4f6;
+                          --text-muted: #9ca3af;
+                          --border-color: #374151;
+                          --link-color: #60a5fa;
+                      }
+                  }
+                  * { box-sizing: border-box; }
+                  body {
+                      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Arial, sans-serif;
+                      background: var(--bg-color);
+                      color: var(--text-color);
+                      display: flex;
+                      align-items: center;
+                      justify-content: center;
+                      min-height: 100vh;
+                      margin: 0;
+                      padding: 20px;
+                  }
+                  .card {
+                      max-width: 520px;
+                      width: 100%;
+                      padding: 40px;
+                      background: var(--card-bg);
+                      border: 1px solid var(--border-color);
+                      border-radius: 12px;
+                      text-align: center;
+                      box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1), 0 2px 4px -2px rgba(0, 0, 0, 0.1);
+                  }
+                  h1 { margin: 0 0 12px; font-size: 22px; font-weight: 600; }
+                  p { margin: 0 0 20px; line-height: 1.5; color: var(--text-muted); }
+                  a { color: var(--link-color); text-decoration: none; }
+                  a:hover { text-decoration: underline; }
+                  .muted { font-size: 13px; color: var(--text-muted); }
+                  .branding {
+                      display: flex;
+                      align-items: center;
+                      justify-content: center;
+                      gap: 8px;
+                      margin-top: 24px;
+                      padding-top: 20px;
+                      border-top: 1px solid var(--border-color);
+                  }
+                  .branding-text {
+                      font-size: 12px;
+                      color: var(--text-muted);
+                  }
+                  .ip-text {
+                      margin-top: 12px;
+                      font-size: 11px;
+                      color: var(--text-muted);
+                  }
+              </style>
+          </head>
+          <body>
+              <div class="card">
+                  <h1>#{safe_heading}</h1>
+                  <p>#{safe_message}</p>
+                  <p class="muted">If you believe this is a mistake, you can reach #{display_name} #{contact_line}.</p>
+                  <div class="branding">
+                      <span class="branding-text">Protected by Reputable</span>
+                  </div>
+                  #{ip_line}
+              </div>
+          </body>
+          </html>
+        HTML
+      end
+
+      def escape_html(text)
+        text.to_s
+            .gsub("&", "&amp;")
+            .gsub("<", "&lt;")
+            .gsub(">", "&gt;")
+            .gsub('"', "&quot;")
+            .gsub("'", "&#39;")
+      end
+    end
+  end
+end

data/lib/reputable/configuration.rb

@@ -14,7 +14,8 @@ module Reputable
                   :default_ttls, :pool_size, :pool_timeout,
                   :connect_timeout, :read_timeout, :write_timeout,
                   :ssl_params, :trusted_proxies, :ip_header_priority,
-                  :on_error, :trusted_keys, :base_url
+                  :on_error, :trusted_keys, :base_url,
+                  :site_name, :support_email, :support_url
 
     # Alias for backward compatibility
     alias_method :verification_base_url, :base_url
@@ -23,7 +24,7 @@ module Reputable
     # Default TTLs in seconds (0 = forever)
     DEFAULT_TTLS = {
       trusted_verified: 0,          # Forever
-      trusted_behavior: 30 * 24 * 3600, # 30 days
+      trusted_behavior: 365 * 24 * 3600, # 1 year
       untrusted_challenge: 7 * 24 * 3600, # 7 days
       untrusted_block: 7 * 24 * 3600,     # 7 days
       untrusted_ignore: 7 * 24 * 3600     # 7 days
@@ -78,6 +79,9 @@ module Reputable
         @trusted_keys = [ENV["REPUTABLE_SECRET_KEY"]]
       end
       @base_url = ENV.fetch("REPUTABLE_BASE_URL", "https://api.reputable.click")
+      @site_name = ENV["REPUTABLE_SITE_NAME"]
+      @support_email = ENV["REPUTABLE_SUPPORT_EMAIL"]
+      @support_url = ENV["REPUTABLE_SUPPORT_URL"]
     end
 
     # Alias for backward compatibility

data/lib/reputable/middleware.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require_relative "blocked_page"
+
 module Reputable
   # Rack middleware for automatic request tracking
   #
@@ -42,12 +44,34 @@ module Reputable
       @skip_if = options[:skip_if]
       @tag_builder = options[:tag_builder]
       @async = options.fetch(:async, true)
+      @reputation_gate = options.fetch(:reputation_gate, false)
+      @challenge_action = options.fetch(:challenge_action, :verify)
+      @block_action = options.fetch(:block_action, :blocked_page_remote)
+      @challenge_redirect_status = options.fetch(:challenge_redirect_status, 302)
+      @blocked_redirect_status = options.fetch(:blocked_redirect_status, 302)
+      @blocked_redirect_url = options[:blocked_redirect_url]
+      @verification_force_challenge = options.fetch(:verification_force_challenge, false)
+      @verification_failure_url = options[:verification_failure_url]
+      @verification_session_id = options[:verification_session_id]
+      @verified_session_keys = Array(options.fetch(:verified_session_keys, [:reputable_verified_at, :reputable_verified]))
+      @blocked_page_options = options.fetch(:blocked_page, {})
+      @blocked_page_path = options[:blocked_page_path]
     end
 
     def call(env)
       # Check for verification return parameters and verify signature if present
       handle_verification_return(env)
 
+      # Optional: render blocked page path directly
+      if (blocked_response = handle_blocked_page_request(env))
+        return blocked_response
+      end
+
+      # Optional: enforce reputation gate before app
+      if (gate_response = safe_reputation_gate(env))
+        return gate_response
+      end
+
       # ALWAYS process the request first - tracking must never block
       status, headers, response = @app.call(env)
 
@@ -60,6 +84,33 @@ module Reputable
 
     private
 
+    def safe_reputation_gate(env)
+      return nil unless @reputation_gate
+      return nil unless Reputable.enabled?
+      return nil if skip_request?(env)
+
+      enforce_reputation_gate(env)
+    rescue StandardError => e
+      Reputable.logger&.debug("Reputable reputation gate: #{e.class} - #{e.message}")
+      nil
+    end
+
+    def enforce_reputation_gate(env)
+      ip = extract_ip(env)
+      status = Reputable::Reputation.lookup_ip(ip)
+      return nil if status.nil?
+
+      case status
+      when "untrusted_block"
+        handle_block_action(env, ip)
+      when "untrusted_challenge"
+        return nil if verified_session?(env)
+        handle_challenge_action(env)
+      else
+        nil
+      end
+    end
+
     def safe_track_request(env)
       # Skip if disabled globally
       return unless Reputable.enabled?
@@ -93,6 +144,145 @@ module Reputable
       Reputable.logger&.debug("Reputable verification error: #{e.message}")
     end
 
+    def handle_blocked_page_request(env)
+      return nil unless @blocked_page_path
+
+      path = env["PATH_INFO"] || "/"
+      return nil unless path == @blocked_page_path
+
+      ip = extract_ip(env)
+      build_blocked_page_response(ip)
+    rescue StandardError => e
+      Reputable.logger&.debug("Reputable blocked page: #{e.class} - #{e.message}")
+      nil
+    end
+
+    def handle_block_action(env, ip)
+      case @block_action
+      when :blocked_page
+        build_blocked_page_response(ip)
+      when :blocked_page_remote
+        url = resolve_blocked_redirect_url(env) || Reputable.blocked_page_url
+        redirect_response(url, @blocked_redirect_status)
+      when :forbidden
+        [403, { "Content-Type" => "text/plain; charset=utf-8" }, ["Forbidden"]]
+      when Proc
+        @block_action.call(env, ip)
+      else
+        build_blocked_page_response(ip)
+      end
+    end
+
+    def handle_challenge_action(env)
+      case @challenge_action
+      when :verify
+        keys = Reputable.configuration.trusted_keys
+        return nil if keys.nil? || keys.empty?
+
+        request = Rack::Request.new(env)
+        return_url = request.url
+        failure_url = build_verification_failure_url(request)
+        session_id = resolve_session_id(env)
+
+        redirect_url = Reputable.verification_url(
+          return_url: return_url,
+          failure_url: failure_url,
+          session_id: session_id,
+          force_challenge: @verification_force_challenge
+        )
+
+        return nil if redirect_url == return_url
+
+        redirect_response(redirect_url, @challenge_redirect_status)
+      when Proc
+        @challenge_action.call(env)
+      else
+        nil
+      end
+    end
+
+    def build_verification_failure_url(request)
+      if @verification_failure_url.respond_to?(:call)
+        @verification_failure_url.call(request)
+      elsif @verification_failure_url
+        @verification_failure_url
+      elsif @blocked_page_path
+        base = request.base_url
+        path = @blocked_page_path.start_with?("/") ? @blocked_page_path : "/#{@blocked_page_path}"
+        "#{base}#{path}"
+      end
+    rescue StandardError
+      nil
+    end
+
+    def resolve_session_id(env)
+      return @verification_session_id.call(env) if @verification_session_id.respond_to?(:call)
+      return @verification_session_id if @verification_session_id.is_a?(String)
+
+      if @verification_session_id.is_a?(Symbol)
+        session = env["rack.session"]
+        return session[@verification_session_id] if session
+      end
+
+      session = env["rack.session"]
+      return nil unless session
+
+      return session.id if session.respond_to?(:id) && session.id
+
+      options = env["rack.session.options"]
+      return options[:id] if options.is_a?(Hash) && options[:id]
+
+      session[:session_id] || session["session_id"]
+    rescue StandardError
+      nil
+    end
+
+    def verified_session?(env)
+      return true if env["reputable.verified"]
+
+      session = env["rack.session"]
+      return false unless session
+
+      @verified_session_keys.any? do |key|
+        session[key] || session[key.to_s]
+      end
+    rescue StandardError
+      false
+    end
+
+    def build_blocked_page_response(client_ip)
+      options = blocked_page_options.merge(client_ip: client_ip)
+      Reputable::BlockedPage.response(**options)
+    end
+
+    def blocked_page_options
+      config = Reputable.configuration
+      defaults = {
+        site_name: config.site_name,
+        support_email: config.support_email,
+        support_url: config.support_url
+      }
+      defaults.merge(@blocked_page_options)
+    end
+
+    def redirect_response(url, status)
+      headers = {
+        "Location" => url,
+        "Content-Type" => "text/html; charset=utf-8",
+        "Cache-Control" => "no-store"
+      }
+      [status, headers, ["Redirecting to verification..."]]
+    end
+
+    def resolve_blocked_redirect_url(env)
+      return @blocked_redirect_url.call(env) if @blocked_redirect_url.respond_to?(:call)
+      return @blocked_redirect_url if @blocked_redirect_url.is_a?(String)
+
+      nil
+    rescue StandardError
+      nil
+    end
+
     def skip_request?(env)
       return true if @skip_if&.call(env)
 

data/lib/reputable/rails.rb

@@ -25,11 +25,13 @@ module Reputable
         )
       end
 
-      # Trust the current user's IP (e.g., after payment)
-      def trust_current_ip(reason:, **metadata)
+      # Trust the current user's IP (behavioral by default, verified optional)
+      def trust_current_ip(reason:, status: :trusted_behavior, ttl: nil, **metadata)
         Reputable::Reputation.trust_ip(
           request.remote_ip,
           reason: reason,
+          status: status,
+          ttl: ttl,
           **metadata
         )
       end
@@ -90,6 +92,30 @@ module Reputable
       # Verification redirect helpers
       # ========================================
 
+      # Render the standard blocked page
+      def render_reputable_blocked_page(
+        status: 403,
+        site_name: nil,
+        support_email: nil,
+        support_url: nil,
+        heading: "Access blocked",
+        message: nil,
+        show_ip: true
+      )
+        config = Reputable.configuration
+        html = Reputable::BlockedPage.html(
+          site_name: site_name || config.site_name,
+          support_email: support_email || config.support_email,
+          support_url: support_url || config.support_url,
+          client_ip: request.remote_ip,
+          heading: heading,
+          message: message,
+          show_ip: show_ip
+        )
+
+        render html: html.html_safe, status: status, content_type: "text/html"
+      end
+
       # Check if the current session has already passed verification
       # @param session_key [Symbol]
       # @return [Boolean]
@@ -143,6 +169,47 @@ module Reputable
         ) and return
       end
 
+      # Enforce reputation-based access control.
+      # - If IP is blocked, render a blocked page.
+      # - If IP is challenged, run verification flow.
+      def require_reputable_reputation!(
+        return_url: request.original_url,
+        failure_url: nil,
+        session_id: session.id,
+        force_challenge: false,
+        session_key: :reputable_verified_at,
+        blocked_status: 403,
+        blocked_site_name: nil,
+        blocked_support_email: nil,
+        blocked_support_url: nil,
+        blocked_heading: "Access blocked",
+        blocked_message: nil,
+        blocked_show_ip: true
+      )
+        if current_ip_blocked?
+          render_reputable_blocked_page(
+            status: blocked_status,
+            site_name: blocked_site_name,
+            support_email: blocked_support_email,
+            support_url: blocked_support_url,
+            heading: blocked_heading,
+            message: blocked_message,
+            show_ip: blocked_show_ip
+          )
+          return
+        end
+
+        return unless current_ip_challenged?
+
+        require_reputable_verification!(
+          return_url: return_url,
+          failure_url: failure_url,
+          session_id: session_id,
+          force_challenge: force_challenge,
+          session_key: session_key
+        )
+      end
+
       private
 
       def reputable_verification_url(return_url:, failure_url:, session_id:, force_challenge:)

data/lib/reputable/reputation.rb

@@ -62,14 +62,16 @@ module Reputable
         false
       end
 
-      # Convenience method: Trust an IP (verified status, forever TTL)
-      def trust_ip(ip, reason: "manual_trust", **metadata)
+      # Convenience method: Trust an IP (behavioral by default)
+      # @param status [Symbol] :trusted_behavior or :trusted_verified
+      # @param ttl [Integer, nil] TTL in seconds (0 = forever, nil = use default)
+      def trust_ip(ip, reason: "manual_trust", status: :trusted_behavior, ttl: nil, **metadata)
         apply(
           entity_type: :ip,
           entity_id: ip,
-          status: :trusted_verified,
+          status: status,
           reason: reason,
-          ttl: 0,
+          ttl: ttl,
           metadata: metadata
         )
       end

data/lib/reputable/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Reputable
-  VERSION = "0.1.8"
+  VERSION = "0.1.10"
 end

data/lib/reputable.rb

@@ -7,6 +7,7 @@ require_relative "reputable/configuration"
 require_relative "reputable/connection"
 require_relative "reputable/tracker"
 require_relative "reputable/reputation"
+require_relative "reputable/blocked_page"
 require_relative "reputable/middleware"
 
 # Optional Rails integration (only load if Rails is defined)
@@ -33,8 +34,8 @@ end
 #     path: "/products/123"
 #   )
 #
-# @example Apply reputation after payment
-#   Reputable.trust_ip("203.0.113.45", reason: "payment_completed")
+# @example Apply verified reputation after payment
+#   Reputable.trust_ip("203.0.113.45", reason: "payment_completed", status: :trusted_verified, ttl: 0)
 #
 # @example Disable completely via ENV
 #   # In your environment: REPUTABLE_ENABLED=false
@@ -88,8 +89,8 @@ module Reputable
       Reputation.apply(entity_type: entity_type, entity_id: entity_id, status: status, **options)
     end
 
-    def trust_ip(ip, reason: "manual_trust", **metadata)
-      Reputation.trust_ip(ip, reason: reason, **metadata)
+    def trust_ip(ip, reason: "manual_trust", status: :trusted_behavior, ttl: nil, **metadata)
+      Reputation.trust_ip(ip, reason: reason, status: status, ttl: ttl, **metadata)
     end
 
     def block_ip(ip, reason: "manual_block", **metadata)
@@ -171,6 +172,14 @@ module Reputable
       "#{verify_url}?token=#{token}"
     end
 
+    # Build the hosted blocked page URL
+    # @return [String]
+    def blocked_page_url
+      base_url = configuration.base_url
+      base_url = base_url.chomp("/")
+      "#{base_url}/_reputable/verify/blocked"
+    end
+
     # Verify the signature of a redirect return
     # @param params [Hash] Request query parameters
     # @return [Boolean] true if valid logic and passed signature check

data/reputable.gemspec

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require_relative "lib/reputable/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "reputable"
+  spec.version = Reputable::VERSION
+  spec.authors = ["Reputable"]
+  spec.email = ["support@reputable.click"]
+
+  spec.summary = "Ruby client for Reputable - bot detection and reputation scoring"
+  spec.description = "Track requests and manage IP reputation through Redis/Dragonfly integration with Reputable"
+  spec.homepage = "https://github.com/reputable-click/reputable-rb"
+  spec.license = "MIT"
+  spec.required_ruby_version = ">= 2.7.0"
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = spec.homepage
+  spec.metadata["changelog_uri"] = "#{spec.homepage}/blob/main/CHANGELOG.md"
+
+  spec.files = Dir.chdir(__dir__) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)}) || f.end_with?(".gem")
+    end
+  end
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "redis", ">= 4.0", "< 6.0"
+  spec.add_dependency "connection_pool", "~> 2.2"
+
+  spec.add_development_dependency "bundler", "~> 2.0"
+  spec.add_development_dependency "rake", "~> 13.0"
+  spec.add_development_dependency "rspec", "~> 3.12"
+  spec.add_development_dependency "rack", "~> 2.0"
+  spec.add_development_dependency "rubocop", "~> 1.0"
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: reputable
 version: !ruby/object:Gem::Version
-  version: 0.1.8
+  version: 0.1.10
 platform: ruby
 authors:
 - Reputable
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2025-12-28 00:00:00.000000000 Z
+date: 2025-12-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: redis
@@ -126,8 +126,10 @@ files:
 - Gemfile
 - Gemfile.lock
 - README.md
+- RELEASING.md
 - Rakefile
 - lib/reputable.rb
+- lib/reputable/blocked_page.rb
 - lib/reputable/configuration.rb
 - lib/reputable/connection.rb
 - lib/reputable/middleware.rb
@@ -135,6 +137,7 @@ files:
 - lib/reputable/reputation.rb
 - lib/reputable/tracker.rb
 - lib/reputable/version.rb
+- reputable.gemspec
 homepage: https://github.com/reputable-click/reputable-rb
 licenses:
 - MIT