This gem allows you to use the ThisData Login Intelligence API.
This repo needs to be cleaned up and modernized. Please see Working with private Ruby gems before doing anything else.
Add this line to your application's Gemfile:
gem 'thisdata'
And then execute:
$ bundle
Or install it yourself as:
$ gem install thisdata
Our API endpoint documentation, tutorials, and sample code can all be found at http://help.thisdata.com
An example ThisData configuration is below. See this_data/configuration.rb
for
more options. For example, in production we recommend you turn on
the asynchronous and non-logging behaviour.
If you're using Rails, you can generate this config file by following our Set Up steps further down.
require 'this_data'
ThisData.setup do |config|
config.api_key = 'API_KEY_HERE' # Don't commit your key to source control!
config.logger = Logger.new($stdout)
config.async = false
config.base_uri = 'https://api.thisdata.com/v1/' # optional. This is the default
end
You can then track any event by calling ThisData.track
and passing a Hash which
contains an event. In the following example, we're tracking a user logging in
to our app:
ThisData.track(
ip: request.remote_ip,
user_agent: request.user_agent,
verb: ThisData::Verbs::LOG_IN,
user: {
id: user.id.to_s,
name: user.name,
email: user.email,
mobile: user.mobile
}
)
response = ThisData.verify(
ip: request.remote_ip,
user_agent: request.user_agent,
user: {
id: user.id
}
)
if response["risk_level"] == ThisData::RISK_LEVEL_GREEN
# Let them log in
else
# Challenge for a Two Factor Authentication code
end
events = ThisData::Event.all(
verb: ThisData::Verbs::LOG_IN,
user_id: user.id,
limit: 25,
offset: 50
)
events.length
=> 25
events.first.user.id
=> "112233"
You can get, create, update and delete custom rules. Note that no error handling is done
within the API wrapper so you will need to watch out for error messages
in the
response body of each call.
Create a rule
# returns an OpenStruct rule
rule = ThisData::Rule.create({
name: "Blacklist all ipv4 addresses",
description: "Blocks every possible ipv4 address",
type: "blacklist",
target: "location.ip",
filters: ["0.0.0.0/0"]
})
puts rule.id
puts rule.name
...
List all rules
rules = ThisData::Rule.all
Find a single rule
rule = ThisData::Rule.find(1234567)
Update a rule
# id is reqired. Other params are optional
ThisData::Rule.update({
id: "123456",
filters: ["0.0.0.0/0",""]
})
Delete a rule
# returns bool
ThisData::Rule.delete(123456)
We have a generator which will set some nice configuration options for Ruby on Rails users.
Find your API key by going to ThisData > Integrations > Login Intelligence API.
Run:
rails g this_data:install YOUR_API_KEY_HERE
The generator will create a file in config/initializers
called "this_data.rb".
If you need to do any further configuration or customization of ThisData,
that's the place to do it!
The recommended way to track events is as above - explicitly calling
ThisData.track
.
However, we do provide a ThisData::TrackRequest
module which, when included in
an ActionController, gives you a simple way to track requests. The advantage
is that this module knows how to get request details automagically, like the IP,
user agent, and ThisData's tracking cookie value (if you've turned that on).
You include the module, then call thisdata_track
. Easy!
e.g. in your sessions controller:
class SessionsController < ApplicationController
include ThisData::TrackRequest
def create
if User.authenticate(params[:email], params[:password])
# Do the things one usually does for a successful auth
# And also track the login
thisdata_track
else
# Their credentials are wrong. Are they trying to access
# a valid account?
if attempted_user = User.find_by(email: params[:email])
thisdata_track(
verb: ThisData::Verbs::LOG_IN_DENIED,
user: attempted_user,
authenticated: false
)
else
# email and password were both incorrect
end
end
end
end
Note: as with many sensitive operations, taking different actions when an account exists vs. when an account doesn't exist can lead to a information disclosure through timing attacks.
Similar to the approach above, there is also a convenience method for verifying the current user.
class SessionsController < ApplicationController
include ThisData::TrackRequest
def create
if User.authenticate(params[:email], params[:password])
# They used the right credentials, but does this login look unusual?
response = thisdata_verify
if response["risk_level"] == ThisData::RISK_LEVEL_GREEN
# The login looks OK. Do the things one usually does for a successful
# auth
# And track it
thisdata_track
else
# There is a chance the account could be breached.
# Confirm authentication by asking for a Two Factor Authentication code
# ....
end
else
# Their credentials are wrong...
end
end
end
We hope not! We encourage you to use the asynchronous API call where possible just in case our end goes down. In all cases we have error handling to capture hard failures, but there may be edge-cases where timeouts or other bugs haven't been properly handled.
So in your own app you could move tracking to a background job, enforce timeouts, add threading (safely!), or employ other methods which enforce good behaviour of third party gems.
Read more: http://help.thisdata.com/docs/how-do-you-not-break-my-app
The API endpoint validates the events you send, and will return errors in the body of the response. Enabling logging will help you debug this.
Our documentation can be read at http://help.thisdata.com. Our API will return error messages you can inspect if the payload is missing required attributes.
Reach out to [email protected] if you need any help, or open an issue!
After checking out the repo, run bin/setup
to install dependencies. Then, run rake test
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/thisdata/thisdata-ruby.