Module: Authbox

Extended by:

ActiveSupport::Concern

Defined in:

lib/authbox.rb

Overview

This module adds support for Authbox to your Rails controller. We recommend you add it to app/controllers/application_controller.rb like this:

require 'authbox'

class ApplicationController < ActionController::Base
 include Authbox
end

Once this is included in your controller, you’ll need to add your credentials. Add them to config/application.rb like this:

config.authbox = {
  :api_key => 'yourApiKey',
  :secret_key => 'yourSecret'
}

That’s it! Authbox can start logging basic metadata immediately.

To get the most out of Authbox you should tell us who your users are. You do this by overriding the authbox_get_request_data() method on the controller. Here’s how you would tell Authbox about your users while using Devise:

class ApplicationController < ActionController::Base
  include Authbox

  def authbox_get_request_data
    return {
      '$user' => {
        '$creationTime' => current_user.created_at,
        '$userIDs' => [
          {'$type' => '$email', '$key' => current_user.email}
        ]
      }
    }
  end
end

Instance Method Summary

• #authbox_check(action = {}) ⇒ Object
• #authbox_get_request_data ⇒ Object

  Override me to return additional data for the request (like the user).

• #authbox_log(action = {}) ⇒ Object

  Report a custom action to Authbox.

• #authbox_post_form(uri, body) ⇒ Object

  Override me to inject a custom HTTP POST library.

Instance Method Details

#authbox_check(action = {}) ⇒ Object

# File 'lib/authbox.rb', line 70

def authbox_check(action={})
  if not authbox_ensure_one_request(:check)
    return @authbox_verdict
  end

  @authbox_check_action = action
  return authbox_request('/action_check', action, false)
end

#authbox_get_request_data ⇒ Object

Override me to return additional data for the request (like the user)

# File 'lib/authbox.rb', line 99

def authbox_get_request_data
  return {}
end

#authbox_log(action = {}) ⇒ Object

Report a custom action to Authbox. If this is not called during a request, an $unknown action will be logged. See the documentation for what information you can pass here in the action hash.

# File 'lib/authbox.rb', line 57

def authbox_log(action={})
  if not authbox_ensure_one_request(:log)
    return
  end

  if not @authbox_verdict.blank? and @authbox_verdict['type'] != 'ALLOW'
    return
  end


  return authbox_request('/action_log', action, true)
end

#authbox_post_form(uri, body) ⇒ Object

Override me to inject a custom HTTP POST library

# File 'lib/authbox.rb', line 81

def authbox_post_form(uri, body)
  authbox_debug_log {"Posting data to #{uri}: #{body}"}

  req = Net::HTTP::Post.new(uri.path, initheader = {'Content-Type' =>'application/json'})
  req.body = body.to_json

  return Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
    begin
      http.request(req)
    rescue => e
      authbox_warn_log { "HTTP request error: #{e}" }
    end
  end
end