-
-
Save velobuff/800b3335cdde116cb75a to your computer and use it in GitHub Desktop.
Revisions
-
derwiki revised this gist
Feb 26, 2016 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,5 @@ # Adding an audit log to your Rails app If you have any sort of administrative interface on your web site, you can easily imagine an intruder gaining access and mucking about. How do you know the extent of the damage? Adding an audit log to your app is one quick solution. An audit log should record a few things: - controller entry points with parameter values -
Feb 26, 2016 . 1 changed file with 7 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,7 @@ If you have any sort of administrative interface on your web site, you can easily imagine an intruder gaining access and mucking about. How do you know the extent of the damage? Adding an audit log to your app is one quick solution. An audit log should record a few things: - controller entry points with parameter values - permanent information about the user, like user_id - transient information about the user, like IP and user_agent Using the Rails framework, this is as simple as adding a `before_action` to your admin controllers. Here’s a basic version that I’m using in production. -
Feb 26, 2016 . 1 changed file with 6 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,6 @@ require 'audit_log' class AdminController < ApplicationController include AuditLog before_action :auto_log end -
Feb 26, 2016 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,25 @@ require 'geoip' module AuditLog def geoip @@geoip ||= GeoIP.new(File.join(Rails.root, '/lib/GeoIPCity.dat')) end def auto_log rails_action = "#{ params[:controller] }##{ params[:action] }" rails_params = params.except(:controller, :action) details = { :logger => 'AuditLog', :action => rails_action, :ip_address => request.remote_ip, :geo_ip => geoip.city(request.remote_ip).to_h, :user_id => current_user&.id, :user_email => current_user&.email, :user_name => current_user&.name, :params => rails_params, :user_agent => request.user_agent } Rails.logger.info MultiJson.dump(details) end end