Merge pull request #5274 from consuldemocracy/last-sign-in
ENS: Add security secret "last_sign_in"
This commit is contained in:
Sebastia
4
app/components/account/sign_in_info_component.html.erb
Normal file
4
app/components/account/sign_in_info_component.html.erb
Normal file
@@ -0,0 +1,4 @@
|
|||||||
|
<div class="callout primary">
|
||||||
|
<%= t("account.show.last_sign_in", last_sign_in_at: I18n.l(account.last_sign_in_at, format: :long),
|
||||||
|
last_sign_in_ip: account.last_sign_in_ip) %>
|
||||||
|
</div>
|
||||||
11
app/components/account/sign_in_info_component.rb
Normal file
11
app/components/account/sign_in_info_component.rb
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
class Account::SignInInfoComponent < ApplicationComponent
|
||||||
|
attr_reader :account
|
||||||
|
|
||||||
|
def initialize(account)
|
||||||
|
@account = account
|
||||||
|
end
|
||||||
|
|
||||||
|
def render?
|
||||||
|
Tenant.current_secrets.dig(:security, :last_sign_in)
|
||||||
|
end
|
||||||
|
end
|
||||||
@@ -10,6 +10,8 @@
|
|||||||
|
|
||||||
<h1 class="inline-block"><%= t("account.show.title") %></h1>
|
<h1 class="inline-block"><%= t("account.show.title") %></h1>
|
||||||
|
|
||||||
|
<%= render Account::SignInInfoComponent.new(@account) %>
|
||||||
|
|
||||||
<%= form_for @account, as: :account, url: account_path do |f| %>
|
<%= form_for @account, as: :account, url: account_path do |f| %>
|
||||||
<%= render "shared/errors", resource: @account %>
|
<%= render "shared/errors", resource: @account %>
|
||||||
|
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
en:
|
en:
|
||||||
account:
|
account:
|
||||||
show:
|
show:
|
||||||
|
last_sign_in: "Last login: %{last_sign_in_at} from IP %{last_sign_in_ip}"
|
||||||
change_credentials_link: Change my login details
|
change_credentials_link: Change my login details
|
||||||
erase_account_link: Erase my account
|
erase_account_link: Erase my account
|
||||||
finish_verification: Complete verification
|
finish_verification: Complete verification
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
es:
|
es:
|
||||||
account:
|
account:
|
||||||
show:
|
show:
|
||||||
|
last_sign_in: "Último acceso efectuado: %{last_sign_in_at} desde la IP %{last_sign_in_ip}"
|
||||||
change_credentials_link: Cambiar mis datos de acceso
|
change_credentials_link: Cambiar mis datos de acceso
|
||||||
erase_account_link: Darme de baja
|
erase_account_link: Darme de baja
|
||||||
finish_verification: Finalizar verificación
|
finish_verification: Finalizar verificación
|
||||||
|
|||||||
@@ -19,6 +19,8 @@ development:
|
|||||||
http_basic_username: "dev"
|
http_basic_username: "dev"
|
||||||
http_basic_password: "pass"
|
http_basic_password: "pass"
|
||||||
multitenancy: false
|
multitenancy: false
|
||||||
|
security:
|
||||||
|
last_sign_in: false
|
||||||
secret_key_base: 56792feef405a59b18ea7db57b4777e855103882b926413d4afdfb8c0ea8aa86ea6649da4e729c5f5ae324c0ab9338f789174cf48c544173bc18fdc3b14262e4
|
secret_key_base: 56792feef405a59b18ea7db57b4777e855103882b926413d4afdfb8c0ea8aa86ea6649da4e729c5f5ae324c0ab9338f789174cf48c544173bc18fdc3b14262e4
|
||||||
<<: *maps
|
<<: *maps
|
||||||
|
|
||||||
@@ -50,6 +52,8 @@ staging:
|
|||||||
managers_url: ""
|
managers_url: ""
|
||||||
managers_application_key: ""
|
managers_application_key: ""
|
||||||
multitenancy: false
|
multitenancy: false
|
||||||
|
security:
|
||||||
|
last_sign_in: false
|
||||||
tenants:
|
tenants:
|
||||||
# If you've enabled multitenancy, you can overwrite secrets for a
|
# If you've enabled multitenancy, you can overwrite secrets for a
|
||||||
# specific tenant with:
|
# specific tenant with:
|
||||||
@@ -58,7 +62,7 @@ staging:
|
|||||||
# secret_key: my_secret_value
|
# secret_key: my_secret_value
|
||||||
#
|
#
|
||||||
# Currently you can overwrite SMTP, SMS, manager, microsoft API,
|
# Currently you can overwrite SMTP, SMS, manager, microsoft API,
|
||||||
# HTTP basic, twitter, facebook, google and wordpress settings.
|
# HTTP basic, twitter, facebook, google, wordpress and security settings.
|
||||||
<<: *maps
|
<<: *maps
|
||||||
<<: *apis
|
<<: *apis
|
||||||
|
|
||||||
@@ -86,6 +90,8 @@ preproduction:
|
|||||||
managers_url: ""
|
managers_url: ""
|
||||||
managers_application_key: ""
|
managers_application_key: ""
|
||||||
multitenancy: false
|
multitenancy: false
|
||||||
|
security:
|
||||||
|
last_sign_in: false
|
||||||
tenants:
|
tenants:
|
||||||
# If you've enabled multitenancy, you can overwrite secrets for a
|
# If you've enabled multitenancy, you can overwrite secrets for a
|
||||||
# specific tenant with:
|
# specific tenant with:
|
||||||
@@ -94,7 +100,7 @@ preproduction:
|
|||||||
# secret_key: my_secret_value
|
# secret_key: my_secret_value
|
||||||
#
|
#
|
||||||
# Currently you can overwrite SMTP, SMS, manager, microsoft API,
|
# Currently you can overwrite SMTP, SMS, manager, microsoft API,
|
||||||
# HTTP basic, twitter, facebook, google and wordpress settings.
|
# HTTP basic, twitter, facebook, google, wordpress and security settings.
|
||||||
twitter_key: ""
|
twitter_key: ""
|
||||||
twitter_secret: ""
|
twitter_secret: ""
|
||||||
facebook_key: ""
|
facebook_key: ""
|
||||||
@@ -127,6 +133,8 @@ production:
|
|||||||
managers_url: ""
|
managers_url: ""
|
||||||
managers_application_key: ""
|
managers_application_key: ""
|
||||||
multitenancy: false
|
multitenancy: false
|
||||||
|
security:
|
||||||
|
last_sign_in: false
|
||||||
tenants:
|
tenants:
|
||||||
# If you've enabled multitenancy, you can overwrite secrets for a
|
# If you've enabled multitenancy, you can overwrite secrets for a
|
||||||
# specific tenant with:
|
# specific tenant with:
|
||||||
@@ -135,7 +143,7 @@ production:
|
|||||||
# secret_key: my_secret_value
|
# secret_key: my_secret_value
|
||||||
#
|
#
|
||||||
# Currently you can overwrite SMTP, SMS, manager, microsoft API,
|
# Currently you can overwrite SMTP, SMS, manager, microsoft API,
|
||||||
# HTTP basic, twitter, facebook, google and wordpress settings.
|
# HTTP basic, twitter, facebook, google, wordpress and security settings.
|
||||||
twitter_key: ""
|
twitter_key: ""
|
||||||
twitter_secret: ""
|
twitter_secret: ""
|
||||||
facebook_key: ""
|
facebook_key: ""
|
||||||
|
|||||||
26
spec/components/account/sign_in_info_component_spec.rb
Normal file
26
spec/components/account/sign_in_info_component_spec.rb
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
require "rails_helper"
|
||||||
|
|
||||||
|
describe Account::SignInInfoComponent do
|
||||||
|
let(:account) { create(:user, last_sign_in_at: Date.current, last_sign_in_ip: "1.2.3.4") }
|
||||||
|
|
||||||
|
context "Security secret for render last sign in is enabled" do
|
||||||
|
it "shows a sign in info" do
|
||||||
|
allow(Rails.application).to receive(:secrets).and_return(ActiveSupport::OrderedOptions.new.merge(
|
||||||
|
security: { last_sign_in: true }
|
||||||
|
))
|
||||||
|
|
||||||
|
render_inline Account::SignInInfoComponent.new(account)
|
||||||
|
|
||||||
|
expect(page).to have_content "Last login:"
|
||||||
|
expect(page).to have_content "from IP"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "Security secret for render last sign in is disabled" do
|
||||||
|
it "does not show sign in info" do
|
||||||
|
render_inline Account::SignInInfoComponent.new(account)
|
||||||
|
|
||||||
|
expect(page).not_to be_rendered
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
Reference in New Issue
Block a user