Skip to content

Commit

Permalink
Change the way how login tracking is disabled for Rememberable strategy
Browse files Browse the repository at this point in the history 
When logging in via devise Rememberable strategy, we disable login
tracking by setting @_datadog_skip_track_login_event and checking for it
in patched Authenticatable#validate
  • Loading branch information
@y9v
y9v committed Sep 13, 2024
1 parent f2fe86a commit 8e60850
Show file tree
Hide file tree
Showing 4 changed files with 4 additions and 4 deletions.
1 change: 0 additions & 1 deletion lib/datadog/appsec/contrib/devise/patcher.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ def patch
end

def patch_authenticatable_strategy
::Devise::Strategies::Authenticatable.alias_method(:__validate_datadog_authenticatable, :validate)
::Devise::Strategies::Authenticatable.prepend(AuthenticatablePatch)
end

Expand Down
1 change: 1 addition & 0 deletions lib/datadog/appsec/contrib/devise/patcher/authenticatable_patch.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ module AuthenticatablePatch
def validate(resource, &block)
result = super
return result unless AppSec.enabled?
return result if @_datadog_skip_track_login_event

track_user_events_configuration = Datadog.configuration.appsec.track_user_events

Expand Down
4 changes: 3 additions & 1 deletion lib/datadog/appsec/contrib/devise/patcher/rememberable_patch.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,9 @@ module Patcher
# Rememberable strategy as Login Success events.
module RememberablePatch
def validate(*args)
__validate_datadog_authenticatable(*args)
@_datadog_skip_track_login_event = true

super
end
end
end
Expand Down
2 changes: 0 additions & 2 deletions spec/datadog/appsec/contrib/devise/patcher/authenticatable_patch_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,8 +90,6 @@ def validate(resource, &block)
@result
end

alias_method :__validate_datadog_authenticatable, :validate

prepend Datadog::AppSec::Contrib::Devise::Patcher::AuthenticatablePatch
prepend Datadog::AppSec::Contrib::Devise::Patcher::RememberablePatch

Expand Down

0 comments on commit 8e60850

Please sign in to comment.