/
handles_devices.rb
71 lines (57 loc) · 2.26 KB
/
handles_devices.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
module ApplicationController::HandlesDevices
extend ActiveSupport::Concern
included do
before_action :user_device_log
end
def user_device_log(user = current_user, type = 'session')
switched_from_user_id = ENV['SWITCHED_FROM_USER_ID'] || session[:switched_from_user_id]
return true if %w[init mobile].include?(params[:controller]) # do no device logging on static initial page
return true if switched_from_user_id
return true if current_user_on_behalf # do no device logging for the user on behalf feature
return true if !user
return true if !policy(UserDevice).log?
return true if type == 'SSO'
time_to_check = true
user_device_updated_at = session[:user_device_updated_at]
if ENV['USER_DEVICE_UPDATED_AT']
user_device_updated_at = Time.zone.parse(ENV['USER_DEVICE_UPDATED_AT'])
end
if user_device_updated_at
# check if entry exists / only if write action
diff = 10.minutes.ago
if %w[GET OPTIONS HEAD].include?(request.method)
diff = 30.minutes.ago
end
# only update if needed
if user_device_updated_at > diff
time_to_check = false
end
end
# if ip has not changed and ttl in still valid
remote_ip = ENV['TEST_REMOTE_IP'] || request.remote_ip
return true if time_to_check == false && session[:user_device_remote_ip] == remote_ip
session[:user_device_remote_ip] = remote_ip
# for sessions we need the fingperprint
if type == 'session'
fingerprint = params[:fingerprint] || request.headers['X-Browser-Fingerprint']
if !session[:user_device_updated_at] && !fingerprint && !session[:user_device_fingerprint]
raise Exceptions::UnprocessableEntity, __('Need fingerprint param!')
end
if fingerprint
UserDevice.fingerprint_validation(fingerprint)
session[:user_device_fingerprint] = fingerprint
end
end
session[:user_device_updated_at] = Time.zone.now
# add device if needed
http_user_agent = ENV['HTTP_USER_AGENT'] || request.env['HTTP_USER_AGENT']
UserDeviceLogJob.perform_later(
http_user_agent,
remote_ip,
user.id,
session[:user_device_fingerprint],
type,
)
end
end