Add device fingerprinting and new device detection

DeadKennedyx · Feb 3, 2024 · c2b4dbd · c2b4dbd
1 parent 599add4
commit c2b4dbd
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,8 +6,12 @@ All notable changes to the `UsualSuspect` gem will be documented in this file.
 
 - Additional security features and enhancements.
 
-## [0.1.0] - 2024-01-10
+## [1.0.0] - 2024-02-03
+### Added
+- Device Fingerprinting
+- New Device tracking
 
+## [0.1.0] - 2024-01-08
 ### Added
 
 - **Suspicious Password Change Detection**: Automatically monitors and logs instances where a password is changed shortly after logging in, helping to identify potential account hijacking.

diff --git a/lib/usual_suspect/sessions_controller_extension.rb b/lib/usual_suspect/sessions_controller_extension.rb
@@ -9,8 +9,9 @@ def track_usual_suspect_login
       location = Geocoder.search(user_ip).first
       session_token = generate_unique_session_token
       session[:usual_suspect_session_token] = session_token
+      device_info = params[:device_info] || {}
 
-      current_user.update_login(user_ip, location, session_token) if current_user
+      current_user.update_login(user_ip, location, session_token, device_info) if current_user
     end
 
     def generate_unique_session_token

diff --git a/lib/usual_suspect/tasks/templates/create_usual_suspect_events.rb.erb b/lib/usual_suspect/tasks/templates/create_usual_suspect_events.rb.erb
@@ -9,12 +9,14 @@ class CreateUsualSuspectEvents < ActiveRecord::Migration[6.0]
       t.boolean :using_vpn
       t.boolean :using_proxy
       t.boolean :using_tor
+      t.boolean :new_device
       t.string :sign_in_ip
       t.string :city
       t.string :country
       t.string :latitude
       t.string :longitude
       t.string :session_token
+      t.string :device_fingerprint
 
       t.index :session_token
 

diff --git a/lib/usual_suspect/user_extension.rb b/lib/usual_suspect/user_extension.rb
@@ -2,10 +2,13 @@ module UsualSuspect
   module UserExtension
     extend ActiveSupport::Concern
 
-    def update_login(ip, location, session_token)
+    def update_login(ip, location, session_token, device_info)
       event = UsualSuspectEvent.new(user: self, session_token: session_token)
       vpn_tor_proxy_usage = UsualSuspect::VpnChecker.check_vpn(ip)
 
+      fingerprint_string = device_info.values.join('|')
+      current_fingerprint = Digest::SHA256.hexdigest(fingerprint_string)
+
       event.assign_attributes(
         sign_in_at: Time.current,
         sign_in_ip: ip,
@@ -16,14 +19,16 @@ def update_login(ip, location, session_token)
         using_vpn: vpn_tor_proxy_usage['security']['vpn'],
         using_proxy: vpn_tor_proxy_usage['security']['proxy'],
         using_tor: vpn_tor_proxy_usage['security']['tor'],
+        device_fingerprint: current_fingerprint,
+        new_device: usual_suspect_events.none? { |event| event.device_fingerprint == current_fingerprint }
       )
+
 
       event.save
 
       check_geo_velocity(event)
     end
 
-
     def check_geo_velocity(current_event)
       last_event = UsualSuspectEvent.where(user: self).order(:sign_in_at).second_to_last