module EffectiveLogging class UserLogger def self.create_warden_hooks Warden::Manager.after_authentication do |user, warden, opts| if EffectiveLogging.user_logins_enabled && !EffectiveLogging.supressed? ::EffectiveLogger.success('user login', :user => user, :ip => warden.request.ip.presence, :referrer => warden.request.referrer, :user_agent => warden.request.user_agent ) end end Warden::Manager.after_set_user do |user, warden, opts| if EffectiveLogging.user_logins_enabled && !EffectiveLogging.supressed? if (opts[:event] == :set_user rescue false) # User has just reset their password and signed in ::EffectiveLogger.success('user login', :user => user, :ip => warden.request.ip.presence, :referrer => warden.request.referrer, :user_agent => warden.request.user_agent, :notes => 'after password reset' ) end end end Warden::Manager.before_logout do |user, warden, opts| if EffectiveLogging.user_logouts_enabled && !EffectiveLogging.supressed? if user.respond_to?(:timedout?) && user.respond_to?(:timeout_in) scope = opts[:scope] last_request_at = (warden.request.session["warden.#{scope}.#{scope}.session"]['last_request_at'] rescue Time.zone.now) # As per Devise if last_request_at.is_a? Integer last_request_at = Time.at(last_request_at).utc elsif last_request_at.is_a? String last_request_at = Time.parse(last_request_at) end if user.timedout?(last_request_at) && !warden.request.env['devise.skip_timeout'] ::EffectiveLogger.success('user logout', :user => user, :timedout => true) else ::EffectiveLogger.success('user logout', :user => user) end else # User does not respond to timedout ::EffectiveLogger.success('user logout', :user => user) end end end end end end