Skip to content

Instantly share code, notes, and snippets.

View brissmyr's full-sized avatar

Johan Brissmyr brissmyr

38 followers · 41 following
View GitHub Profile
@brissmyr
brissmyr / risk.rb
Last active June 21, 2021 19:40
require 'net/http'
require 'uri'
require 'json'
api_secret = {you_api_secret}
token = request.params['castle_request_token']
sanitized_headers = {}
headers.each_with_object({}) do |(name, value), acc|
@brissmyr
brissmyr / inject-request-token.html
Last active June 3, 2021 17:11
<script>
var form = document.getElementById('new_user')
form.onsubmit = function(e) {
e.preventDefault();
_castle('createRequestToken').then(function(requestToken) {
// Populate a hidden field called `castle_request_token` with the
// request token
var hiddenInput = document.createElement('input');
@brissmyr
brissmyr / application_controller.rb
Last active February 15, 2018 22:22
require 'castle/support/rails'
class ApplicationController < ActionController::Base
before_action do
next unless request.path == '/users/sign_in'
email = request.params['user']['email']
password = request.params['user']['password']
@brissmyr
brissmyr / warden.rb
Last active January 24, 2018 17:53
Tracking Castle login events through Warden hooks
# In Rails you would but this is in config/initializers/castle.rb
# Track $login.succeeded
Warden::Manager.after_set_user :except => :fetch do |user, warden, opts|
next unless opts[:scope] == :user # exclude e.g. admin users
castle = Castle::Client.from_request(warden.request)
begin
castle.track(
@brissmyr
brissmyr / devise_failed_login.rb
Created December 11, 2017 20:35
Tracking failed logins with Devise
# routes.rb
Rails.application.routes.draw do
devise_for :users, controllers: { sessions: 'sessions' }
end
# sessions_controller.rb
class SessionsController < Devise::SessionsController
protected
def auth_options
@brissmyr
brissmyr / humble.md
Last active September 30, 2016 00:09

Minimum Castle Integration

Frontend tracking

The Castle JavaScript, Castle.js, automatically captures device properties, location data and browsing habits, and then sets a tracking cookie to be read out during the backend tracking. This lets our risk engine correlate data between client and server to ensure consistency.

There are two ways of integrating Castle.js on your site. You either pull it from our CDN, or if you prefer serving it from your host then fetch it from npm.

Backend tracking

@brissmyr
brissmyr / customers.json
Created June 16, 2016 12:09
[
{
"name": "Raphael Bryant",
"email": "libero@egetdictumplacerat.ca",
"company": "Ridiculus Mus Corp.",
"id": "93EC3B4E-2B6B-88E2-2AD3-441E4E16AF6E",
"score": 16
},
{
"name": "Jennifer Levine",