Ruby SDK for user monitoring


Sqreen protects your application users against major threats, such as account takeover, password bruteforce, suspicious activities coming from TOR or unusual VPN.

Sqreen supports Devise framework, out of the box, for automatic User Context. If you're using Devise, you don't need to change anything, granted you've selected the automatic mode in your application settings.

Advanced User Context allows you to set up user monitoring in your application with flexibility and powerful additional features. You will need to integrate Sqreen SDK in your application (< 10 minutes).

User monitoring SDK

Two lines of code are enough to track your users activities with Sqreen.

Here's a full implementation example:

require 'sqreen'

class SessionsController < ApplicationController
  def create
    user = login(params[:email], params[:password])
    Sqreen.auth_track(!user.nil?, email: params[:email])
    # ....
  end
end

class UsersController < ApplicationController
  def create
    user_params = params.require(:user)
    user = User.create!(user_params)
    Sqreen.signup_track(email: user_params[:email])
    # ....
  end
end

Login tracking

Sqreen.auth_track is the SDK method to call on user login activity.

require 'sqreen'
Sqreen.auth_track(is_login_successful, email: user.email)

The auth_track function accepts two positional arguments:

def auth_track(success, user_identifiers)
  1. The first argument is a boolean indicating if the login attempt was successful or not (True or False).

  2. The second argument is a Hash with your user identification information. They will be used on Sqreen's user interface to help you identify which users are at risk, or which are attacking your application. The hash keys and values should only be strings.

Sqreen integration at signup and login

You should not call Sqreen.auth_track each time you check a user session in your application.

Signup tracking

Sqreen.signup_track is the SDK method to call when creating a new user account, basically at signup.

require 'sqreen'
Sqreen.signup_track(email: user.email)

The signup_track function accepts a single argument:

def signup_track(user_identifiers)

user_identifiers is a Hash representing your identification information. They will be used on Sqreen's user interface to help you identify which users are at risk, or which are attacking your application. The hash keys and values should only be strings.

User identification

If your users can be identified with a single value (email, nickname...), you can send proceed that way:

Sqreen.auth_track(true, email: user.email)

User monitoring and PII

If you're concerned about sending sensitive data to us and not leaking any Personally Identifying Information (PII), visit this blogpost to learn some best practices around user tracking.

If your users are identified with a composite primary key (multiple values), all of them should be sent in order to identify them accurately on Sqreen's user interface.

For example, if you are are operating a whitelabel platform and your users are identified by their email and the shop id, you can send these identifiers like this:

Sqreen.auth_track(true, email: user.email, platform_id: platform.id)

This also apply to the signup_track function.

Sqreen SDK only accepts user identifiers

Don't send any other information (like the auth failure reason). Sqreen will consider them as part of the user identifier, and will not be able to merge successful and failed authentications.

Primary key

Sqreen will try to determine a primary key amongst the keys you provided. The following keywords will be used to determine the user primary identification key: email, mail, e-mail, username, login.

If none of those key are found, we will use the first in alphabetic order.

If multiple keys are found, we'll use the first in the sequence mentioned above.