Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Rails Against the Machine | Rubyconf MY 2018

Rails Against the Machine | Rubyconf MY 2018

What should a development team do when a few bad users threaten their application? Online businesses are plagued with trolls, swindlers and con artists. In this talk, learn how your team can leverage features from RoR and Amazon Web Services to monitor and (secretly) segment bad actors using automation and behavioral triggers. If you work on a site with valuable users worth protecting, this talk is for you.

Brittany Martin

October 25, 2018
Tweet

More Decks by Brittany Martin

Other Decks in Technology

Transcript

  1. Lead Web Developer @ Pittsburgh Cultural Trust ARTS E- COMMERCE

    TEN BRANDED PATHS FESTIVAL GUIDES ALL LOVINGLY BUILT WITH RUBY @brittjmartin
  2. class Reseller SAFE_STATES = %w(PA OH WV) RESELLER_CONSTITUENCY = 0

    def reseller_tri_state_check(session_key) state = Address.find_billing_address(session_key).state !SAFE_STATES.include?(state) end def reseller_constituency_check(session_key, id) Rails.cache.fetch("reseller_#{session_key}", expires_in: 30.minutes) do response = TessituraRest.new.get_constituencies(id) constituency = response.map{|c| c['ConstituencyType']['Id']} constituency.include? RESELLER_CONSTITUENCY end end end
  3. class Reseller SAFE_STATES = %w(PA OH WV) RESELLER_CONSTITUENCY = 0

    def reseller_tri_state_check(session_key) state = Address.find_billing_address(session_key).state !SAFE_STATES.include?(state) end def reseller_constituency_check(session_key, id) Rails.cache.fetch("reseller_#{session_key}", expires_in: 30.minutes) do response = TessituraRest.new.get_constituencies(id) constituency = response.map{|c| c['ConstituencyType']['Id']} constituency.include? RESELLER_CONSTITUENCY end end end
  4. def authenticate_the_user authenticate_credentials do |result| result.success { remember_current_user reseller_cookie register_new_reseller

    head :ok } result.fail { error_message = 'The username or password entered is invalid. Please try again.' head :bad_request, :ErrorMsg => error_message } end end
  5. class CatchNewResellerWorker include Sidekiq::Worker RESELLER_CONSTITUENCY = 223 def perform(hash) id

    = hash[‘id’] response = TessituraRest.new.create_constituencies(RESELLER_CONSTITUENCY, id) ResellerAlertWorker.perform_async(id: id) end end
  6. class ResellerAlertWorker include Sidekiq::Worker def perform(hash={}) notification = { 'username':

    'resellerbot', 'icon_emoji': ':skull:', 'fields': [ { 'title': 'Id', 'value': "#{hash['id']}" }, { 'title': 'Alert', 'value': 'Another reseller has been located and tagged!' } ] } RESELLER.ping notification end end slack- notifier.
  7. class Reseller SAFE_STATES = %w(PA OH WV) RESELLER_CONSTITUENCY = 0

    def reseller_tri_state_check(session_key) state = Address.find_billing_address(session_key).state !SAFE_STATES.include?(state) end def reseller_constituency_check(session_key, id) Rails.cache.fetch("reseller_#{session_key}", expires_in: 30.minutes) do response = TessituraRest.new.get_constituencies(id) constituency = response.map{|c| c['ConstituencyType']['Id']} constituency.include? RESELLER_CONSTITUENCY end end end