{"_id":"5605d2eda4574a0d00811346","user":"55db8f7cade8080d00c73818","githubsync":"","parentDoc":null,"category":{"_id":"560b22739c7be70d00100bd8","pages":["560b229caf40a70d003df309","56bcb2cf9afb8b0d00d62df6"],"project":"55db8f8f1a91690d007ad975","version":"55db8f901a91690d007ad978","__v":2,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-09-29T23:44:51.456Z","from_sync":false,"order":6,"slug":"advanced-configurations","title":"Advanced configurations"},"version":{"_id":"55db8f901a91690d007ad978","project":"55db8f8f1a91690d007ad975","__v":17,"createdAt":"2015-08-24T21:41:36.034Z","releaseDate":"2015-08-24T21:41:36.034Z","categories":["55db8f901a91690d007ad979","55db9856b3d6540d00886426","55dc751b00a8811900c230e3","55dc766255be9f21004ee250","55dc769200a8811900c230ed","55e4c701177b6e0d003330fa","55f4915caf0bc71900a53130","55f491b2be9c2b2100f0635d","560b22739c7be70d00100bd8","57488c53e8c6a420000b729c","574cefd95953e20e00f40f9f","5798edfd7700d30e00ad250c","579ac88234b5fd0e00b9e140","57c81c6d690c200e0047b72e","57d9b8fbda17c30e003897f1","57d9b90e608ea00e00f358d8","57d9b91cda17c30e003897f4"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"__v":8,"project":"55db8f8f1a91690d007ad975","updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-09-25T23:04:13.883Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":3,"body":"IMMUNIO agents provide APIs to tell the agent about request information when the agent is unable to determine the information itself.\n\n## Authentication API\nAuthentication data is used to analyze requests for [Bruteforce](doc:bruteforce) and [Session Farming](doc:session-farming-1) attacks. IMMUNIO automatically picks out authentication data from requests for the most popular Rails authentication frameworks: [Devise](https://github.com/plataformatec/devise) and [Authlogic](https://github.com/binarylogic/authlogic).\n\nIf your app is not using one of the frameworks with built-in support, it will need to manually inform the IMMUNIO agent when authentication-related activity occurs:\n\n* After a successful login: `Immunio.login`\n* After a failed login: `Immunio.failed_login`\n* After a user logs out: `Immunio.logout`\n* After the user for the request has been determined: `Immunio.set_user`\n* After a user requests a password reset: `Immunio.password_reset`\n* After a failed request for resetting a password: `Immunio.failed_password_reset`\n\n**Note:** `Immunio.set_user` should be called for every request performed by a logged in user, not just when users log in or log out.\n\nThese methods take an options hash with at least one of the following pieces of data:\n\n* `user_id`: String or Number\n* `username`: String\n* `email`: String\n\nAs an alternative to providing the `user_id`, `username`, and `email` directly, an ActiveRecord object for the user may be provided as the value for the `user_record` key.\n\nHere's an example integration:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"class ApplicationController\\n  def current_user=(user)\\n    Immunio.set_user user_record: user\\n    # ...\\n  end\\nend\\n\\nclass SessionsController < ApplicationController\\n  # POST /session\\n  def create\\n    if user = User.authenticate(params[:user])\\n      Immunio.login user_record: user\\n      self.current_user = user\\n      # ...\\n    else\\n      Immunio.failed_login username: params[:user]\\n      # ...\\n    end\\n  end\\n\\n  # DELETE /session\\n  def destroy\\n    Immunio.logout user_record: current_user\\n    # ...\\n  end\\nend\",\n      \"language\": \"ruby\"\n    }\n  ]\n}\n[/block]","excerpt":"","slug":"ruby-agent-api","type":"basic","title":"Ruby Agent API"}
IMMUNIO agents provide APIs to tell the agent about request information when the agent is unable to determine the information itself. ## Authentication API Authentication data is used to analyze requests for [Bruteforce](doc:bruteforce) and [Session Farming](doc:session-farming-1) attacks. IMMUNIO automatically picks out authentication data from requests for the most popular Rails authentication frameworks: [Devise](https://github.com/plataformatec/devise) and [Authlogic](https://github.com/binarylogic/authlogic). If your app is not using one of the frameworks with built-in support, it will need to manually inform the IMMUNIO agent when authentication-related activity occurs: * After a successful login: `Immunio.login` * After a failed login: `Immunio.failed_login` * After a user logs out: `Immunio.logout` * After the user for the request has been determined: `Immunio.set_user` * After a user requests a password reset: `Immunio.password_reset` * After a failed request for resetting a password: `Immunio.failed_password_reset` **Note:** `Immunio.set_user` should be called for every request performed by a logged in user, not just when users log in or log out. These methods take an options hash with at least one of the following pieces of data: * `user_id`: String or Number * `username`: String * `email`: String As an alternative to providing the `user_id`, `username`, and `email` directly, an ActiveRecord object for the user may be provided as the value for the `user_record` key. Here's an example integration: [block:code] { "codes": [ { "code": "class ApplicationController\n def current_user=(user)\n Immunio.set_user user_record: user\n # ...\n end\nend\n\nclass SessionsController < ApplicationController\n # POST /session\n def create\n if user = User.authenticate(params[:user])\n Immunio.login user_record: user\n self.current_user = user\n # ...\n else\n Immunio.failed_login username: params[:user]\n # ...\n end\n end\n\n # DELETE /session\n def destroy\n Immunio.logout user_record: current_user\n # ...\n end\nend", "language": "ruby" } ] } [/block]