Implement banning IP addresses
- Adds the
IpBlock
database table - Makes the
ApplicationController#preflight
method check theIpBlock
table for the current IP address, rendering an error page if there's a hit - Makes authentication controllers store the IP address + browser user agent on the session token's
extra_data
field when logging in - Adds the
User#ip_ban_from_tokens!
method, which createsIpBlock
entries for each of the user's session tokens (if the session token contains an IP address in theextra_data
field) - Adds a checkbox to the user deletion section of
SystemUserDisableController
to call theUser#ip_ban_from_tokens!
method before deleting the user