Collect device_id from arkose payload (!119235) · Merge requests · GitLab.org / GitLab

Jay requested to merge jswain_add_device_id_from_arkose_payload into master May 01, 2023

What does this MR do and why?

Collect device_id from arkose payload

part of: https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/350

How to set up and validate locally

Enable hard email confirmation
Enable Identity verification and arkose API access. API keys can be found in 1Password under "ArkoseLabs API keys". You will need to use the production keys, as the feature is not accessible on dev keys at the moment (slack discussion).

$ rails console
> Feature.enable(:identity_verification)
> Feature.enable(:arkose_labs_signup_challenge)
> ApplicationSetting.first.update({ arkose_labs_public_api_key: '****', arkose_labs_private_api_key: '****', arkose_labs_namespace: 'client' })

Register as a new user
Confirm user has a arkose_device_id custom attribute: User.last.custom_attributes.where(key: 'arkose_device_id')
Remove prod keys from your system: ApplicationSetting.first.update({ arkose_labs_public_api_key: 'bob', arkose_labs_private_api_key: 'marley') })

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited May 04, 2023 by Jay

Collect device_id from arkose payload

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports