mirror of
https://github.com/Bubka/2FAuth.git
synced 2024-11-22 00:03:09 +01:00
Add logs
This commit is contained in:
parent
9e899aab53
commit
5db549fe5e
@ -39,7 +39,7 @@ IS_DEMO_APP=false
|
||||
|
||||
|
||||
# The log channel defines where your log entries go to.
|
||||
# 'daily' is the default logging mode giving you 5 daily rotated log files in /storage/logs/.
|
||||
# 'daily' is the default logging mode giving you 7 daily rotated log files in /storage/logs/.
|
||||
# Several other options exist. You can use 'single' for one big fat error log (not recommended).
|
||||
# Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself.
|
||||
|
||||
|
@ -7,6 +7,7 @@
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Storage;
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class FixUnsplittedAccounts extends Command
|
||||
{
|
||||
|
@ -3,6 +3,7 @@
|
||||
namespace App;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class Group extends Model
|
||||
{
|
||||
@ -56,6 +57,10 @@ protected static function boot()
|
||||
['group_id' => NULL]
|
||||
);
|
||||
});
|
||||
|
||||
static::deleted(function ($model) {
|
||||
Log::info(sprintf('Group %s deleted', var_export($model->name, true)));
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
|
@ -4,6 +4,7 @@
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Response;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class AvoidPasswordResetInDemo
|
||||
{
|
||||
@ -18,7 +19,9 @@ public function handle($request, Closure $next)
|
||||
{
|
||||
|
||||
if( config('2fauth.config.isDemoApp') ) {
|
||||
return response()->json(['requestFailed' => __('auth.forms.no_reset_password_in_demo')], Response::HTTP_UNAUTHORIZED);
|
||||
Log::notice('Cannot request a password reset in Demo mode');
|
||||
|
||||
return response()->json(['message' => __('auth.forms.no_reset_password_in_demo')], Response::HTTP_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
|
@ -7,6 +7,7 @@
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Http\Response;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class LogoutInactiveUser
|
||||
{
|
||||
@ -50,6 +51,8 @@ public function handle($request, Closure $next)
|
||||
$accessToken->revoke();
|
||||
}
|
||||
// @codeCoverageIgnoreEnd
|
||||
|
||||
Log::notice('Inactive user detected, access token revoked');
|
||||
|
||||
return response()->json(['message' => 'unauthorised'], Response::HTTP_UNAUTHORIZED);
|
||||
}
|
||||
|
@ -4,6 +4,7 @@
|
||||
|
||||
use Illuminate\Support\Collection;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class AppstractOptionsService implements SettingServiceInterface
|
||||
{
|
||||
@ -47,6 +48,10 @@ public function set($setting, $value = null) : void
|
||||
}
|
||||
|
||||
option($settings);
|
||||
|
||||
foreach ($settings as $setting => $value) {
|
||||
Log::info(sprintf('Setting %s is now %s', var_export($setting, true), var_export($this->restoreType($value), true)));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -56,6 +61,8 @@ public function set($setting, $value = null) : void
|
||||
public function delete(string $name) : void
|
||||
{
|
||||
option()->remove($name);
|
||||
|
||||
Log::info(sprintf('Setting %s deleted', var_export($name, true)));
|
||||
}
|
||||
|
||||
|
||||
|
@ -4,12 +4,11 @@
|
||||
|
||||
use Throwable;
|
||||
use Exception;
|
||||
use App\TwoFAccount;
|
||||
use App\Exceptions\DbEncryptionException;
|
||||
use App\Services\SettingServiceInterface;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Crypt;
|
||||
use Illuminate\Support\Collection;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class DbEncryptionService
|
||||
{
|
||||
@ -44,8 +43,14 @@ public function setTo(bool $state) : void
|
||||
if ($isInUse === !$state) {
|
||||
if ($this->updateRecords($state)) {
|
||||
$this->settingService->set('useEncryption', $state);
|
||||
|
||||
if ($state) {
|
||||
Log::notice('Sensible data are now encrypted');
|
||||
}
|
||||
else Log::notice('Sensible data are now decrypted');
|
||||
}
|
||||
else {
|
||||
Log::warning('Some data cannot be encrypted/decrypted, the useEncryption setting remain unchanged');
|
||||
throw new DbEncryptionException($state === true ? __('errors.error_during_encryption') : __('errors.error_during_decryption'));
|
||||
}
|
||||
}
|
||||
@ -69,7 +74,7 @@ private function updateRecords(bool $encrypted) : bool
|
||||
$item->account = $encrypted ? Crypt::encryptString($item->account) : Crypt::decryptString($item->account);
|
||||
$item->secret = $encrypted ? Crypt::encryptString($item->secret) : Crypt::decryptString($item->secret);
|
||||
}
|
||||
catch (Exception $e) {
|
||||
catch (Exception $ex) {
|
||||
$success = false;
|
||||
// Exit the each iteration
|
||||
return false;
|
||||
@ -97,9 +102,8 @@ private function updateRecords(bool $encrypted) : bool
|
||||
}
|
||||
// @codeCoverageIgnoreStart
|
||||
// Dont now how to fake that :(
|
||||
catch (Throwable $e) {
|
||||
catch (Throwable $ex) {
|
||||
DB::rollBack();
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
@ -6,6 +6,7 @@
|
||||
use App\TwoFAccount;
|
||||
use App\Services\SettingServiceInterface;
|
||||
use Illuminate\Database\Eloquent\Collection;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class GroupService
|
||||
{
|
||||
@ -68,6 +69,8 @@ public function create(array $data) : Group
|
||||
|
||||
$group->save();
|
||||
|
||||
Log::info(sprintf('Group %s created', var_export($group->name, true)));
|
||||
|
||||
return $group;
|
||||
}
|
||||
|
||||
@ -85,6 +88,8 @@ public function update(Group $group, array $data) : Group
|
||||
'name' => $data['name'],
|
||||
]);
|
||||
|
||||
Log::info(sprintf('Group %s updated', var_export($group->name, true)));
|
||||
|
||||
return $group;
|
||||
}
|
||||
|
||||
@ -118,6 +123,8 @@ public function delete($ids) : int
|
||||
|
||||
$deleted = Group::destroy($ids);
|
||||
|
||||
Log::info(sprintf('Groups #%s deleted', implode(',#', $ids)));
|
||||
|
||||
return $deleted;
|
||||
}
|
||||
|
||||
@ -144,7 +151,10 @@ public function assign($ids, Group $group = null) : void
|
||||
$twofaccounts = TwoFAccount::find($ids);
|
||||
|
||||
$group->twofaccounts()->saveMany($twofaccounts);
|
||||
|
||||
Log::info(sprintf('Twofaccounts #%s assigned to groups %s', implode(',#', $ids), var_export($group->name, true)));
|
||||
}
|
||||
else Log::info('Cannot find a group to assign the TwoFAccounts to');
|
||||
}
|
||||
|
||||
|
||||
|
@ -5,6 +5,7 @@
|
||||
use App\TwoFAccount;
|
||||
use Zxing\QrReader;
|
||||
use Illuminate\Support\Facades\Storage;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
use chillerlan\QRCode\{QRCode, QROptions};
|
||||
|
||||
class QrCodeService
|
||||
@ -36,6 +37,8 @@ public function encode(string $data)
|
||||
|
||||
$qrcode = new QRCode($options);
|
||||
|
||||
Log::info('data encoded to QR code');
|
||||
|
||||
return $qrcode->render($data);
|
||||
}
|
||||
|
||||
@ -53,6 +56,8 @@ public function decode(\Illuminate\Http\UploadedFile $file)
|
||||
if(!$data) {
|
||||
throw new \App\Exceptions\InvalidQrCodeException;
|
||||
}
|
||||
|
||||
Log::info('QR code decoded');
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
@ -14,6 +14,7 @@
|
||||
use Illuminate\Support\Str;
|
||||
use Illuminate\Support\Arr;
|
||||
use Illuminate\Support\Facades\Storage;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
use Illuminate\Validation\ValidationException;
|
||||
|
||||
class TwoFAccountService
|
||||
@ -59,7 +60,11 @@ public function createFromUri(string $uri, bool $saveToDB = true ) : TwoFAccount
|
||||
$twofaccount->legacy_uri = $uri;
|
||||
$this->fillWithToken($twofaccount);
|
||||
|
||||
if ( $saveToDB ) $twofaccount->save();
|
||||
if ( $saveToDB ) {
|
||||
$twofaccount->save();
|
||||
|
||||
Log::info(sprintf('TwoFAccount #%d created (from URI)', $twofaccount->id));
|
||||
}
|
||||
|
||||
return $twofaccount;
|
||||
}
|
||||
@ -84,7 +89,11 @@ public function createFromParameters(array $data, bool $saveToDB = true) : TwoFA
|
||||
$twofaccount->icon = Arr::get($data, 'icon', null);
|
||||
$this->fillWithToken($twofaccount);
|
||||
|
||||
if ( $saveToDB ) $twofaccount->save();
|
||||
if ( $saveToDB ) {
|
||||
$twofaccount->save();
|
||||
|
||||
Log::info(sprintf('TwoFAccount #%d created (from parameters)', $twofaccount->id));
|
||||
}
|
||||
|
||||
return $twofaccount;
|
||||
}
|
||||
@ -107,6 +116,8 @@ public function update(TwoFAccount $twofaccount, array $data) : TwoFAccount
|
||||
$twofaccount->icon = Arr::get($data, 'icon', null);
|
||||
$twofaccount->save();
|
||||
|
||||
Log::info(sprintf('TwoFAccount #%d updated', $twofaccount->id));
|
||||
|
||||
return $twofaccount;
|
||||
}
|
||||
|
||||
@ -128,6 +139,8 @@ public function getOTP($data) : OtpDto
|
||||
|
||||
// Early exit if the model returned an undecipherable secret
|
||||
if (strtolower($this->token->getSecret()) === __('errors.indecipherable')) {
|
||||
Log::error('Secret cannot be deciphered, OTP generation aborted');
|
||||
|
||||
throw new UndecipherableException();
|
||||
}
|
||||
|
||||
@ -154,6 +167,8 @@ public function getOTP($data) : OtpDto
|
||||
throw new InvalidSecretException($ex->getMessage());
|
||||
}
|
||||
|
||||
Log::info(sprintf('New %s generated', $OtpDto->otp_type));
|
||||
|
||||
return $OtpDto;
|
||||
}
|
||||
|
||||
@ -190,7 +205,10 @@ public function withdraw($ids) : void
|
||||
->update(
|
||||
['group_id' => NULL]
|
||||
);
|
||||
|
||||
Log::info(sprintf('TwoFAccounts #%s withdrawn', implode(',#', $ids)));
|
||||
}
|
||||
else Log::info('No TwoFAccount to withdraw');
|
||||
}
|
||||
|
||||
|
||||
@ -321,7 +339,7 @@ private function initTokenWithUri(string $uri) : void
|
||||
try {
|
||||
$this->token = Factory::loadFromProvisioningUri($uri);
|
||||
}
|
||||
catch (\Assert\AssertionFailedException|\Assert\InvalidArgumentException|\Exception|\Throwable $e) {
|
||||
catch (\Assert\AssertionFailedException|\Assert\InvalidArgumentException|\Exception|\Throwable $ex) {
|
||||
throw ValidationException::withMessages([
|
||||
'uri' => __('validation.custom.uri.regex', ['attribute' => 'uri'])
|
||||
]);
|
||||
@ -330,6 +348,8 @@ private function initTokenWithUri(string $uri) : void
|
||||
// As loadFromProvisioningUri() accept URI without label (nor account nor service) we check
|
||||
// that the account is set
|
||||
if ( ! $this->token->getLabel() ) {
|
||||
Log::error('URI passed to initTokenWithUri() must contain a label');
|
||||
|
||||
throw ValidationException::withMessages([
|
||||
'label' => __('validation.custom.label.required')
|
||||
]);
|
||||
@ -347,6 +367,8 @@ private function initTokenWithParameters(TwoFAccountDto $dto) : void
|
||||
{
|
||||
// Check OTP type again to ensure the upcoming OTPHP instanciation
|
||||
if ( ! in_array($dto->otp_type, $this->supportedOtpTypes, true) ) {
|
||||
Log::error(sprintf('%s is not an OTP type supported by the current token', $dto->otp_type));
|
||||
|
||||
throw ValidationException::withMessages([
|
||||
'otp_type' => __('validation.custom.otp_type.in', ['attribute' => 'otp type'])
|
||||
]);
|
||||
@ -431,6 +453,8 @@ private function storeTokenImageAsIcon()
|
||||
{
|
||||
// Should be a valid image
|
||||
Storage::move($imageFile, $iconFile);
|
||||
|
||||
Log::info(sprintf('Icon file %s stored', $newFilename));
|
||||
}
|
||||
else {
|
||||
Storage::delete($imageFile);
|
||||
|
@ -9,6 +9,7 @@
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use Illuminate\Support\Facades\Storage;
|
||||
use Illuminate\Support\Facades\Crypt;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class TwoFAccount extends Model implements Sortable
|
||||
{
|
||||
@ -66,6 +67,7 @@ protected static function boot()
|
||||
parent::boot();
|
||||
|
||||
static::deleted(function ($model) {
|
||||
Log::info(sprintf('TwoFAccount #%d deleted', $model->id));
|
||||
Storage::delete('public/icons/' . $model->icon);
|
||||
});
|
||||
}
|
||||
@ -193,7 +195,7 @@ private function decryptOrReturn($value)
|
||||
try {
|
||||
return Crypt::decryptString($value);
|
||||
}
|
||||
catch (Exception $e) {
|
||||
catch (Exception $ex) {
|
||||
return __('errors.indecipherable');
|
||||
}
|
||||
}
|
||||
|
@ -7,6 +7,7 @@
|
||||
use Illuminate\Contracts\Auth\MustVerifyEmail;
|
||||
use Illuminate\Foundation\Auth\User as Authenticatable;
|
||||
use Laravel\Passport\HasApiTokens;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class User extends Authenticatable
|
||||
{
|
||||
@ -48,6 +49,8 @@ class User extends Authenticatable
|
||||
public function sendPasswordResetNotification($token)
|
||||
{
|
||||
$this->notify(new ResetPassword($token));
|
||||
|
||||
Log::info('Password reset token sent');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -50,7 +50,7 @@
|
||||
'driver' => 'daily',
|
||||
'path' => storage_path('logs/laravel.log'),
|
||||
'level' => 'debug',
|
||||
'days' => 14,
|
||||
'days' => 7,
|
||||
],
|
||||
|
||||
'slack' => [
|
||||
|
@ -5,6 +5,7 @@
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
use Illuminate\Support\Facades\Crypt;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class SplitTwofaccountsUriInMultipleColumns extends Migration
|
||||
{
|
||||
@ -50,7 +51,7 @@ public function up()
|
||||
}
|
||||
catch(Exception $ex)
|
||||
{
|
||||
// We leave the record as is
|
||||
Log::error($ex->getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user