extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2024-11-22 08:13:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add logs

Browse Source
This commit is contained in:
Bubka 2021-10-15 23:46:21 +02:00
parent 9e899aab53
commit 5db549fe5e
14 changed files with 81 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env.example
View File

@ -39,7 +39,7 @@ IS_DEMO_APP=false
# The log channel defines where your log entries go to.
# 'daily' is the default logging mode giving you 5 daily rotated log files in /storage/logs/.
# 'daily' is the default logging mode giving you 7 daily rotated log files in /storage/logs/.
# Several other options exist. You can use 'single' for one big fat error log (not recommended).
# Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself.

1
app/Console/Commands/Maintenance/FixUnsplittedAccounts.php
View File

@ -7,6 +7,7 @@
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Storage;
use Illuminate\Support\Facades\Schema;
use Illuminate\Support\Facades\Log;
class FixUnsplittedAccounts extends Command
{

5
app/Group.php
View File

@ -3,6 +3,7 @@
namespace App;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Facades\Log;
class Group extends Model
{
@ -56,6 +57,10 @@ protected static function boot()
['group_id' => NULL]
);
});
static::deleted(function ($model) {
Log::info(sprintf('Group %s deleted', var_export($model->name, true)));
});
}

5
app/Http/Middleware/AvoidPasswordResetInDemo.php
View File

@ -4,6 +4,7 @@
use Closure;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Log;
class AvoidPasswordResetInDemo
{
@ -18,7 +19,9 @@ public function handle($request, Closure $next)
{
if( config('2fauth.config.isDemoApp') ) {
return response()->json(['requestFailed' => __('auth.forms.no_reset_password_in_demo')], Response::HTTP_UNAUTHORIZED);
Log::notice('Cannot request a password reset in Demo mode');
return response()->json(['message' => __('auth.forms.no_reset_password_in_demo')], Response::HTTP_UNAUTHORIZED);
}
return $next($request);

3
app/Http/Middleware/LogoutInactiveUser.php
View File

@ -7,6 +7,7 @@
use Carbon\Carbon;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class LogoutInactiveUser
{
@ -50,6 +51,8 @@ public function handle($request, Closure $next)
$accessToken->revoke();
}
// @codeCoverageIgnoreEnd
Log::notice('Inactive user detected, access token revoked');
return response()->json(['message' => 'unauthorised'], Response::HTTP_UNAUTHORIZED);
}

7
app/Services/AppstractOptionsService.php
View File

@ -4,6 +4,7 @@
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Log;
class AppstractOptionsService implements SettingServiceInterface
{
@ -47,6 +48,10 @@ public function set($setting, $value = null) : void
}
option($settings);
foreach ($settings as $setting => $value) {
Log::info(sprintf('Setting %s is now %s', var_export($setting, true), var_export($this->restoreType($value), true)));
}
}
@ -56,6 +61,8 @@ public function set($setting, $value = null) : void
public function delete(string $name) : void
{
option()->remove($name);
Log::info(sprintf('Setting %s deleted', var_export($name, true)));
}

14
app/Services/DbEncryptionService.php
View File

@ -4,12 +4,11 @@
use Throwable;
use Exception;
use App\TwoFAccount;
use App\Exceptions\DbEncryptionException;
use App\Services\SettingServiceInterface;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Log;
class DbEncryptionService
{
@ -44,8 +43,14 @@ public function setTo(bool $state) : void
if ($isInUse === !$state) {
if ($this->updateRecords($state)) {
$this->settingService->set('useEncryption', $state);
if ($state) {
Log::notice('Sensible data are now encrypted');
}
else Log::notice('Sensible data are now decrypted');
}
else {
Log::warning('Some data cannot be encrypted/decrypted, the useEncryption setting remain unchanged');
throw new DbEncryptionException($state === true ? __('errors.error_during_encryption') : __('errors.error_during_decryption'));
}
}
@ -69,7 +74,7 @@ private function updateRecords(bool $encrypted) : bool
$item->account = $encrypted ? Crypt::encryptString($item->account) : Crypt::decryptString($item->account);
$item->secret = $encrypted ? Crypt::encryptString($item->secret) : Crypt::decryptString($item->secret);
}
catch (Exception $e) {
catch (Exception $ex) {
$success = false;
// Exit the each iteration
return false;
@ -97,9 +102,8 @@ private function updateRecords(bool $encrypted) : bool
}
// @codeCoverageIgnoreStart
// Dont now how to fake that :(
catch (Throwable $e) {
catch (Throwable $ex) {
DB::rollBack();
return false;
}
}

10
app/Services/GroupService.php
View File

@ -6,6 +6,7 @@
use App\TwoFAccount;
use App\Services\SettingServiceInterface;
use Illuminate\Database\Eloquent\Collection;
use Illuminate\Support\Facades\Log;
class GroupService
{
@ -68,6 +69,8 @@ public function create(array $data) : Group
$group->save();
Log::info(sprintf('Group %s created', var_export($group->name, true)));
return $group;
}
@ -85,6 +88,8 @@ public function update(Group $group, array $data) : Group
'name' => $data['name'],
]);
Log::info(sprintf('Group %s updated', var_export($group->name, true)));
return $group;
}
@ -118,6 +123,8 @@ public function delete($ids) : int
$deleted = Group::destroy($ids);
Log::info(sprintf('Groups #%s deleted', implode(',#', $ids)));
return $deleted;
}
@ -144,7 +151,10 @@ public function assign($ids, Group $group = null) : void
$twofaccounts = TwoFAccount::find($ids);
$group->twofaccounts()->saveMany($twofaccounts);
Log::info(sprintf('Twofaccounts #%s assigned to groups %s', implode(',#', $ids), var_export($group->name, true)));
}
else Log::info('Cannot find a group to assign the TwoFAccounts to');
}

5
app/Services/QrCodeService.php
View File

@ -5,6 +5,7 @@
use App\TwoFAccount;
use Zxing\QrReader;
use Illuminate\Support\Facades\Storage;
use Illuminate\Support\Facades\Log;
use chillerlan\QRCode\{QRCode, QROptions};
class QrCodeService
@ -36,6 +37,8 @@ public function encode(string $data)
$qrcode = new QRCode($options);
Log::info('data encoded to QR code');
return $qrcode->render($data);
}
@ -53,6 +56,8 @@ public function decode(\Illuminate\Http\UploadedFile $file)
if(!$data) {
throw new \App\Exceptions\InvalidQrCodeException;
}
Log::info('QR code decoded');
return $data;
}

30
app/Services/TwoFAccountService.php
View File

@ -14,6 +14,7 @@
use Illuminate\Support\Str;
use Illuminate\Support\Arr;
use Illuminate\Support\Facades\Storage;
use Illuminate\Support\Facades\Log;
use Illuminate\Validation\ValidationException;
class TwoFAccountService
@ -59,7 +60,11 @@ public function createFromUri(string $uri, bool $saveToDB = true ) : TwoFAccount
$twofaccount->legacy_uri = $uri;
$this->fillWithToken($twofaccount);
if ( $saveToDB ) $twofaccount->save();
if ( $saveToDB ) {
$twofaccount->save();
Log::info(sprintf('TwoFAccount #%d created (from URI)', $twofaccount->id));
}
return $twofaccount;
}
@ -84,7 +89,11 @@ public function createFromParameters(array $data, bool $saveToDB = true) : TwoFA
$twofaccount->icon = Arr::get($data, 'icon', null);
$this->fillWithToken($twofaccount);
if ( $saveToDB ) $twofaccount->save();
if ( $saveToDB ) {
$twofaccount->save();
Log::info(sprintf('TwoFAccount #%d created (from parameters)', $twofaccount->id));
}
return $twofaccount;
}
@ -107,6 +116,8 @@ public function update(TwoFAccount $twofaccount, array $data) : TwoFAccount
$twofaccount->icon = Arr::get($data, 'icon', null);
$twofaccount->save();
Log::info(sprintf('TwoFAccount #%d updated', $twofaccount->id));
return $twofaccount;
}
@ -128,6 +139,8 @@ public function getOTP($data) : OtpDto
// Early exit if the model returned an undecipherable secret
if (strtolower($this->token->getSecret()) === __('errors.indecipherable')) {
Log::error('Secret cannot be deciphered, OTP generation aborted');
throw new UndecipherableException();
}
@ -154,6 +167,8 @@ public function getOTP($data) : OtpDto
throw new InvalidSecretException($ex->getMessage());
}
Log::info(sprintf('New %s generated', $OtpDto->otp_type));
return $OtpDto;
}
@ -190,7 +205,10 @@ public function withdraw($ids) : void
->update(
['group_id' => NULL]
);
Log::info(sprintf('TwoFAccounts #%s withdrawn', implode(',#', $ids)));
}
else Log::info('No TwoFAccount to withdraw');
}
@ -321,7 +339,7 @@ private function initTokenWithUri(string $uri) : void
try {
$this->token = Factory::loadFromProvisioningUri($uri);
}
catch (\Assert\AssertionFailedException|\Assert\InvalidArgumentException|\Exception|\Throwable $e) {
catch (\Assert\AssertionFailedException|\Assert\InvalidArgumentException|\Exception|\Throwable $ex) {
throw ValidationException::withMessages([
'uri' => __('validation.custom.uri.regex', ['attribute' => 'uri'])
]);
@ -330,6 +348,8 @@ private function initTokenWithUri(string $uri) : void
// As loadFromProvisioningUri() accept URI without label (nor account nor service) we check
// that the account is set
if ( ! $this->token->getLabel() ) {
Log::error('URI passed to initTokenWithUri() must contain a label');
throw ValidationException::withMessages([
'label' => __('validation.custom.label.required')
]);
@ -347,6 +367,8 @@ private function initTokenWithParameters(TwoFAccountDto $dto) : void
{
// Check OTP type again to ensure the upcoming OTPHP instanciation
if ( ! in_array($dto->otp_type, $this->supportedOtpTypes, true) ) {
Log::error(sprintf('%s is not an OTP type supported by the current token', $dto->otp_type));
throw ValidationException::withMessages([
'otp_type' => __('validation.custom.otp_type.in', ['attribute' => 'otp type'])
]);
@ -431,6 +453,8 @@ private function storeTokenImageAsIcon()
{
// Should be a valid image
Storage::move($imageFile, $iconFile);
Log::info(sprintf('Icon file %s stored', $newFilename));
}
else {
Storage::delete($imageFile);

4
app/TwoFAccount.php
View File

@ -9,6 +9,7 @@
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Facades\Storage;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\Log;
class TwoFAccount extends Model implements Sortable
{
@ -66,6 +67,7 @@ protected static function boot()
parent::boot();
static::deleted(function ($model) {
Log::info(sprintf('TwoFAccount #%d deleted', $model->id));
Storage::delete('public/icons/' . $model->icon);
});
}
@ -193,7 +195,7 @@ private function decryptOrReturn($value)
try {
return Crypt::decryptString($value);
}
catch (Exception $e) {
catch (Exception $ex) {
return __('errors.indecipherable');
}
}

3
app/User.php
View File

@ -7,6 +7,7 @@
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Laravel\Passport\HasApiTokens;
use Illuminate\Support\Facades\Log;
class User extends Authenticatable
{
@ -48,6 +49,8 @@ class User extends Authenticatable
public function sendPasswordResetNotification($token)
{
$this->notify(new ResetPassword($token));
Log::info('Password reset token sent');
}
/**

2
config/logging.php
View File

@ -50,7 +50,7 @@
'driver' => 'daily',
'path' => storage_path('logs/laravel.log'),
'level' => 'debug',
'days' => 14,
'days' => 7,
],
'slack' => [

3
database/migrations/2021_09_08_191139_split_twofaccounts_uri_in_multiple_columns.php
View File

@ -5,6 +5,7 @@
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Schema;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\Log;
class SplitTwofaccountsUriInMultipleColumns extends Migration
{
@ -50,7 +51,7 @@ public function up()
}
catch(Exception $ex)
{
// We leave the record as is
Log::error($ex->getMessage());
}
}
}