Add logs for common Auth actions

This commit is contained in:
Bubka 2022-10-18 17:34:56 +02:00
parent 7d4526a90c
commit 6276c665a9
9 changed files with 29 additions and 4 deletions

View File

@ -10,6 +10,7 @@ use Illuminate\Support\Facades\Lang;
use App\Http\Requests\LoginRequest;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Carbon\Carbon;
use Illuminate\Support\Facades\Log;
class LoginController extends Controller
@ -38,6 +39,7 @@ class LoginController extends Controller
*/
public function login(LoginRequest $request)
{
Log::info('User login requested');
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
@ -70,6 +72,7 @@ class LoginController extends Controller
public function logout(Request $request)
{
Auth::logout();
Log::info('User logged out');
return response()->json(['message' => 'signed out'], Response::HTTP_OK);
}
@ -152,5 +155,7 @@ class LoginController extends Controller
{
$user->last_seen_at = Carbon::now()->format('Y-m-d H:i:s');
$user->save();
Log::info('User authenticated');
}
}

View File

@ -6,6 +6,7 @@ use App\Http\Requests\UserPatchPwdRequest;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Log;
class PasswordController extends Controller
{
@ -20,6 +21,7 @@ class PasswordController extends Controller
$validated = $request->validated();
if (!Hash::check( $validated['currentPassword'], Auth::user()->password) ) {
Log::notice('Password update failed: wrong password provided');
return response()->json(['message' => __('errors.wrong_current_password')], 400);
}
@ -27,6 +29,7 @@ class PasswordController extends Controller
$request->user()->update([
'password' => bcrypt($validated['password']),
]);
Log::info('User password updated');
}
return response()->json(['message' => __('auth.forms.password_successfully_changed')]);

View File

@ -8,6 +8,7 @@ use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Hash;
use Illuminate\Auth\Events\Registered;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Log;
class RegisterController extends Controller
{
@ -35,6 +36,7 @@ class RegisterController extends Controller
{
$validated = $request->validated();
event(new Registered($user = $this->create($validated)));
Log::info('User created');
$this->guard()->login($user);
// $this->guard()->loginUsingId($user->id);

View File

@ -10,6 +10,7 @@ use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Artisan;
use Illuminate\Support\Facades\Log;
class UserController extends Controller
{
@ -25,6 +26,7 @@ class UserController extends Controller
$validated = $request->validated();
if (!Hash::check( $request->password, Auth::user()->password) ) {
Log::notice('Account update failed: wrong password provided');
return response()->json(['message' => __('errors.wrong_current_password')], 400);
}
@ -33,7 +35,8 @@ class UserController extends Controller
'name' => $validated['name'],
'email' => $validated['email'],
]);
}
}
Log::info('User account updated');
return new UserResource($user);
}
@ -47,6 +50,7 @@ class UserController extends Controller
*/
public function delete(UserDeleteRequest $request)
{
Log::info('User deletion requested');
$validated = $request->validated();
if (!Hash::check( $validated['password'], Auth::user()->password) ) {
@ -74,9 +78,11 @@ class UserController extends Controller
}
// @codeCoverageIgnoreStart
catch (\Throwable $e) {
Log::error('User deletion failed');
return response()->json(['message' => __('errors.user_deletion_failed')], 400);
}
// @codeCoverageIgnoreEnd
Log::info('User deleted');
return response()->json(null, 204);
}

View File

@ -7,6 +7,7 @@ use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use DarkGhostHunter\Larapass\Http\AuthenticatesWebAuthn;
use Carbon\Carbon;
use Illuminate\Support\Facades\Log;
class WebAuthnLoginController extends Controller
{
@ -60,6 +61,7 @@ class WebAuthnLoginController extends Controller
*/
public function login(Request $request)
{
Log::info('User login via webauthn requested');
$request->validate($this->assertionRules());
if ($request->has('response')) {
@ -90,5 +92,7 @@ class WebAuthnLoginController extends Controller
{
$user->last_seen_at = Carbon::now()->format('Y-m-d H:i:s');
$user->save();
Log::info('User authenticated via webauthn');
}
}

View File

@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Http\Requests\WebauthnRenameRequest;
use DarkGhostHunter\Larapass\Eloquent\WebAuthnCredential;
use Illuminate\Support\Facades\Log;
class WebAuthnManageController extends Controller
{
@ -72,6 +73,8 @@ class WebAuthnManageController extends Controller
*/
public function delete(Request $request, $credential)
{
Log::info('Deletion of security device requested');
$user = $request->user();
$user->removeCredential($credential);
@ -82,6 +85,8 @@ class WebAuthnManageController extends Controller
Settings::delete('useWebauthnOnly');
}
Log::info('Security device deleted');
return response()->json(null, 204);
}
}

View File

@ -42,7 +42,7 @@ class KickOutInactiveUser
$user->last_seen_at = $now->format('Y-m-d H:i:s');
$user->save();
Log::notice('Inactive user detected, authentication rejected');
Log::info('Inactive user detected, authentication rejected');
if (method_exists('Illuminate\Support\Facades\Auth', 'logout')) {
Auth::logout();
}

View File

@ -19,7 +19,7 @@ class RejectIfDemoMode
{
if( config('2fauth.config.isDemoApp') ) {
Log::notice('Cannot request this action in Demo mode');
Log::info('Cannot request this action in Demo mode');
return response()->json(['message' => __('auth.forms.disabled_in_demo')], Response::HTTP_UNAUTHORIZED);
}

View File

@ -17,7 +17,7 @@ class RejectIfReverseProxy
public function handle($request, Closure $next)
{
if (config('auth.defaults.guard') === 'reverse-proxy-guard') {
Log::notice('Cannot request this action in Demo mode');
Log::info('Cannot request this action in Demo mode');
return response()->json([
'message' => __('errors.unsupported_with_reverseproxy')], 400);