mirror of
https://github.com/Bubka/2FAuth.git
synced 2025-06-25 22:41:57 +02:00
Add logs for common Auth actions
This commit is contained in:
Bubka
parent
7d4526a90c
commit
6276c665a9
@ -10,6 +10,7 @@ use Illuminate\Support\Facades\Lang;
|
||||
use App\Http\Requests\LoginRequest;
|
||||
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
|
||||
class LoginController extends Controller
|
||||
@ -38,6 +39,7 @@ class LoginController extends Controller
|
||||
*/
|
||||
public function login(LoginRequest $request)
|
||||
{
|
||||
Log::info('User login requested');
|
||||
|
||||
// If the class is using the ThrottlesLogins trait, we can automatically throttle
|
||||
// the login attempts for this application. We'll key this by the username and
|
||||
@ -70,6 +72,7 @@ class LoginController extends Controller
|
||||
public function logout(Request $request)
|
||||
{
|
||||
Auth::logout();
|
||||
Log::info('User logged out');
|
||||
|
||||
return response()->json(['message' => 'signed out'], Response::HTTP_OK);
|
||||
}
|
||||
@ -152,5 +155,7 @@ class LoginController extends Controller
|
||||
{
|
||||
$user->last_seen_at = Carbon::now()->format('Y-m-d H:i:s');
|
||||
$user->save();
|
||||
|
||||
Log::info('User authenticated');
|
||||
}
|
||||
}
|
||||
@ -6,6 +6,7 @@ use App\Http\Requests\UserPatchPwdRequest;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class PasswordController extends Controller
|
||||
{
|
||||
@ -20,6 +21,7 @@ class PasswordController extends Controller
|
||||
$validated = $request->validated();
|
||||
|
||||
if (!Hash::check( $validated['currentPassword'], Auth::user()->password) ) {
|
||||
Log::notice('Password update failed: wrong password provided');
|
||||
return response()->json(['message' => __('errors.wrong_current_password')], 400);
|
||||
}
|
||||
|
||||
@ -27,6 +29,7 @@ class PasswordController extends Controller
|
||||
$request->user()->update([
|
||||
'password' => bcrypt($validated['password']),
|
||||
]);
|
||||
Log::info('User password updated');
|
||||
}
|
||||
|
||||
return response()->json(['message' => __('auth.forms.password_successfully_changed')]);
|
||||
|
||||
@ -8,6 +8,7 @@ use App\Http\Controllers\Controller;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Auth\Events\Registered;
|
||||
use Illuminate\Foundation\Auth\RegistersUsers;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class RegisterController extends Controller
|
||||
{
|
||||
@ -35,6 +36,7 @@ class RegisterController extends Controller
|
||||
{
|
||||
$validated = $request->validated();
|
||||
event(new Registered($user = $this->create($validated)));
|
||||
Log::info('User created');
|
||||
|
||||
$this->guard()->login($user);
|
||||
// $this->guard()->loginUsingId($user->id);
|
||||
|
||||
@ -10,6 +10,7 @@ use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Artisan;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class UserController extends Controller
|
||||
{
|
||||
@ -25,6 +26,7 @@ class UserController extends Controller
|
||||
$validated = $request->validated();
|
||||
|
||||
if (!Hash::check( $request->password, Auth::user()->password) ) {
|
||||
Log::notice('Account update failed: wrong password provided');
|
||||
return response()->json(['message' => __('errors.wrong_current_password')], 400);
|
||||
}
|
||||
|
||||
@ -33,7 +35,8 @@ class UserController extends Controller
|
||||
'name' => $validated['name'],
|
||||
'email' => $validated['email'],
|
||||
]);
|
||||
}
|
||||
}
|
||||
Log::info('User account updated');
|
||||
|
||||
return new UserResource($user);
|
||||
}
|
||||
@ -47,6 +50,7 @@ class UserController extends Controller
|
||||
*/
|
||||
public function delete(UserDeleteRequest $request)
|
||||
{
|
||||
Log::info('User deletion requested');
|
||||
$validated = $request->validated();
|
||||
|
||||
if (!Hash::check( $validated['password'], Auth::user()->password) ) {
|
||||
@ -74,9 +78,11 @@ class UserController extends Controller
|
||||
}
|
||||
// @codeCoverageIgnoreStart
|
||||
catch (\Throwable $e) {
|
||||
Log::error('User deletion failed');
|
||||
return response()->json(['message' => __('errors.user_deletion_failed')], 400);
|
||||
}
|
||||
// @codeCoverageIgnoreEnd
|
||||
Log::info('User deleted');
|
||||
|
||||
return response()->json(null, 204);
|
||||
}
|
||||
|
||||
@ -7,6 +7,7 @@ use Illuminate\Http\Request;
|
||||
use App\Http\Controllers\Controller;
|
||||
use DarkGhostHunter\Larapass\Http\AuthenticatesWebAuthn;
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class WebAuthnLoginController extends Controller
|
||||
{
|
||||
@ -60,6 +61,7 @@ class WebAuthnLoginController extends Controller
|
||||
*/
|
||||
public function login(Request $request)
|
||||
{
|
||||
Log::info('User login via webauthn requested');
|
||||
$request->validate($this->assertionRules());
|
||||
|
||||
if ($request->has('response')) {
|
||||
@ -90,5 +92,7 @@ class WebAuthnLoginController extends Controller
|
||||
{
|
||||
$user->last_seen_at = Carbon::now()->format('Y-m-d H:i:s');
|
||||
$user->save();
|
||||
|
||||
Log::info('User authenticated via webauthn');
|
||||
}
|
||||
}
|
||||
@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
|
||||
use Illuminate\Http\Request;
|
||||
use App\Http\Requests\WebauthnRenameRequest;
|
||||
use DarkGhostHunter\Larapass\Eloquent\WebAuthnCredential;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class WebAuthnManageController extends Controller
|
||||
{
|
||||
@ -72,6 +73,8 @@ class WebAuthnManageController extends Controller
|
||||
*/
|
||||
public function delete(Request $request, $credential)
|
||||
{
|
||||
Log::info('Deletion of security device requested');
|
||||
|
||||
$user = $request->user();
|
||||
$user->removeCredential($credential);
|
||||
|
||||
@ -82,6 +85,8 @@ class WebAuthnManageController extends Controller
|
||||
Settings::delete('useWebauthnOnly');
|
||||
}
|
||||
|
||||
Log::info('Security device deleted');
|
||||
|
||||
return response()->json(null, 204);
|
||||
}
|
||||
}
|
||||
@ -42,7 +42,7 @@ class KickOutInactiveUser
|
||||
$user->last_seen_at = $now->format('Y-m-d H:i:s');
|
||||
$user->save();
|
||||
|
||||
Log::notice('Inactive user detected, authentication rejected');
|
||||
Log::info('Inactive user detected, authentication rejected');
|
||||
if (method_exists('Illuminate\Support\Facades\Auth', 'logout')) {
|
||||
Auth::logout();
|
||||
}
|
||||
|
||||
@ -19,7 +19,7 @@ class RejectIfDemoMode
|
||||
{
|
||||
|
||||
if( config('2fauth.config.isDemoApp') ) {
|
||||
Log::notice('Cannot request this action in Demo mode');
|
||||
Log::info('Cannot request this action in Demo mode');
|
||||
|
||||
return response()->json(['message' => __('auth.forms.disabled_in_demo')], Response::HTTP_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
@ -17,7 +17,7 @@ class RejectIfReverseProxy
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
if (config('auth.defaults.guard') === 'reverse-proxy-guard') {
|
||||
Log::notice('Cannot request this action in Demo mode');
|
||||
Log::info('Cannot request this action in Demo mode');
|
||||
|
||||
return response()->json([
|
||||
'message' => __('errors.unsupported_with_reverseproxy')], 400);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user