Adding dashboard login activity (#1092)

For better auditing this PR adds a dashboard login event to the management service. For that the user object was extended with a field for last login that is not actively saved to the database but kept in memory until next write. The information about the last login can be extracted from the JWT claims nb_last_login. This timestamp will be stored and compared on each API request. If the value changes we generate an event to inform about a login.
2025-08-15 01:32:56 +02:00 · 2023-08-18 19:23:11 +02:00
parent 3ac32fd78a
commit da75a76d41
13 changed files with 110 additions and 13 deletions
--- a/management/server/activity/codes.go
+++ b/management/server/activity/codes.go
@ -110,6 +110,8 @@ const (
 	UserLoggedInPeer
 	// PeerLoginExpired indicates that the user peer login has been expired and peer disconnected
 	PeerLoginExpired
+	// DashboardLogin indicates that the user logged in to the dashboard
+	DashboardLogin
 )

 var activityMap = map[Activity]Code{
@ -163,6 +165,7 @@ var activityMap = map[Activity]Code{
 	GroupDeleted:                              {"Group deleted", "group.delete"},
 	UserLoggedInPeer:                          {"User logged in peer", "user.peer.login"},
 	PeerLoginExpired:                          {"Peer login expired", "peer.login.expire"},
+	DashboardLogin:                            {"Dashboard login", "dashboard.login"},
 }

 // StringCode returns a string code of the activity