Add logging of log ins

This commit is contained in:
rubenwardy 2020-12-09 20:38:36 +00:00
parent 4433c32afc
commit 333dd60b32
8 changed files with 21 additions and 48 deletions

@ -19,7 +19,7 @@ import os
from celery import group
from flask import *
from flask_login import current_user
from flask_login import current_user, login_user
from flask_wtf import FlaskForm
from wtforms import *
from wtforms.validators import InputRequired, Length
@ -27,7 +27,7 @@ from wtforms.validators import InputRequired, Length
from app.models import *
from app.tasks.forumtasks import importTopicList, checkAllForumAccounts
from app.tasks.importtasks import importRepoScreenshot, checkZipRelease, updateMetaFromRelease, importForeignDownloads
from app.utils import loginUser, rank_required, addAuditLog, addNotification
from app.utils import rank_required, addAuditLog, addNotification
from . import bp
@ -182,7 +182,7 @@ def switch_user():
user = User.query.filter_by(username=form["username"].data).first()
if user is None:
flash("Unable to find user", "danger")
elif loginUser(user):
elif login_user(user):
return redirect(url_for("users.profile", username=current_user.username))
else:
flash("Unable to login as user", "danger")

@ -19,11 +19,11 @@ from flask import Blueprint
bp = Blueprint("github", __name__)
from flask import redirect, url_for, request, flash, abort, render_template, jsonify, current_app
from flask_login import current_user, login_required
from flask_login import current_user, login_required, login_user
from sqlalchemy import func, or_, and_
from app import github, csrf
from app.models import db, User, APIToken, Package, Permission
from app.utils import loginUser, randomString, abs_url_for
from app.models import db, User, APIToken, Package, Permission, AuditSeverity
from app.utils import randomString, abs_url_for, addAuditLog
from app.blueprints.api.support import error, handleCreateRelease
import hmac, requests, json
@ -72,7 +72,11 @@ def callback(oauth_token):
if userByGithub is None:
flash("Unable to find an account for that Github user", "danger")
return redirect(url_for("users.claim"))
elif loginUser(userByGithub):
elif login_user(userByGithub, remember=True):
addAuditLog(AuditSeverity.USER, userByGithub, "Logged in using GitHub OAuth",
url_for("users.profile", username=userByGithub.username))
db.session.commit()
if not current_user.password:
return redirect(next_url or url_for("users.set_password", optional=True))
else:

@ -57,6 +57,9 @@ def handle_login(form):
flash("You need to confirm the registration email", "danger")
return
addAuditLog(AuditSeverity.USER, user, "Logged in using password",
url_for("users.profile", username=user.username))
db.session.commit()
login_user(user)
flash("Logged in successfully.", "success")
@ -140,7 +143,6 @@ def register():
if ret:
return ret
return render_template("users/register.html", form=form, suggested_password=genphrase(entropy=52, wordset="bip39"))

@ -14,11 +14,11 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
from flask_login import login_user
from . import bp
from flask import redirect, render_template, session, request, flash, url_for
from app.models import db, User, UserRank
from app.utils import randomString, loginUser
from app.utils import randomString
from app.tasks.forumtasks import checkForumAccount
from app.tasks.phpbbparser import getProfile
import re
@ -102,7 +102,7 @@ def claim():
db.session.add(user)
db.session.commit()
if loginUser(user):
if login_user(user, remember=True):
return redirect(url_for("users.set_password"))
else:
flash("Unable to login as user", "danger")

@ -11,6 +11,6 @@ Audit Log
{% from "macros/audit_log.html" import render_audit_log %}
{{ render_pagination(pagination, url_set_query) }}
{{ render_audit_log(log, show_view=True) }}
{{ render_audit_log(log) }}
{{ render_pagination(pagination, url_set_query) }}
{% endblock %}

@ -1,8 +1,8 @@
{% macro render_audit_log(log, show_view=False) -%}
{% macro render_audit_log(log) -%}
<div class="list-group mt-3">
{% for entry in log %}
<a class="list-group-item list-group-item-action"
{% if entry.description and show_view %}
{% if entry.description %}
href="{{ url_for('admin.audit_view', id=entry.id) }}">
{% else %}
href="{{ entry.url }}">

@ -66,7 +66,7 @@
<h3>{{ _("Recent Account Actions") }}</h3>
{% from "macros/audit_log.html" import render_audit_log %}
{{ render_audit_log(user.audit_log_entries.limit(10).all(), show_view=True) }}
{{ render_audit_log(user.audit_log_entries.limit(10).all()) }}
<h3>{{ _("Account Deletion and Deactivation") }}</h3>

@ -149,39 +149,6 @@ def make_flask_login_password(plaintext):
return bcrypt.hash(plaintext.encode("UTF-8"))
def loginUser(user):
def _call_or_get(v):
if callable(v):
return v()
else:
return v
# User must have been authenticated
if not user:
return False
if user.rank == UserRank.BANNED:
flash("You have been banned.", "danger")
return False
user.is_active = True
if not user.rank.atLeast(UserRank.NEW_MEMBER):
user.rank = UserRank.MEMBER
db.session.commit()
# Check if user account has been disabled
if not _call_or_get(user.is_active):
flash("Your account has not been enabled.", "danger")
return False
login_user(user, remember=True)
flash("You have signed in successfully.", "success")
return True
def rank_required(rank):
def decorator(f):
@wraps(f)