Add logging of log ins

app/blueprints/admin/admin.py

@@ -19,7 +19,7 @@ import os
 
 from celery import group
 from flask import *
-from flask_login import current_user
+from flask_login import current_user, login_user
 from flask_wtf import FlaskForm
 from wtforms import *
 from wtforms.validators import InputRequired, Length
@@ -27,7 +27,7 @@ from wtforms.validators import InputRequired, Length
 from app.models import *
 from app.tasks.forumtasks import importTopicList, checkAllForumAccounts
 from app.tasks.importtasks import importRepoScreenshot, checkZipRelease, updateMetaFromRelease, importForeignDownloads
-from app.utils import loginUser, rank_required, addAuditLog, addNotification
+from app.utils import rank_required, addAuditLog, addNotification
 from . import bp
 
 
@@ -182,7 +182,7 @@ def switch_user():
 		user = User.query.filter_by(username=form["username"].data).first()
 		if user is None:
 			flash("Unable to find user", "danger")
-		elif loginUser(user):
+		elif login_user(user):
 			return redirect(url_for("users.profile", username=current_user.username))
 		else:
 			flash("Unable to login as user", "danger")

app/blueprints/github/__init__.py

@@ -19,11 +19,11 @@ from flask import Blueprint
 bp = Blueprint("github", __name__)
 
 from flask import redirect, url_for, request, flash, abort, render_template, jsonify, current_app
-from flask_login import current_user, login_required
+from flask_login import current_user, login_required, login_user
 from sqlalchemy import func, or_, and_
 from app import github, csrf
-from app.models import db, User, APIToken, Package, Permission
-from app.utils import loginUser, randomString, abs_url_for
+from app.models import db, User, APIToken, Package, Permission, AuditSeverity
+from app.utils import randomString, abs_url_for, addAuditLog
 from app.blueprints.api.support import error, handleCreateRelease
 import hmac, requests, json
 
@@ -72,7 +72,11 @@ def callback(oauth_token):
 		if userByGithub is None:
 			flash("Unable to find an account for that Github user", "danger")
 			return redirect(url_for("users.claim"))
-		elif loginUser(userByGithub):
+		elif login_user(userByGithub, remember=True):
+			addAuditLog(AuditSeverity.USER, userByGithub, "Logged in using GitHub OAuth",
+					url_for("users.profile", username=userByGithub.username))
+			db.session.commit()
+
 			if not current_user.password:
 				return redirect(next_url or url_for("users.set_password", optional=True))
 			else:

app/blueprints/users/account.py

@@ -57,6 +57,9 @@ def handle_login(form):
 		flash("You need to confirm the registration email", "danger")
 		return
 
+	addAuditLog(AuditSeverity.USER, user, "Logged in using password",
+			url_for("users.profile", username=user.username))
+	db.session.commit()
 
 	login_user(user)
 	flash("Logged in successfully.", "success")
@@ -140,7 +143,6 @@ def register():
 		if ret:
 			return ret
 
-
 	return render_template("users/register.html", form=form, suggested_password=genphrase(entropy=52, wordset="bip39"))
 
 

app/blueprints/users/claim.py

@@ -14,11 +14,11 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
-
+from flask_login import login_user
 from . import bp
 from flask import redirect, render_template, session, request, flash, url_for
 from app.models import db, User, UserRank
-from app.utils import randomString, loginUser
+from app.utils import randomString
 from app.tasks.forumtasks import checkForumAccount
 from app.tasks.phpbbparser import getProfile
 import re
@@ -102,7 +102,7 @@ def claim():
 					db.session.add(user)
 					db.session.commit()
 
-				if loginUser(user):
+				if login_user(user, remember=True):
 					return redirect(url_for("users.set_password"))
 				else:
 					flash("Unable to login as user", "danger")

app/templates/admin/audit.html

@@ -11,6 +11,6 @@ Audit Log
 	{% from "macros/audit_log.html" import render_audit_log %}
 
 	{{ render_pagination(pagination, url_set_query) }}
-	{{ render_audit_log(log, show_view=True) }}
+	{{ render_audit_log(log) }}
 	{{ render_pagination(pagination, url_set_query) }}
 {% endblock %}

app/templates/macros/audit_log.html

@@ -1,8 +1,8 @@
-{% macro render_audit_log(log, show_view=False) -%}
+{% macro render_audit_log(log) -%}
 	<div class="list-group mt-3">
 		{% for entry in log %}
 			<a class="list-group-item list-group-item-action"
-				{% if entry.description and show_view %}
+				{% if entry.description %}
 					href="{{ url_for('admin.audit_view', id=entry.id) }}">
 				{% else %}
 					href="{{ entry.url }}">

app/templates/users/account.html

@@ -66,7 +66,7 @@
 <h3>{{ _("Recent Account Actions") }}</h3>
 
 {% from "macros/audit_log.html" import render_audit_log %}
-{{ render_audit_log(user.audit_log_entries.limit(10).all(), show_view=True) }}
+{{ render_audit_log(user.audit_log_entries.limit(10).all()) }}
 
 <h3>{{ _("Account Deletion and Deactivation") }}</h3>
 

app/utils.py

@@ -149,39 +149,6 @@ def make_flask_login_password(plaintext):
 	return bcrypt.hash(plaintext.encode("UTF-8"))
 
 
-def loginUser(user):
-	def _call_or_get(v):
-		if callable(v):
-			return v()
-		else:
-			return v
-
-	# User must have been authenticated
-	if not user:
-		return False
-
-	if user.rank == UserRank.BANNED:
-		flash("You have been banned.", "danger")
-		return False
-
-	user.is_active = True
-	if not user.rank.atLeast(UserRank.NEW_MEMBER):
-		user.rank = UserRank.MEMBER
-
-	db.session.commit()
-
-	# Check if user account has been disabled
-	if not _call_or_get(user.is_active):
-		flash("Your account has not been enabled.", "danger")
-		return False
-
-	login_user(user, remember=True)
-
-	flash("You have signed in successfully.", "success")
-
-	return True
-
-
 def rank_required(rank):
 	def decorator(f):
 		@wraps(f)