mirror of
https://github.com/minetest/contentdb.git
synced 2024-12-31 18:27:30 +01:00
Log sensitive account changes
This commit is contained in:
parent
f75bdec756
commit
dfb216a8df
@ -24,7 +24,7 @@ from wtforms.validators import *
|
||||
|
||||
from app.models import *
|
||||
from app.tasks.emails import sendVerifyEmail, sendEmailRaw
|
||||
from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash
|
||||
from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash, addAuditLog
|
||||
from passlib.pwd import genphrase
|
||||
|
||||
from . import bp
|
||||
@ -112,6 +112,9 @@ def register():
|
||||
user = User(form.username.data, False, form.email.data, make_flask_login_password(form.password.data))
|
||||
db.session.add(user)
|
||||
|
||||
addAuditLog(AuditSeverity.USER, user, "Registered",
|
||||
url_for("users.profile", username=user.username))
|
||||
|
||||
token = randomString(32)
|
||||
|
||||
ver = UserEmailVerification()
|
||||
@ -142,6 +145,9 @@ def forgot_password():
|
||||
if user:
|
||||
token = randomString(32)
|
||||
|
||||
addAuditLog(AuditSeverity.USER, user, "(Anonymous) requested a password reset",
|
||||
url_for("users.profile", username=user.username), None)
|
||||
|
||||
ver = UserEmailVerification()
|
||||
ver.user = user
|
||||
ver.token = token
|
||||
@ -188,6 +194,8 @@ def handle_set_password(form):
|
||||
flash("Passwords do not much", "danger")
|
||||
return
|
||||
|
||||
addAuditLog(AuditSeverity.USER, current_user, "Changed their password", url_for("users.profile", username=current_user.username))
|
||||
|
||||
current_user.password = make_flask_login_password(form.password.data)
|
||||
db.session.commit()
|
||||
|
||||
@ -259,6 +267,9 @@ def verify_email():
|
||||
flash("Unknown verification token!", "danger")
|
||||
return redirect(url_for("homepage.home"))
|
||||
|
||||
addAuditLog(AuditSeverity.USER, ver.user, "Confirmed their email",
|
||||
url_for("users.profile", username=ver.user.username))
|
||||
|
||||
was_activating = not ver.user.is_active
|
||||
ver.user.is_active = True
|
||||
ver.user.email = ver.email
|
||||
|
@ -1366,8 +1366,9 @@ class PackageReview(db.Model):
|
||||
|
||||
class AuditSeverity(enum.Enum):
|
||||
NORMAL = 0 # Normal user changes
|
||||
EDITOR = 1 # Editor changes
|
||||
MODERATION = 2 # Destructive / moderator changes
|
||||
USER = 1 # Security user changes
|
||||
EDITOR = 2 # Editor changes
|
||||
MODERATION = 3 # Destructive / moderator changes
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
@ -26,6 +26,8 @@ Audit Log
|
||||
<i class="fas fa-exclamation-triangle" style="color: yellow;"></i>
|
||||
{% elif entry.severity == entry.severity.EDITOR %}
|
||||
<i class="fas fa-users" style="color: #537eac;"></i>
|
||||
{% elif entry.severity == entry.severity.USER %}
|
||||
<i class="fas fa-user"></i>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
|
@ -7,7 +7,7 @@
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<title>{% block title %}title{% endblock %} - {{ config.USER_APP_NAME }}</title>
|
||||
<link rel="stylesheet" type="text/css" href="/static/bootstrap.css">
|
||||
<link rel="stylesheet" type="text/css" href="/static/custom.css?v=14">
|
||||
<link rel="stylesheet" type="text/css" href="/static/custom.css?v=15">
|
||||
<link rel="search" type="application/opensearchdescription+xml" href="/static/opensearch.xml" title="ContentDB" />
|
||||
<link rel="shortcut icon" href="/favicon-16.png" sizes="16x16">
|
||||
<link rel="icon" href="/favicon-128.png" sizes="128x128">
|
||||
|
24
migrations/versions/c154912eaa0c_.py
Normal file
24
migrations/versions/c154912eaa0c_.py
Normal file
@ -0,0 +1,24 @@
|
||||
"""empty message
|
||||
|
||||
Revision ID: c154912eaa0c
|
||||
Revises: 7f166b5218d7
|
||||
Create Date: 2020-12-05 02:29:16.706564
|
||||
|
||||
"""
|
||||
from alembic import op
|
||||
import sqlalchemy as sa
|
||||
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = 'c154912eaa0c'
|
||||
down_revision = '7f166b5218d7'
|
||||
branch_labels = None
|
||||
depends_on = None
|
||||
|
||||
|
||||
def upgrade():
|
||||
op.execute("COMMIT")
|
||||
op.execute("ALTER TYPE auditseverity ADD VALUE 'USER'")
|
||||
|
||||
def downgrade():
|
||||
pass
|
Loading…
Reference in New Issue
Block a user