Create audit log entries for login fails/successes

This commit is contained in:
Colin McDonald 2016-06-27 21:16:34 -04:00
parent e0af72caf5
commit ac0865fde7
2 changed files with 17 additions and 4 deletions

View File

@ -37,6 +37,8 @@ public enum AuditLogActionType {
SERVER_CREATE(false),
SERVER_UPDATE(false),
SERVER_DELETE(false),
USER_LOGIN_SUCCESS(false),
USER_LOGIN_FAIL(false),
USER_CHANGE_PASSWORD(false),
USER_PASSWORD_RESET(false),
USER_REGISTER_EMAIL(false),

View File

@ -4,10 +4,14 @@ import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class GETUsersIdVerifyPassword implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
@ -37,12 +41,19 @@ public final class GETUsersIdVerifyPassword implements Handler<RoutingContext> {
return;
}
final UUID finalUuid = user.getId();
boolean authorized = user.checkPassword(ctx.request().getParam("password"));
APIv3.respondJson(ctx, ImmutableMap.of(
"authorized", authorized,
"uuid", user.getId()
));
AuditLog.log(user.getId(), ctx.request().getParam("userIp"), ctx, authorized ? AuditLogActionType.USER_LOGIN_SUCCESS : AuditLogActionType.USER_LOGIN_FAIL, (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, ImmutableMap.of(
"authorized", authorized,
"uuid", finalUuid
));
}
});
}
}