The-pack-family
/
APIv3
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Create audit log entries for login fails/successes

This commit is contained in:
Colin McDonald 2016-06-27 21:16:34 -04:00
parent e0af72caf5
commit ac0865fde7
2 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/net/frozenorb/apiv3/auditLog/AuditLogActionType.java
View File

@ -37,6 +37,8 @@ public enum AuditLogActionType {
SERVER_CREATE(false), SERVER_CREATE(false),
SERVER_UPDATE(false), SERVER_UPDATE(false),
SERVER_DELETE(false), SERVER_DELETE(false),
USER_LOGIN_SUCCESS(false),
USER_LOGIN_FAIL(false),
USER_CHANGE_PASSWORD(false), USER_CHANGE_PASSWORD(false),
USER_PASSWORD_RESET(false), USER_PASSWORD_RESET(false),
USER_REGISTER_EMAIL(false), USER_REGISTER_EMAIL(false),

19
src/main/java/net/frozenorb/apiv3/route/users/GETUsersIdVerifyPassword.java
View File

@ -4,10 +4,14 @@ import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler; import io.vertx.core.Handler;
import io.vertx.ext.web.RoutingContext; import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3; import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.User; import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.unsorted.BlockingCallback; import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils; import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class GETUsersIdVerifyPassword implements Handler<RoutingContext> { public final class GETUsersIdVerifyPassword implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) { public void handle(RoutingContext ctx) {
@ -37,12 +41,19 @@ public final class GETUsersIdVerifyPassword implements Handler<RoutingContext> {
return; return;
} }
final UUID finalUuid = user.getId();
boolean authorized = user.checkPassword(ctx.request().getParam("password")); boolean authorized = user.checkPassword(ctx.request().getParam("password"));
APIv3.respondJson(ctx, ImmutableMap.of( AuditLog.log(user.getId(), ctx.request().getParam("userIp"), ctx, authorized ? AuditLogActionType.USER_LOGIN_SUCCESS : AuditLogActionType.USER_LOGIN_FAIL, (ignored, error) -> {
"authorized", authorized, if (error != null) {
"uuid", user.getId() ErrorUtils.respondInternalError(ctx, error);
)); } else {
APIv3.respondJson(ctx, ImmutableMap.of(
"authorized", authorized,
"uuid", finalUuid
));
}
});
} }
} }