Create audit log entries for login fails/successes
This commit is contained in:
Colin McDonald
parent
e0af72caf5
commit
ac0865fde7
@ -37,6 +37,8 @@ public enum AuditLogActionType {
|
||||
SERVER_CREATE(false),
|
||||
SERVER_UPDATE(false),
|
||||
SERVER_DELETE(false),
|
||||
USER_LOGIN_SUCCESS(false),
|
||||
USER_LOGIN_FAIL(false),
|
||||
USER_CHANGE_PASSWORD(false),
|
||||
USER_PASSWORD_RESET(false),
|
||||
USER_REGISTER_EMAIL(false),
|
||||
|
||||
@ -4,10 +4,14 @@ import com.google.common.collect.ImmutableMap;
|
||||
import io.vertx.core.Handler;
|
||||
import io.vertx.ext.web.RoutingContext;
|
||||
import net.frozenorb.apiv3.APIv3;
|
||||
import net.frozenorb.apiv3.auditLog.AuditLog;
|
||||
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
|
||||
import net.frozenorb.apiv3.model.User;
|
||||
import net.frozenorb.apiv3.unsorted.BlockingCallback;
|
||||
import net.frozenorb.apiv3.util.ErrorUtils;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
public final class GETUsersIdVerifyPassword implements Handler<RoutingContext> {
|
||||
|
||||
public void handle(RoutingContext ctx) {
|
||||
@ -37,12 +41,19 @@ public final class GETUsersIdVerifyPassword implements Handler<RoutingContext> {
|
||||
return;
|
||||
}
|
||||
|
||||
final UUID finalUuid = user.getId();
|
||||
boolean authorized = user.checkPassword(ctx.request().getParam("password"));
|
||||
|
||||
APIv3.respondJson(ctx, ImmutableMap.of(
|
||||
"authorized", authorized,
|
||||
"uuid", user.getId()
|
||||
));
|
||||
AuditLog.log(user.getId(), ctx.request().getParam("userIp"), ctx, authorized ? AuditLogActionType.USER_LOGIN_SUCCESS : AuditLogActionType.USER_LOGIN_FAIL, (ignored, error) -> {
|
||||
if (error != null) {
|
||||
ErrorUtils.respondInternalError(ctx, error);
|
||||
} else {
|
||||
APIv3.respondJson(ctx, ImmutableMap.of(
|
||||
"authorized", authorized,
|
||||
"uuid", finalUuid
|
||||
));
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user