Log all user actions on stdout
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@ -5,11 +5,22 @@ use webauthn_rs::prelude::RegisterPublicKeyCredential;
|
||||
|
||||
use crate::actors::users_actor;
|
||||
use crate::actors::users_actor::UsersActor;
|
||||
use crate::constants::MAX_SECOND_FACTOR_NAME_LEN;
|
||||
use crate::data::action_logger::{Action, ActionLogger};
|
||||
use crate::data::current_user::CurrentUser;
|
||||
use crate::data::totp_key::TotpKey;
|
||||
use crate::data::user::{FactorID, TwoFactor, TwoFactorType, User};
|
||||
use crate::data::webauthn_manager::WebAuthManagerReq;
|
||||
|
||||
fn preprocess_factor_name(name: &str) -> String {
|
||||
name.replace('<', "<")
|
||||
.replace('>', ">")
|
||||
.chars()
|
||||
.take(MAX_SECOND_FACTOR_NAME_LEN)
|
||||
.filter(|c| *c != '\n' && *c != '\t' && *c != '\r' && c.is_ascii())
|
||||
.collect()
|
||||
}
|
||||
|
||||
#[derive(serde::Deserialize)]
|
||||
pub struct AddTOTPRequest {
|
||||
factor_name: String,
|
||||
@ -21,6 +32,7 @@ pub async fn save_totp_factor(
|
||||
user: CurrentUser,
|
||||
form: web::Json<AddTOTPRequest>,
|
||||
users: web::Data<Addr<UsersActor>>,
|
||||
logger: ActionLogger,
|
||||
) -> impl Responder {
|
||||
let key = TotpKey::from_encoded_secret(&form.secret);
|
||||
|
||||
@ -32,16 +44,20 @@ pub async fn save_totp_factor(
|
||||
));
|
||||
}
|
||||
|
||||
if form.factor_name.is_empty() {
|
||||
return HttpResponse::BadRequest().body("Please give a name to the factor!");
|
||||
let factor_name = preprocess_factor_name(&form.factor_name);
|
||||
if factor_name.is_empty() {
|
||||
return HttpResponse::BadRequest().body("Please give a valid name to the factor!");
|
||||
}
|
||||
|
||||
let mut user = User::from(user);
|
||||
user.add_factor(TwoFactor {
|
||||
let factor = TwoFactor {
|
||||
id: FactorID(Uuid::new_v4().to_string()),
|
||||
name: form.0.factor_name,
|
||||
name: factor_name,
|
||||
kind: TwoFactorType::TOTP(key),
|
||||
});
|
||||
};
|
||||
logger.log(Action::AddNewFactor(&factor));
|
||||
|
||||
let mut user = User::from(user);
|
||||
user.add_factor(factor);
|
||||
let res = users
|
||||
.send(users_actor::UpdateUserRequest(user))
|
||||
.await
|
||||
@ -67,7 +83,13 @@ pub async fn save_webauthn_factor(
|
||||
form: web::Json<AddWebauthnRequest>,
|
||||
users: web::Data<Addr<UsersActor>>,
|
||||
manager: WebAuthManagerReq,
|
||||
logger: ActionLogger,
|
||||
) -> impl Responder {
|
||||
let factor_name = preprocess_factor_name(&form.factor_name);
|
||||
if factor_name.is_empty() {
|
||||
return HttpResponse::BadRequest().body("Please give a valid name to the factor!");
|
||||
}
|
||||
|
||||
let key = match manager.finish_registration(&user, &form.0.opaque_state, form.0.credential) {
|
||||
Ok(k) => k,
|
||||
Err(e) => {
|
||||
@ -76,12 +98,15 @@ pub async fn save_webauthn_factor(
|
||||
}
|
||||
};
|
||||
|
||||
let mut user = User::from(user);
|
||||
user.add_factor(TwoFactor {
|
||||
let factor = TwoFactor {
|
||||
id: FactorID(Uuid::new_v4().to_string()),
|
||||
name: form.0.factor_name,
|
||||
name: factor_name,
|
||||
kind: TwoFactorType::WEBAUTHN(Box::new(key)),
|
||||
});
|
||||
};
|
||||
logger.log(Action::AddNewFactor(&factor));
|
||||
|
||||
let mut user = User::from(user);
|
||||
user.add_factor(factor);
|
||||
let res = users
|
||||
.send(users_actor::UpdateUserRequest(user))
|
||||
.await
|
||||
@ -104,9 +129,10 @@ pub async fn delete_factor(
|
||||
user: CurrentUser,
|
||||
form: web::Json<DeleteFactorRequest>,
|
||||
users: web::Data<Addr<UsersActor>>,
|
||||
logger: ActionLogger,
|
||||
) -> impl Responder {
|
||||
let mut user = User::from(user);
|
||||
user.remove_factor(form.0.id);
|
||||
user.remove_factor(form.0.id.clone());
|
||||
|
||||
let res = users
|
||||
.send(users_actor::UpdateUserRequest(user))
|
||||
@ -117,6 +143,9 @@ pub async fn delete_factor(
|
||||
if !res {
|
||||
HttpResponse::InternalServerError().body("Failed to update user information!")
|
||||
} else {
|
||||
logger.log(Action::Removed2FAFactor {
|
||||
factor_id: &form.0.id,
|
||||
});
|
||||
HttpResponse::Ok().body("Removed factor!")
|
||||
}
|
||||
}
|
||||
@ -124,11 +153,13 @@ pub async fn delete_factor(
|
||||
pub async fn clear_login_history(
|
||||
user: CurrentUser,
|
||||
users: web::Data<Addr<UsersActor>>,
|
||||
logger: ActionLogger,
|
||||
) -> impl Responder {
|
||||
users
|
||||
.send(users_actor::Clear2FALoginHistory(user.uid.clone()))
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
logger.log(Action::ClearedHisLoginHistory);
|
||||
HttpResponse::Ok().body("History successfully cleared")
|
||||
}
|
||||
|
Reference in New Issue
Block a user