##// END OF EJS Templates
audit-logs: use new v2 api on login/logout/password reset views.
marcink -
r1697:3d938b76 default
parent child Browse files
Show More
@@ -34,6 +34,7 b' from rhodecode.apps._base import BaseApp'
34 from rhodecode.authentication.base import authenticate, HTTP_TYPE
34 from rhodecode.authentication.base import authenticate, HTTP_TYPE
35 from rhodecode.events import UserRegistered
35 from rhodecode.events import UserRegistered
36 from rhodecode.lib import helpers as h
36 from rhodecode.lib import helpers as h
37 from rhodecode.lib import audit_logger
37 from rhodecode.lib.auth import (
38 from rhodecode.lib.auth import (
38 AuthUser, HasPermissionAnyDecorator, CSRFRequired)
39 AuthUser, HasPermissionAnyDecorator, CSRFRequired)
39 from rhodecode.lib.base import get_ip_addr
40 from rhodecode.lib.base import get_ip_addr
@@ -166,6 +167,13 b' class LoginView(BaseAppView):'
166 username=form_result['username'],
167 username=form_result['username'],
167 remember=form_result['remember'])
168 remember=form_result['remember'])
168 log.debug('Redirecting to "%s" after login.', c.came_from)
169 log.debug('Redirecting to "%s" after login.', c.came_from)
170
171 audit_user = audit_logger.UserWrap(
172 username=self.request.params.get('username'),
173 ip_addr=self.request.remote_addr)
174 audit_logger.store(action='user.login.success', user=audit_user,
175 commit=True)
176
169 raise HTTPFound(c.came_from, headers=headers)
177 raise HTTPFound(c.came_from, headers=headers)
170 except formencode.Invalid as errors:
178 except formencode.Invalid as errors:
171 defaults = errors.value
179 defaults = errors.value
@@ -176,6 +184,12 b' class LoginView(BaseAppView):'
176 'errors': errors.error_dict,
184 'errors': errors.error_dict,
177 'defaults': defaults,
185 'defaults': defaults,
178 })
186 })
187
188 audit_user = audit_logger.UserWrap(
189 username=self.request.params.get('username'),
190 ip_addr=self.request.remote_addr)
191 audit_logger.store(action='user.login.failure', user=audit_user,
192 commit=True)
179 return render_ctx
193 return render_ctx
180
194
181 except UserCreationError as e:
195 except UserCreationError as e:
@@ -191,6 +205,8 b' class LoginView(BaseAppView):'
191 def logout(self):
205 def logout(self):
192 auth_user = self._rhodecode_user
206 auth_user = self._rhodecode_user
193 log.info('Deleting session for user: `%s`', auth_user)
207 log.info('Deleting session for user: `%s`', auth_user)
208 audit_logger.store(action='user.logout', user=auth_user,
209 commit=True)
194 self.session.delete()
210 self.session.delete()
195 return HTTPFound(url('home'))
211 return HTTPFound(url('home'))
196
212
@@ -338,6 +354,10 b' class LoginView(BaseAppView):'
338 form_result, password_reset_url)
354 form_result, password_reset_url)
339 # Display success message and redirect.
355 # Display success message and redirect.
340 self.session.flash(msg, queue='success')
356 self.session.flash(msg, queue='success')
357
358 audit_logger.store(action='user.password.reset_request',
359 action_data={'email': user_email},
360 user=self._rhodecode_user, commit=True)
341 return HTTPFound(self.request.route_path('reset_password'))
361 return HTTPFound(self.request.route_path('reset_password'))
342
362
343 except formencode.Invalid as errors:
363 except formencode.Invalid as errors:
@@ -29,6 +29,11 b' log = logging.getLogger(__name__)'
29
29
30
30
31 ACTIONS = {
31 ACTIONS = {
32 'user.login.success': {},
33 'user.login.failure': {},
34 'user.logout': {},
35 'user.password.reset_request': {},
36
32 'repo.add': {},
37 'repo.add': {},
33 'repo.edit': {},
38 'repo.edit': {},
34 }
39 }
General Comments 0
You need to be logged in to leave comments. Login now