MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added user last access support, #3319

This commit is contained in:
Ylian Saint-Hilaire 2021-12-04 13:08:17 -08:00
parent 8f36513078
commit 4fa629f825
5 changed files with 62 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
meshdesktopmultiplex.js
View File

@ -131,6 +131,25 @@ function CreateDesktopMultiplexor(parent, domain, nodeid, func) {
if ((typeof sr == 'number') && (sr > 0) && (sr < 1000)) { peer.slowRelay = sr; }
}
// Update user last access time
if ((peer.user != null) && (peer.guestName == null)) {
const user = parent.users[peer.user._id];
if (user != null) {
const timeNow = Math.floor(Date.now() / 1000);
if (user.access < (timeNow - 300)) { // Only update user access time if longer than 5 minutes
user.access = timeNow;
parent.db.SetUser(user);
// Event the change
var message = { etype: 'user', userid: user._id, username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', domain: domain.id, nolog: 1 };
if (parent.db.changeStream) { message.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, message);
}
}
}
// Check session recording
var startRecord = false;
if (typeof domain.sessionrecording == 'object') {

16
meshrelay.js
View File

@ -508,6 +508,22 @@ function CreateMeshRelayEx(parent, ws, req, domain, user, cookie) {
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: sessionUser._id, username: sessionUser.name, msgid: msgid, msgArgs: [obj.id, obj.peer.req.clientIp, req.clientIp], msg: msg + ' \"' + obj.id + '\" from ' + obj.peer.req.clientIp + ' to ' + req.clientIp, protocol: req.query.p, nodeid: req.query.nodeid };
if (obj.guestname) { event.guestname = obj.guestname; } else if (relayinfo.peer1.guestname) { event.guestname = relayinfo.peer1.guestname; } // If this is a sharing session, set the guest name here.
parent.parent.DispatchEvent(['*', sessionUser._id], obj, event);
// Update user last access time
if ((obj.user != null) && (obj.guestname == null)) {
const timeNow = Math.floor(Date.now() / 1000);
if (obj.user.access < (timeNow - 300)) { // Only update user access time if longer than 5 minutes
obj.user.access = timeNow;
parent.db.SetUser(obj.user);
// Event the change
var message = { etype: 'user', userid: obj.user._id, username: obj.user.name, account: parent.CloneSafeUser(obj.user), action: 'accountchange', domain: domain.id, nolog: 1 };
if (parent.db.changeStream) { message.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
var targets = ['*', 'server-users', obj.user._id];
if (obj.user.groups) { for (var i in obj.user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, message);
}
}
}
} else {
// Connected already, drop (TODO: maybe we should re-connect?)

16
meshuser.js
View File

@ -186,6 +186,22 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
obj.ws.xclosed = 10; // DEBUG
// Update user last access time
if (obj.user != null) {
const timeNow = Math.floor(Date.now() / 1000);
if (obj.user.access < (timeNow - 300)) { // Only update user access time if longer than 5 minutes
obj.user.access = timeNow;
parent.db.SetUser(user);
// Event the change
var message = { etype: 'user', userid: obj.user._id, username: obj.user.name, account: parent.CloneSafeUser(obj.user), action: 'accountchange', domain: domain.id, nolog: 1 };
if (parent.db.changeStream) { message.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
var targets = ['*', 'server-users', obj.user._id];
if (obj.user.groups) { for (var i in obj.user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, message);
}
}
// Aggressive cleanup
delete obj.user;
delete obj.domain;

3
views/default.handlebars
View File

@ -13492,7 +13492,8 @@
}
if (sessions == 1) { lastAccess += nobreak("1 session"); } else { lastAccess += nobreak(format("{0} sessions", sessions)); }
} else {
if (user.login) { lastAccess += '<span title="' + format("Last login: {0}", printDateTime(new Date(user.login * 1000))) + '">' + printDate(new Date(user.login * 1000)) + '</span>'; }
if (user.access) { lastAccess += '<span title="' + format("Last access: {0}", printDateTime(new Date(user.access * 1000))) + '">' + printDate(new Date(user.access * 1000)) + '</span>'; }
else if (user.login) { lastAccess += '<span title="' + format("Last login: {0}", printDateTime(new Date(user.login * 1000))) + '">' + printDate(new Date(user.login * 1000)) + '</span>'; }
}
if (self) { permissions += '<a href=# style=cursor:pointer onclick=\'return showUserAdminDialog(event,"' + encodeURIComponentEx(user._id) + '")\'>'; }
if ((user.siteadmin != null) && ((user.siteadmin & 32) != 0) && (user.siteadmin != 0xFFFFFFFF)) { permissions += "Locked" + ',&nbsp;'; }

18
webserver.js
View File

@ -476,7 +476,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (user == null) {
// Create a new user
var user = { type: 'user', _id: userid, name: username, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id };
var user = { type: 'user', _id: userid, name: username, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000), domain: domain.id };
if (email) { user['email'] = email; user['emailVerified'] = true; }
if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; }
if (obj.common.validateStrArray(domain.newaccountrealms)) { user.groups = domain.newaccountrealms; }
@ -586,7 +586,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (user == null) {
// This user does not exist, create a new account.
var user = { type: 'user', _id: userid, name: username, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id };
var user = { type: 'user', _id: userid, name: username, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000), domain: domain.id };
if (email) { user['email'] = email; user['emailVerified'] = true; }
if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; }
if (obj.common.validateStrArray(domain.newaccountrealms)) { user.groups = domain.newaccountrealms; }
@ -1221,7 +1221,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Save login time
user.pastlogin = user.login;
user.login = Math.floor(Date.now() / 1000);
user.login = user.access = Math.floor(Date.now() / 1000);
obj.db.SetUser(user);
// Notify account login
@ -1381,7 +1381,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
req.session.loginmode = 2;
req.session.messageid = 104; // Username already exists.
} else {
var user = { type: 'user', _id: 'user/' + domain.id + '/' + req.body.username.toLowerCase(), name: req.body.username, email: req.body.email, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id };
var user = { type: 'user', _id: 'user/' + domain.id + '/' + req.body.username.toLowerCase(), name: req.body.username, email: req.body.email, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000), domain: domain.id };
if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; }
if (obj.common.validateStrArray(domain.newaccountrealms)) { user.groups = domain.newaccountrealms; }
if ((domain.passwordrequirements != null) && (domain.passwordrequirements.hint === true) && (req.body.apasswordhint)) { var hint = req.body.apasswordhint; if (hint.length > 250) { hint = hint.substring(0, 250); } user.passhint = hint; }
@ -1508,7 +1508,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
user.salt = salt;
user.hash = hash;
user.passchange = nowSeconds;
user.passchange = user.access = nowSeconds;
delete user.passtype;
obj.db.SetUser(user);
@ -1819,7 +1819,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
userinfo.salt = salt;
userinfo.hash = hash;
delete userinfo.passtype;
userinfo.passchange = Math.floor(Date.now() / 1000);
userinfo.passchange = userinfo.access = Math.floor(Date.now() / 1000);
delete userinfo.passhint;
obj.db.SetUser(userinfo);
@ -2323,7 +2323,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
}
user.salt = salt;
user.hash = hash;
user.passchange = nowSeconds;
user.passchange = user.access = nowSeconds;
delete user.passtype;
obj.db.SetUser(user);
@ -2361,7 +2361,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (newAccountAllowed === true) {
// Create the user
parent.debug('web', 'handleStrategyLogin: creating new user: ' + userid);
user = { type: 'user', _id: userid, name: req.user.name, email: req.user.email, creation: Math.floor(Date.now() / 1000), domain: domain.id };
user = { type: 'user', _id: userid, name: req.user.name, email: req.user.email, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000), domain: domain.id };
if (req.user.email != null) { user.email = req.user.email; user.emailVerified = true; }
if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; } // New accounts automatically assigned server rights.
if (domain.authstrategies[req.user.strategy].newaccountsrights) { user.siteadmin = obj.common.meshServerRightsArrayToNumber(domain.authstrategies[req.user.strategy].newaccountsrights); } // If there are specific SSO server rights, use these instead.
@ -2554,7 +2554,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
user = obj.users[req.session.userid];
if ((user == null) || (user.sid != req.session.usersid)) {
// Create the domain user
var usercount = 0, user2 = { type: 'user', _id: req.session.userid, name: req.connection.user, domain: domain.id, sid: req.session.usersid, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000) };
var usercount = 0, user2 = { type: 'user', _id: req.session.userid, name: req.connection.user, domain: domain.id, sid: req.session.usersid, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000) };
if (domain.newaccountsrights) { user2.siteadmin = domain.newaccountsrights; }
if (obj.common.validateStrArray(domain.newaccountrealms)) { user2.groups = domain.newaccountrealms; }
for (var i in obj.users) { if (obj.users[i].domain == domain.id) { usercount++; } }