MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Now putting SSO user login events in event log.

This commit is contained in:
Ylian Saint-Hilaire 2022-03-15 15:03:58 -07:00
parent 4252205b74
commit f9c6d8194c
2 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
views/default.handlebars
View File

@ -15871,6 +15871,7 @@
if (v == 'cookie') { return "Remember Device"; } if (v == 'cookie') { return "Remember Device"; }
if (v == 'tokenlogin') { return "Login Token"; } if (v == 'tokenlogin') { return "Login Token"; }
if (v == 'ipaddr') { return "IP Address"; } if (v == 'ipaddr') { return "IP Address"; }
if (v == 'sso') { return "Single Sign-on"; }
} }
return EscapeHtml(v); return EscapeHtml(v);
} }

16
webserver.js
View File

@ -2473,6 +2473,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
req.session.userid = userid; req.session.userid = userid;
setSessionRandom(req); setSessionRandom(req);
// Notify account login using SSO
var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
const ua = getUserAgentInfo(req);
const loginEvent = { etype: 'user', userid: user._id, username: user.name, account: obj.CloneSafeUser(user), action: 'login', msgid: 107, msgArgs: [req.clientIp, ua.browserStr, ua.osStr], msg: 'Account login', domain: domain.id, ip: req.clientIp, userAgent: req.headers['user-agent'], twoFactorType: 'sso' };
obj.parent.DispatchEvent(targets, obj, loginEvent);
} else { } else {
// New users not allowed // New users not allowed
parent.debug('web', 'handleStrategyLogin: Can\'t create new accounts'); parent.debug('web', 'handleStrategyLogin: Can\'t create new accounts');
@ -2489,7 +2496,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (userChange) { if (userChange) {
obj.db.SetUser(user); obj.db.SetUser(user);
// Event user creation // Event user change
var targets = ['*', 'server-users']; var targets = ['*', 'server-users'];
var event = { etype: 'user', userid: user._id, username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'Account changed', domain: domain.id }; var event = { etype: 'user', userid: user._id, username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'Account changed', domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to create the user. Another event will come. if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to create the user. Another event will come.
@ -2498,6 +2505,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
parent.debug('web', 'handleStrategyLogin: succesful login: ' + userid); parent.debug('web', 'handleStrategyLogin: succesful login: ' + userid);
req.session.userid = userid; req.session.userid = userid;
setSessionRandom(req); setSessionRandom(req);
// Notify account login using SSO
var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
const ua = getUserAgentInfo(req);
const loginEvent = { etype: 'user', userid: user._id, username: user.name, account: obj.CloneSafeUser(user), action: 'login', msgid: 107, msgArgs: [req.clientIp, ua.browserStr, ua.osStr], msg: 'Account login', domain: domain.id, ip: req.clientIp, userAgent: req.headers['user-agent'], twoFactorType: 'sso' };
obj.parent.DispatchEvent(targets, obj, loginEvent);
} }
} }
//res.redirect(domain.url); // This does not handle cookie correctly. //res.redirect(domain.url); // This does not handle cookie correctly.