jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

eventlog: always use AuditSource objects as source field

Browse Source
This commit is contained in:
Girish Ramakrishnan
2023-08-26 08:18:58 +05:30
parent 246c45c1bc
commit d2c702f890
9 changed files with 34 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/oidc.js
View File

@@ -15,6 +15,7 @@ exports = module.exports = {
const assert = require('assert'),
apps = require('./apps.js'),
AuditSource = require('./auditsource.js'),
BoxError = require('./boxerror.js'),
blobs = require('./blobs.js'),
branding = require('./branding.js'),
@@ -510,7 +511,6 @@ function interactionLogin(provider) {
const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
const userAgent = req.headers['user-agent'] || '';
const auditSource = { authType: 'oidc', ip };
const clientId = details.params.client_id;
debug(`interactionLogin: for OpenID client ${clientId} from ${ip}`);
@@ -539,6 +539,7 @@ function interactionLogin(provider) {
const [interactionFinishError, redirectTo] = await safe(provider.interactionResult(req, res, result));
if (interactionFinishError) return next(new HttpError(500, interactionFinishError));
const auditSource = AuditSource.fromOidcRequest(req);
await eventlog.add(user.ghost ? eventlog.ACTION_USER_LOGIN_GHOST : eventlog.ACTION_USER_LOGIN, auditSource, { userId: user.id, user: users.removePrivateFields(user), appId: clientId });
if (!user.ghost) safe(users.notifyLoginLocation(user, ip, userAgent, auditSource), { debug });