eventlog: always use AuditSource objects as source field

src/routes/auth.js

@@ -32,7 +32,6 @@ async function login(req, res, next) {
     const type = req.body.type || tokens.ID_WEBADMIN;
     const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
     const userAgent = req.headers['user-agent'] || '';
-    const auditSource = { authType: 'basic', ip };
 
     let error = tokens.validateTokenType(type);
     if (error) return next(new HttpError(400, error.message));
@@ -41,8 +40,8 @@ async function login(req, res, next) {
     [error, token] = await safe(tokens.add({ clientId: type, identifier: req.user.id, expires: Date.now() + constants.DEFAULT_TOKEN_EXPIRATION_MSECS }));
     if (error) return next(new HttpError(500, error));
 
-    await eventlog.add(req.user.ghost ? eventlog.ACTION_USER_LOGIN_GHOST : eventlog.ACTION_USER_LOGIN, auditSource, { userId: req.user.id, user: users.removePrivateFields(req.user) });
-
+    const auditSource = AuditSource.fromRequest(req);
+    await eventlog.add(req.user.ghost ? eventlog.ACTION_USER_LOGIN_GHOST : eventlog.ACTION_USER_LOGIN, auditSource, { userId: req.user.id, user: users.removePrivateFields(req.user), type, appId: tokens.ID_CLI });
     if (!req.user.ghost) safe(users.notifyLoginLocation(req.user, ip, userAgent, auditSource), { debug });
 
     next(new HttpSuccess(200, token));