jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Raise login event

Browse Source
This commit is contained in:
Johannes Zellner
2023-07-24 19:24:03 +02:00
parent 3d5c21d9ca
commit e97747762e
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/oidc.js
View File

@@ -22,6 +22,7 @@ const assert = require('assert'),
debug = require('debug')('box:oidc'),
ejs = require('ejs'),
express = require('express'),
eventlog = require('./eventlog.js'),
fs = require('fs'),
middleware = require('./middleware'),
path = require('path'),
@@ -499,10 +500,12 @@ function interactionLogin(provider) {
const [detailsError, details] = await safe(provider.interactionDetails(req, res));
if (detailsError) return next(new HttpError(500, detailsError));
const prompt = details.prompt;
const name = prompt.name;
const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
const userAgent = req.headers['user-agent'] || '';
const auditSource = { authType: 'basic', ip };
const clientId = details.params.client_id;
assert.equal(name, 'login');
debug(`interactionLogin: for OpenID client ${clientId} from ${ip}`);
if (!req.body.username || typeof req.body.username !== 'string') return next(new HttpError(400, 'A username must be non-empty string'));
if (!req.body.password || typeof req.body.password !== 'string') return next(new HttpError(400, 'A password must be non-empty string'));
@@ -528,6 +531,9 @@ function interactionLogin(provider) {
const [interactionFinishError, redirectTo] = await safe(provider.interactionResult(req, res, result));
if (interactionFinishError) return next(new HttpError(500, interactionFinishError));
await eventlog.add(user.ghost ? eventlog.ACTION_USER_LOGIN_GHOST : eventlog.ACTION_USER_LOGIN, auditSource, { userId: user.id, user: users.removePrivateFields(user) });
if (!user.ghost) safe(users.notifyLoginLocation(user, ip, userAgent, auditSource), { debug });
debug(`route interaction login post result redirectTo:${redirectTo}`);
res.status(200).send({ redirectTo });