mirror of
https://github.com/pelican-dev/panel.git
synced 2025-05-19 17:34:45 +02:00
Add missing auth activity logs (#1372)
This commit is contained in:
Boy132
GitHub
parent
7034c4d013
commit
258c97bf14
@ -1,11 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Events\Auth;
|
||||
|
||||
use App\Models\User;
|
||||
use App\Events\Event;
|
||||
|
||||
class DirectLogin extends Event
|
||||
{
|
||||
public function __construct(public User $user, public bool $remember) {}
|
||||
}
|
||||
@ -1,16 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Events\Auth;
|
||||
|
||||
use App\Events\Event;
|
||||
use Illuminate\Queue\SerializesModels;
|
||||
|
||||
class FailedPasswordReset extends Event
|
||||
{
|
||||
use SerializesModels;
|
||||
|
||||
/**
|
||||
* Create a new event instance.
|
||||
*/
|
||||
public function __construct(public string $ip, public string $email) {}
|
||||
}
|
||||
@ -288,6 +288,8 @@ class EditProfile extends BaseEditProfile
|
||||
);
|
||||
|
||||
Activity::event('user:api-key.create')
|
||||
->actor($user)
|
||||
->subject($user)
|
||||
->subject($token->accessToken)
|
||||
->property('identifier', $token->accessToken->identifier)
|
||||
->log();
|
||||
|
||||
@ -2,8 +2,10 @@
|
||||
|
||||
namespace App\Filament\Pages\Auth;
|
||||
|
||||
use App\Events\Auth\ProvidedAuthenticationToken;
|
||||
use App\Extensions\Captcha\Providers\CaptchaProvider;
|
||||
use App\Extensions\OAuth\Providers\OAuthProvider;
|
||||
use App\Facades\Activity;
|
||||
use App\Models\User;
|
||||
use Filament\Facades\Filament;
|
||||
use Filament\Forms\Components\Actions;
|
||||
@ -54,6 +56,11 @@ class Login extends BaseLogin
|
||||
if ($token === null) {
|
||||
$this->verifyTwoFactor = true;
|
||||
|
||||
Activity::event('auth:checkpoint')
|
||||
->withRequestMetadata()
|
||||
->subject($user)
|
||||
->log();
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
@ -64,11 +71,18 @@ class Login extends BaseLogin
|
||||
$token,
|
||||
Config::integer('panel.auth.2fa.window'),
|
||||
);
|
||||
|
||||
if ($isValidToken) {
|
||||
event(new ProvidedAuthenticationToken($user));
|
||||
}
|
||||
} else {
|
||||
foreach ($user->recoveryTokens as $recoveryToken) {
|
||||
if (password_verify($token, $recoveryToken->token)) {
|
||||
$isValidToken = true;
|
||||
$recoveryToken->delete();
|
||||
|
||||
event(new ProvidedAuthenticationToken($user, true));
|
||||
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,7 +4,7 @@ namespace App\Listeners\Auth;
|
||||
|
||||
use App\Facades\Activity;
|
||||
use Illuminate\Auth\Events\Failed;
|
||||
use App\Events\Auth\DirectLogin;
|
||||
use Illuminate\Auth\Events\Login;
|
||||
|
||||
class AuthenticationListener
|
||||
{
|
||||
@ -12,9 +12,10 @@ class AuthenticationListener
|
||||
* Handles an authentication event by logging the user and information about
|
||||
* the request.
|
||||
*/
|
||||
public function handle(Failed|DirectLogin $event): void
|
||||
public function handle(Failed|Login $event): void
|
||||
{
|
||||
$activity = Activity::withRequestMetadata();
|
||||
|
||||
if ($event->user) {
|
||||
$activity = $activity->subject($event->user);
|
||||
}
|
||||
|
||||
@ -2,22 +2,14 @@
|
||||
|
||||
namespace App\Listeners\Auth;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use App\Facades\Activity;
|
||||
use Illuminate\Auth\Events\PasswordReset;
|
||||
|
||||
class PasswordResetListener
|
||||
{
|
||||
protected Request $request;
|
||||
|
||||
public function __construct(Request $request)
|
||||
{
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
public function handle(PasswordReset $event): void
|
||||
{
|
||||
Activity::event('event:password-reset')
|
||||
Activity::event('auth:password-reset')
|
||||
->withRequestMetadata()
|
||||
->subject($event->user)
|
||||
->log();
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user