Log relevant request info.
This commit is contained in:
parent
df2b3f7638
commit
d325b43c04
@ -7,6 +7,10 @@ class IPC::JSON
|
||||
def handle(service : AuthD::Service, fd : Int32)
|
||||
raise "unimplemented"
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
io << self.class.name.sub /[^:]+::[^:]+::/, ""
|
||||
end
|
||||
end
|
||||
|
||||
module AuthD
|
||||
|
||||
@ -9,6 +9,11 @@ class AuthD::Request
|
||||
def initialize(@login, @password, @admin, @email, @profile)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (login: #{@login}, email: #{@email})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user_full? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
@ -56,6 +61,11 @@ class AuthD::Request
|
||||
def initialize(@login, @password, @email, @profile = nil)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (login: #{@login}, email: #{email})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
# Check if there already is a registered user.
|
||||
if authd.users.to_a.size > 0
|
||||
@ -90,6 +100,11 @@ class AuthD::Request
|
||||
def initialize(@token)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (token size: #{@token.size})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user_full? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
|
||||
@ -6,6 +6,11 @@ class AuthD::Request
|
||||
def initialize(@user = nil)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user_full? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
|
||||
@ -22,6 +22,11 @@ class AuthD::Request
|
||||
def initialize(@login, @password)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (login: #{@login})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
begin
|
||||
user = authd.users_per_login.get @login
|
||||
|
||||
@ -10,6 +10,11 @@ class AuthD::Request
|
||||
def initialize(@login, @password_hash_brkn, @admin = false, @email = nil, @profile = nil)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (login: #{@login}, admin: #{@admin})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user_full? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
|
||||
@ -8,6 +8,11 @@ class AuthD::Request
|
||||
def initialize(@user, @admin, @password, @email)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user}, admin: #{@admin})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user_full? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
|
||||
@ -6,6 +6,11 @@ class AuthD::Request
|
||||
def initialize(@login = nil, @email = nil)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (login: #{@login})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
if @login.nil? && @email.nil?
|
||||
return Response::ErrorUserNotFound.new
|
||||
@ -54,6 +59,11 @@ class AuthD::Request
|
||||
def initialize(@user, @password_renew_key, @new_password)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user}, password_renew_key: #{@password_renew_key})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
user = authd.user? @user
|
||||
# This is a way for an attacker to know what are the valid logins.
|
||||
|
||||
@ -7,6 +7,11 @@ class AuthD::Request
|
||||
def initialize(@user, @service, @resource)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user}, service: #{@service}, resource: #{@resource})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user_full? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
@ -42,6 +47,11 @@ class AuthD::Request
|
||||
def initialize(@user, @service, @resource, @permission)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user}, service: #{@service}, resource: #{@resource}, permission: #{@permission})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user_full? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
|
||||
@ -8,6 +8,11 @@ class AuthD::Request
|
||||
def initialize(@new_profile_entries, @user = nil)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user_full? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
|
||||
@ -8,6 +8,11 @@ class AuthD::Request
|
||||
def initialize(@login, @password, @email, @profile)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (login: #{@login})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
unless authd.configuration.registrations
|
||||
return Response::ErrorRegistrationsClosed.new
|
||||
|
||||
@ -9,6 +9,11 @@ class AuthD::Request
|
||||
def initialize(@regex = nil, @offset = 0)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (regex: #{@regex}, offset: #{@offset})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user_full? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
|
||||
@ -6,6 +6,11 @@ class AuthD::Request
|
||||
def initialize(@user, @activation_key)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user}, activation_key: #{@activation_key})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
user = authd.user? @user
|
||||
# This is a way for an attacker to know what are the valid logins.
|
||||
@ -40,6 +45,11 @@ class AuthD::Request
|
||||
def initialize(@user)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user})"
|
||||
end
|
||||
|
||||
def handle(authd : AuthD::Service, fd : Int32)
|
||||
logged_user = authd.get_logged_user? fd
|
||||
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
||||
|
||||
@ -4,6 +4,12 @@ class AuthD::Response
|
||||
property email : String? = nil
|
||||
def initialize(@user, @email)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user}, email: #{@email})"
|
||||
end
|
||||
end
|
||||
|
||||
AuthD.responses << Contacts
|
||||
end
|
||||
|
||||
@ -9,6 +9,11 @@ class AuthD::Response
|
||||
property email : String
|
||||
def initialize(@email)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (email: #{@email})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << NewEmailAddressValidated
|
||||
end
|
||||
|
||||
@ -3,6 +3,11 @@ class AuthD::Response
|
||||
property reason : String? = nil
|
||||
def initialize(@reason)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (reason: #{@reason})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << Error
|
||||
|
||||
@ -70,6 +75,11 @@ class AuthD::Response
|
||||
property read_only_keys : Array(String)
|
||||
def initialize(@read_only_keys)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (read_only_keys: #{@read_only_keys.join(",")})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << ErrorReadOnlyProfileKeys
|
||||
|
||||
|
||||
@ -6,6 +6,11 @@ class AuthD::Response
|
||||
property pending_email : String? = nil
|
||||
def initialize(@token, @uid, @current_email, @pending_email)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (uid: #{@uid})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << Login
|
||||
end
|
||||
|
||||
@ -6,6 +6,11 @@ class AuthD::Response
|
||||
property permission : ::AuthD::User::PermissionLevel
|
||||
def initialize(@service, @resource, @user, @permission)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user}, service: #{@service}, resource: #{@resource}, permission: #{@permission})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << PermissionCheck
|
||||
|
||||
@ -16,6 +21,11 @@ class AuthD::Response
|
||||
property permission : ::AuthD::User::PermissionLevel
|
||||
def initialize(@user, @service, @resource, @permission)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user: #{@user}, service: #{@service}, resource: #{@resource}, permission: #{@permission})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << PermissionSet
|
||||
end
|
||||
|
||||
@ -3,6 +3,11 @@ class AuthD::Response
|
||||
property user : ::AuthD::User::Public
|
||||
def initialize(@user)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user public data: #{@user})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << User
|
||||
|
||||
@ -10,6 +15,11 @@ class AuthD::Response
|
||||
property user : ::AuthD::User::Public
|
||||
def initialize(@user)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user public data: #{@user})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << UserAdded
|
||||
|
||||
@ -17,6 +27,11 @@ class AuthD::Response
|
||||
property uid : UInt32
|
||||
def initialize(@uid)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (uid: #{@uid})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << UserEdited
|
||||
|
||||
@ -24,6 +39,11 @@ class AuthD::Response
|
||||
property user : ::AuthD::User::Public
|
||||
def initialize(@user)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (user public data: #{@user})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << UserValidated
|
||||
|
||||
@ -31,6 +51,11 @@ class AuthD::Response
|
||||
property users : Array(::AuthD::User::Public)
|
||||
def initialize(@users)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (users public data: #{(@users.map &.uid).join ","})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << UsersList
|
||||
|
||||
@ -38,6 +63,11 @@ class AuthD::Response
|
||||
property users : Array(::AuthD::User::Public)
|
||||
def initialize(@users)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (users public data: #{(@users.map &.uid).join ","})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << MatchingUsers
|
||||
|
||||
@ -45,6 +75,11 @@ class AuthD::Response
|
||||
property uid : UInt32
|
||||
def initialize(@uid)
|
||||
end
|
||||
|
||||
def to_s(io : IO)
|
||||
super io
|
||||
io << " (uid: #{@uid})"
|
||||
end
|
||||
end
|
||||
AuthD.responses << UserDeleted
|
||||
end
|
||||
|
||||
@ -148,16 +148,16 @@ class AuthD::Service < IPC
|
||||
response = begin
|
||||
request.handle self, event.fd
|
||||
rescue e : UserNotFound
|
||||
Baguette::Log.error "(fd #{ "%4d" % event.fd}) #{request_name} user not found"
|
||||
Baguette::Log.error "(fd #{ "%4d" % event.fd}) #{request} user not found"
|
||||
AuthD::Response::Error.new "authorization error"
|
||||
rescue e : AuthenticationInfoLacking
|
||||
Baguette::Log.error "(fd #{ "%4d" % event.fd}) #{request_name} lacking authentication info"
|
||||
Baguette::Log.error "(fd #{ "%4d" % event.fd}) #{request} lacking authentication info"
|
||||
AuthD::Response::Error.new "authorization error"
|
||||
rescue e : AdminAuthorizationException
|
||||
Baguette::Log.error "(fd #{ "%4d" % event.fd}) #{request_name} admin authentication failed"
|
||||
Baguette::Log.error "(fd #{ "%4d" % event.fd}) #{request} admin authentication failed"
|
||||
AuthD::Response::Error.new "authorization error"
|
||||
rescue e
|
||||
Baguette::Log.error "(fd #{ "%4d" % event.fd}) #{request_name} generic error #{e}"
|
||||
Baguette::Log.error "(fd #{ "%4d" % event.fd}) #{request} generic error #{e}"
|
||||
AuthD::Response::Error.new "unknown error"
|
||||
end
|
||||
|
||||
@ -169,13 +169,11 @@ class AuthD::Service < IPC
|
||||
|
||||
duration = Time.utc - request_start
|
||||
|
||||
response_name = response.class.name.sub /^AuthD::Response::/, ""
|
||||
|
||||
if response.is_a? AuthD::Response::Error
|
||||
Baguette::Log.warning "fd #{ "%4d" % event.fd} (#{duration}) #{request_name} >> #{response_name} (#{response.reason})"
|
||||
Baguette::Log.warning "fd #{ "%4d" % event.fd} (#{duration}) #{request} >> #{response}"
|
||||
else
|
||||
if request_name != "KeepAlive" || should_display? AUTHMESSAGE::KEEPALIVE
|
||||
Baguette::Log.debug "fd #{ "%4d" % event.fd} (#{duration}) #{request_name} >> #{response_name}"
|
||||
Baguette::Log.debug "fd #{ "%4d" % event.fd} (#{duration}) #{request} >> #{response}"
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
Loading…
Reference in New Issue
Block a user