2020-12-05 21:08:42 +00:00
|
|
|
"""authentik audit signal listener"""
|
2020-07-07 13:36:25 +00:00
|
|
|
from threading import Thread
|
|
|
|
from typing import Any, Dict, Optional
|
2020-02-21 20:27:25 +00:00
|
|
|
|
|
|
|
from django.contrib.auth.signals import (
|
|
|
|
user_logged_in,
|
|
|
|
user_logged_out,
|
|
|
|
user_login_failed,
|
|
|
|
)
|
2018-12-10 12:47:51 +00:00
|
|
|
from django.dispatch import receiver
|
2020-02-21 20:27:25 +00:00
|
|
|
from django.http import HttpRequest
|
2018-12-10 12:47:51 +00:00
|
|
|
|
2020-12-05 21:08:42 +00:00
|
|
|
from authentik.audit.models import Event, EventAction
|
|
|
|
from authentik.core.models import User
|
|
|
|
from authentik.core.signals import password_changed
|
|
|
|
from authentik.stages.invitation.models import Invitation
|
|
|
|
from authentik.stages.invitation.signals import invitation_created, invitation_used
|
|
|
|
from authentik.stages.user_write.signals import user_write
|
2020-07-07 13:46:57 +00:00
|
|
|
|
2020-07-07 13:36:25 +00:00
|
|
|
|
|
|
|
class EventNewThread(Thread):
|
|
|
|
"""Create Event in background thread"""
|
|
|
|
|
2020-09-21 18:16:14 +00:00
|
|
|
action: str
|
2020-07-07 13:36:25 +00:00
|
|
|
request: HttpRequest
|
|
|
|
kwargs: Dict[str, Any]
|
2020-07-07 13:46:57 +00:00
|
|
|
user: Optional[User] = None
|
2020-07-07 13:36:25 +00:00
|
|
|
|
2020-09-21 20:34:03 +00:00
|
|
|
def __init__(
|
|
|
|
self, action: str, request: HttpRequest, user: Optional[User] = None, **kwargs
|
|
|
|
):
|
2020-07-07 13:36:25 +00:00
|
|
|
super().__init__()
|
|
|
|
self.action = action
|
|
|
|
self.request = request
|
2020-09-21 20:34:03 +00:00
|
|
|
self.user = user
|
2020-07-07 13:36:25 +00:00
|
|
|
self.kwargs = kwargs
|
|
|
|
|
|
|
|
def run(self):
|
|
|
|
Event.new(self.action, **self.kwargs).from_http(self.request, user=self.user)
|
2018-12-10 12:47:51 +00:00
|
|
|
|
|
|
|
|
|
|
|
@receiver(user_logged_in)
|
2019-12-31 11:45:29 +00:00
|
|
|
# pylint: disable=unused-argument
|
2020-02-21 20:27:25 +00:00
|
|
|
def on_user_logged_in(sender, request: HttpRequest, user: User, **_):
|
2018-12-10 12:47:51 +00:00
|
|
|
"""Log successful login"""
|
2020-07-07 13:36:25 +00:00
|
|
|
thread = EventNewThread(EventAction.LOGIN, request)
|
|
|
|
thread.user = user
|
|
|
|
thread.run()
|
2018-12-10 12:47:51 +00:00
|
|
|
|
2019-12-31 11:45:29 +00:00
|
|
|
|
2018-12-10 12:47:51 +00:00
|
|
|
@receiver(user_logged_out)
|
2019-12-31 11:45:29 +00:00
|
|
|
# pylint: disable=unused-argument
|
2020-02-21 20:27:25 +00:00
|
|
|
def on_user_logged_out(sender, request: HttpRequest, user: User, **_):
|
2018-12-10 12:47:51 +00:00
|
|
|
"""Log successfully logout"""
|
2020-07-07 13:36:25 +00:00
|
|
|
thread = EventNewThread(EventAction.LOGOUT, request)
|
|
|
|
thread.user = user
|
|
|
|
thread.run()
|
2018-12-10 12:47:51 +00:00
|
|
|
|
2019-12-31 11:45:29 +00:00
|
|
|
|
2020-07-07 13:46:57 +00:00
|
|
|
@receiver(user_write)
|
|
|
|
# pylint: disable=unused-argument
|
2020-10-05 21:43:56 +00:00
|
|
|
def on_user_write(
|
|
|
|
sender, request: HttpRequest, user: User, data: Dict[str, Any], **kwargs
|
|
|
|
):
|
2020-07-07 13:46:57 +00:00
|
|
|
"""Log User write"""
|
2020-10-05 21:43:56 +00:00
|
|
|
thread = EventNewThread(EventAction.USER_WRITE, request, **data)
|
|
|
|
thread.kwargs["created"] = kwargs.get("created", False)
|
2020-07-07 13:46:57 +00:00
|
|
|
thread.user = user
|
|
|
|
thread.run()
|
|
|
|
|
|
|
|
|
2020-02-21 20:27:25 +00:00
|
|
|
@receiver(user_login_failed)
|
|
|
|
# pylint: disable=unused-argument
|
|
|
|
def on_user_login_failed(
|
|
|
|
sender, credentials: Dict[str, str], request: HttpRequest, **_
|
|
|
|
):
|
|
|
|
"""Failed Login"""
|
2020-07-07 13:36:25 +00:00
|
|
|
thread = EventNewThread(EventAction.LOGIN_FAILED, request, **credentials)
|
|
|
|
thread.run()
|
2018-12-10 13:05:27 +00:00
|
|
|
|
2019-12-31 11:45:29 +00:00
|
|
|
|
2018-12-10 13:21:42 +00:00
|
|
|
@receiver(invitation_created)
|
2019-12-31 11:45:29 +00:00
|
|
|
# pylint: disable=unused-argument
|
2020-07-07 13:46:57 +00:00
|
|
|
def on_invitation_created(sender, request: HttpRequest, invitation: Invitation, **_):
|
2018-12-10 13:49:15 +00:00
|
|
|
"""Log Invitation creation"""
|
2020-07-07 13:36:25 +00:00
|
|
|
thread = EventNewThread(
|
2020-07-07 13:46:57 +00:00
|
|
|
EventAction.INVITE_CREATED, request, invitation_uuid=invitation.invite_uuid.hex
|
2020-07-07 13:36:25 +00:00
|
|
|
)
|
|
|
|
thread.run()
|
2018-12-10 13:05:27 +00:00
|
|
|
|
2019-12-31 11:45:29 +00:00
|
|
|
|
2018-12-10 13:21:42 +00:00
|
|
|
@receiver(invitation_used)
|
2019-12-31 11:45:29 +00:00
|
|
|
# pylint: disable=unused-argument
|
2020-07-07 13:46:57 +00:00
|
|
|
def on_invitation_used(sender, request: HttpRequest, invitation: Invitation, **_):
|
2018-12-10 13:49:15 +00:00
|
|
|
"""Log Invitation usage"""
|
2020-07-07 13:36:25 +00:00
|
|
|
thread = EventNewThread(
|
2020-07-07 13:46:57 +00:00
|
|
|
EventAction.INVITE_USED, request, invitation_uuid=invitation.invite_uuid.hex
|
2019-12-31 11:51:16 +00:00
|
|
|
)
|
2020-07-07 13:36:25 +00:00
|
|
|
thread.run()
|
2020-10-05 21:43:56 +00:00
|
|
|
|
|
|
|
|
|
|
|
@receiver(password_changed)
|
|
|
|
# pylint: disable=unused-argument
|
|
|
|
def on_password_changed(sender, user: User, password: str, **_):
|
|
|
|
"""Log password change"""
|
|
|
|
thread = EventNewThread(EventAction.PASSWORD_SET, None, user=user)
|
|
|
|
thread.run()
|