Added audit logging. Added admin view for audit log

2023-03-06 02:21:23 +01:00
parent d7b10aa224
commit 62cd63f56b
39 changed files with 2754 additions and 153 deletions
--- a/Moonlight/App/Http/Controllers/Api/Moonlight/Notifications/PullController.cs
+++ b/Moonlight/App/Http/Controllers/Api/Moonlight/Notifications/PullController.cs
@@ -27,7 +27,7 @@ public class PullController : Controller
        Stream req = Request.Body;
        string jwt = await new StreamReader(req).ReadToEndAsync();

-        var dict = OneTimeJwtService.Validate(jwt);
+        var dict = await OneTimeJwtService.Validate(jwt);

        if (dict == null)
            return NotFound();
--- a/Moonlight/App/Http/Controllers/Api/Moonlight/ResourcesController.cs
+++ b/Moonlight/App/Http/Controllers/Api/Moonlight/ResourcesController.cs
@@ -1,5 +1,7 @@
 using Logging.Net;
 using Microsoft.AspNetCore.Mvc;
+using Moonlight.App.Models.Misc;
+using Moonlight.App.Services.LogServices;

 namespace Moonlight.App.Http.Controllers.Api.Moonlight;

@@ -7,12 +9,19 @@ namespace Moonlight.App.Http.Controllers.Api.Moonlight;
 [Route("api/moonlight/resources")]
 public class ResourcesController : Controller
 {
+    private readonly SecurityLogService SecurityLogService;
+
+    public ResourcesController(SecurityLogService securityLogService)
+    {
+        SecurityLogService = securityLogService;
+    }
+
    [HttpGet("images/{name}")]
-    public ActionResult GetImage([FromRoute] string name)
+    public async Task<ActionResult> GetImage([FromRoute] string name)
    {
        if (name.Contains(".."))
        {
-            //TODO: Add security warn
+            await SecurityLogService.Log(SecurityLogType.PathTransversal, name);
            return NotFound();
        }