Moonlight-Panel/Moonlight
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added audit logging. Added admin view for audit log

Browse Source
This commit is contained in:
Marcel Baumgartner
2023-03-06 02:21:23 +01:00
parent d7b10aa224
commit 62cd63f56b
39 changed files with 2754 additions and 153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
Moonlight/App/Services/Sessions/IdentityService.cs
View File

@@ -4,7 +4,9 @@ using JWT.Builder;
using JWT.Exceptions;
using Logging.Net;
using Moonlight.App.Database.Entities;
using Moonlight.App.Models.Misc;
using Moonlight.App.Repositories;
using Moonlight.App.Services.LogServices;
using UAParser;
namespace Moonlight.App.Services.Sessions;
@@ -13,6 +15,8 @@ public class IdentityService
{
private readonly UserRepository UserRepository;
private readonly CookieService CookieService;
private readonly SecurityLogService SecurityLogService;
private readonly ErrorLogService ErrorLogService;
private readonly IHttpContextAccessor HttpContextAccessor;
private readonly string Secret;
@@ -22,11 +26,15 @@ public class IdentityService
CookieService cookieService,
UserRepository userRepository,
IHttpContextAccessor httpContextAccessor,
ConfigService configService)
ConfigService configService,
SecurityLogService securityLogService,
ErrorLogService errorLogService)
{
CookieService = cookieService;
UserRepository = userRepository;
HttpContextAccessor = httpContextAccessor;
SecurityLogService = securityLogService;
ErrorLogService = errorLogService;
Secret = configService
.GetSection("Moonlight")
@@ -81,14 +89,12 @@ public class IdentityService
}
catch (SignatureVerificationException)
{
//TODO: Heavy warn and write it to the logs
Logger.Warn("Someone tried to modify his data: " + token);
await SecurityLogService.Log(SecurityLogType.ManipulatedJwt, token);
return null;
}
catch (Exception e)
{
Logger.Warn("Error parsing and validating token");
Logger.Warn(e);
await ErrorLogService.Log(e);
return null;
}
@@ -117,19 +123,14 @@ public class IdentityService
var issuedAt = DateTimeOffset.FromUnixTimeSeconds(iat).DateTime;
if (issuedAt < user.TokenValidTime.ToUniversalTime())
{
//TODO: Remove at publish
//Logger.Debug($"Old token found: {issuedAt.ToShortDateString()} {issuedAt.ToShortTimeString()} Current valid token time {userData.TokenValidTime.ToUniversalTime().ToShortDateString()} {userData.TokenValidTime.ToUniversalTime().ToShortTimeString()}");
return null;
}
UserCache = user;
return UserCache;
}
catch (Exception e)
{
Logger.Warn("Error loading user");
Logger.Warn(e);
await ErrorLogService.Log(e);
return null;
}
}