Главная Обзор Помощь
Вход
yosoyhendrix
/
hestiacp
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Просмотр исходного кода

Log browser user agent

Kristan Kenney 5 лет назад
Родитель
222898e961
Сommit
5395a9dee5
6 измененных файлов с 87 добавлено и 69 удалено
Разделённый вид Показать статистику Diff
  1. 17 12
      bin/v-list-user-auth-log
  2. 4 3
      bin/v-log-user-login
  3. 7 11
      web/delete/log/auth/index.php
  4. 6 3
      web/login/index.php
  5. 17 27
      web/templates/admin/list_log_auth.html
  6. 36 13
      web/templates/user/list_log_auth.html

+ 17 - 12
bin/v-list-user-auth-log
Просмотреть файл 

@@ -28,14 +28,16 @@ json_list() {
 
         IP=$(echo "$str" |cut -f 6 -d \')
 
         ACTION=$(echo "$str" |cut -f 8 -d \')
 
         STATUS=$(echo "$str" |cut -f 10 -d \')
 
-        SESSION=$(echo "$str" |cut -f 12 -d \')
 
-        ACTIVE=$(echo "$str" |cut -f 14 -d \')
 
+        USER_AGENT=$(echo "$str" |cut -f 12 -d \')
 
+        SESSION=$(echo "$str" |cut -f 14 -d \')
 
+        ACTIVE=$(echo "$str" |cut -f 16 -d \')
 
         echo -n '    "'$i'": {
 
             "DATE": "'$DATE'",
 
             "TIME": "'$TIME'",
 
             "IP": "'$IP'",
 
             "ACTION": "'$ACTION'",
 
             "STATUS": "'$STATUS'",
 
+            "USER_AGENT": "'$USER_AGENT'",
 
             "SESSION": "'$SESSION'",
 
             "ACTIVE": "'$ACTIVE'"
 
         }'
 
@@ -59,9 +61,10 @@ shell_list() {
 
         IP=$(echo "$str" |cut -f 6 -d \')
 
         ACTION=$(echo "$str" |cut -f 8 -d \')
 
         STATUS=$(echo "$str" |cut -f 10 -d \')
 
-        SESSION=$(echo "$str" |cut -f 12 -d \')
 
-        ACTIVE=$(echo "$str" |cut -f 14 -d \')
 
-        echo "$DATE~$TIME~$IP~$ACTION~$STATUS~$SESSION~$ACTIVE"
 
+        USER_AGENT=$(echo "$str" |cut -f 12 -d \')
 
+        SESSION=$(echo "$str" |cut -f 14 -d \')
 
+        ACTIVE=$(echo "$str" |cut -f 16 -d \')
 
+        echo "$DATE~$TIME~$IP~$ACTION~$STATUS~$USER_AGENT~$SESSION~$ACTIVE"
 
     done
 
 }
 
 
@@ -74,25 +77,27 @@ plain_list() {
 
         IP=$(echo "$str" |cut -f 6 -d \')
 
         ACTION=$(echo "$str" |cut -f 8 -d \')
 
         STATUS=$(echo "$str" |cut -f 10 -d \')
 
-        SESSION=$(echo "$str" |cut -f 12 -d \')
 
-        ACTIVE=$(echo "$str" |cut -f 14 -d \')
 
-        echo -e "$DATE\t$TIME\t$IP\t$ACTION\t$STATUS\t$SESSION\t$ACTIVE"
 
+        USER_AGENT=$(echo "$str" |cut -f 12 -d \')
 
+        SESSION=$(echo "$str" |cut -f 14 -d \')
 
+        ACTIVE=$(echo "$str" |cut -f 16 -d \')
 
+        echo -e "$DATE\t$TIME\t$IP\t$ACTION\t$STATUS\t$USER_AGENT\t$SESSION\t$ACTIVE"
 
     done
 
 }
 
 
 # CSV list function
 
 csv_list() {
 
     IFS=$'\n'
 
-    echo "DATE,TIME,IP,ACTION,STATUS,SESSION,ACTIVE"
 
+    echo "DATE,TIME,IP,ACTION,STATUS,USER_AGENT,SESSION,ACTIVE"
 
     for str in $logs; do
 
         DATE=$(echo "$str" |cut -f 2 -d \')
 
         TIME=$(echo "$str" |cut -f 4 -d \')
 
         IP=$(echo "$str" |cut -f 6 -d \')
 
         ACTION=$(echo "$str" |cut -f 8 -d \')
 
         STATUS=$(echo "$str" |cut -f 10 -d \')
 
-        SESSION=$(echo "$str" |cut -f 12 -d \')
 
-        ACTIVE=$(echo "$str" |cut -f 14 -d \')
 
-        echo "$DATE,$TIME,$IP,$SESSION,$ACTIVE,$STATUS"
 
+        USER_AGENT=$(echo "$str" |cut -f 12 -d \')
 
+        SESSION=$(echo "$str" |cut -f 14 -d \')
 
+        ACTIVE=$(echo "$str" |cut -f 16 -d \')
 
+        echo "$DATE,$TIME,$IP,$ACTION,$STATUS,$USER_AGENT,$SESSION,$ACTIVE"
 
 
     done
 
 }

+ 4 - 3
bin/v-log-user-login
Просмотреть файл 

@@ -7,9 +7,10 @@ user=$1
 
 ip=$2
 
 status=$3
 
 session_id=$4
 
+user_agent=$5
 
 
 active="yes"
 
-if [ $status = "failed" ]; then
 
+if [ "$status" = "failed" ]; then
 
     active="no"
 
 fi
 
 
@@ -21,7 +22,7 @@ source $HESTIA/conf/hestia.conf
 
 #                    Verifications                         #
 
 #----------------------------------------------------------#
 
 
-check_args '2' "$#" 'USER IP SESSION_ID'
 
+check_args '2' "$#" 'USER IP SESSION_ID USER_AGENT'
 
 is_format_valid 'user' 'ip'
 
 is_object_valid 'user' 'USER' "$user"
 
 
@@ -38,7 +39,7 @@ fi
 
 #                       Action                             #
 
 #----------------------------------------------------------#
 
 
-echo "DATE='$date' TIME='$time' IP='$ip' ACTION='login' STATUS='$status' SESSION='$session_id' ACTIVE='$active'" >> $USER_DATA/auth.log
 
+echo "DATE='$date' TIME='$time' IP='$ip' ACTION='login' STATUS='$status' USER_AGENT='$user_agent' SESSION='$session_id' ACTIVE='$active'" >> $USER_DATA/auth.log
 
 
 #----------------------------------------------------------#
 
 #                       Hestia                             #

+ 7 - 11
web/delete/log/auth/index.php
Просмотреть файл 

@@ -13,8 +13,8 @@ if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
 
 // Clear log
 
 $v_username = escapeshellarg($user);
 
 exec (HESTIA_CMD."v-delete-user-auth-log ".$v_username, $output, $return_var);
 
-//check_return_code($return_var,$output);
 
-//unset($output);
 
+check_return_code($return_var,$output);
 
+unset($output);
 
 
 
 $ip = $_SERVER['REMOTE_ADDR'];
 
@@ -24,21 +24,17 @@ if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])){
 
     }
 
 } 
 $v_ip = escapeshellarg($ip);
 
+$user_agent = $_SERVER['HTTP_USER_AGENT'];
 
+$v_user_agent = escapeshellarg($user_agent);
 
     
 $v_session_id = escapeshellarg($_SESSION['token']);
 
-exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." success ".$v_session_id, $output, $return_var);
 
-
 
-// Render page
 
-//render_page($user, $TAB, 'list_auth');
 
+exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." success ".$v_session_id." ".$v_user_agent, $output, $return_var);
 
 
 // Flush session messages
 
 unset($_SESSION['error_msg']);
 
 unset($_SESSION['ok_msg']);
 
 
-if (($_SESSION['userContext'] === 'admin') && (isset($_SESSION['look']))) {
 
-    header("Location: /list/log/auth/?user=".$_SESSION['look']);
 
-} else {
 
-    header("Location: /list/log/auth/?user=".$_SESSION['user']);
 
-}
 
+// Return to authentication history
 
+header("Location: /list/log/auth/");
 
 
 exit;

+ 6 - 3
web/login/index.php
Просмотреть файл 

@@ -92,12 +92,15 @@ function authenticate_user($user, $password, $twofa = ''){
 
     if(isset($_SESSION['token']) && isset($_POST['token']) && $_POST['token'] == $_SESSION['token']) {
 
     $v_user = escapeshellarg($user);
 
     $ip = $_SERVER['REMOTE_ADDR'];
 
+    $user_agent = $_SERVER['HTTP_USER_AGENT'];
 
     if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])){
 
         if(!empty($_SERVER['HTTP_CF_CONNECTING_IP'])){
 
             $ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
 
         }
 
     }
 
     $v_ip = escapeshellarg($ip);
 
+    $v_user_agent = escapeshellarg($user_agent);
 
+
 
      // Get user's salt
 
     $output = '';
 
     exec (HESTIA_CMD."v-get-user-salt ".$v_user." ".$v_ip." json" , $output, $return_var);
 
@@ -138,7 +141,7 @@ function authenticate_user($user, $password, $twofa = ''){
 
                 sleep(2);
 
                 $error = "<a class=\"error\">"._('Invalid username or password')."</a>";
 
                 $v_session_id = escapeshellarg($_POST['token']);
 
-                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_session_id, $output, $return_var);
 
+                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_session_id." ".$v_user_agent, $output, $return_var);
 
 
                 return $error;
 
             } else {
 
@@ -162,7 +165,7 @@ function authenticate_user($user, $password, $twofa = ''){
 
                                 $_SESSION['login']['username'] = $user;
 
                                 $_SESSION['login']['password'] = $password;
 
                                 $v_session_id = escapeshellarg($_POST['token']);
 
-                                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_session_id, $output, $return_var);
 
+                                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_session_id." ".$v_user_agent, $output, $return_var);
 
                                 return $error;
 
                                 unset($_POST['twofa']);
 
                             }
 
@@ -176,7 +179,7 @@ function authenticate_user($user, $password, $twofa = ''){
 
                 $v_user = $_SESSION['user'];
 
                 //log successfull login attempt
 
                 $v_session_id = escapeshellarg($_POST['token']);
 
-                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." success ".$v_session_id, $output, $return_var);
 
+                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." success ".$v_session_id." ".$v_user_agent, $output, $return_var);
 
 
                 $_SESSION['LAST_ACTIVITY'] = time();
 
                 $_SESSION['MURMUR'] = $_POST['murmur'];

+ 17 - 27
web/templates/admin/list_log_auth.html
Просмотреть файл 

@@ -23,18 +23,16 @@
 
 <div class="l-center units">
 
 <div class="header table-header">     
     <div class="l-unit__col l-unit__col--right">
 
-      <div class="clearfix l-unit__stat-col--left super-compact">
 
-        &nbsp;
 
+      <div class="clearfix l-unit__stat-col--left compact text-center">
 
+        <b><?php print _('Active');?></b>
 
       </div>
 
-      <div class="clearfix l-unit__stat-col--left super-compact">
 
-        &nbsp;
 
+      <div class="clearfix l-unit__stat-col--left small text-center">
 
+        <b><?php print _('Status');?></b>
 
       </div>
 
-      <div class="clearfix l-unit__stat-col--left super-compact">
 
-        &nbsp;
 
-      </div>
 
-      <div class="clearfix l-unit__stat-col--left small"><b><?php print _('Date');?></b></div>
 
-      <div class="clearfix l-unit__stat-col--left"><b><?php print _('Time');?></b></div>
 
+      <div class="clearfix l-unit__stat-col--left"><b><?php print _('Date');?></b></div>
 
+      <div class="clearfix l-unit__stat-col--left compact"><b><?php print _('Time');?></b></div>
 
       <div class="clearfix l-unit__stat-col--left"><b><?php print _('IP address');?></b></div>
 
+      <div class="clearfix l-unit__stat-col--left wide-6"><b><?php print _('Browser');?></b></div>
 
     </div>
 
   </div> 
 <?php
 
@@ -43,34 +41,26 @@
 
   ?>
 
   <div class="l-unit header animated fadeIn">
 
     <div class="l-unit__col l-unit__col--right">
 
-      <div class="clearfix l-unit__stat-col--left super-compact">
 
+      <div class="clearfix l-unit__stat-col--left compact text-center">
 
         <? if ($data[$key]['ACTION'] == 'login') { ?>
 
-          <i class="fas fa-sign-in-alt status-icon dim icon-pad-right" title="<?=_('Login')?>"></i>
 
+          <? if ($data[$key]['ACTIVE'] === 'yes') {?>
 
+            <i class="fas fa-sign-in-alt status-icon maroon icon-pad-right" title="<?=_('Login')?>"></i>
 
+          <? } else {?>
 
+            <i class="fas fa-sign-in-alt status-icon dim icon-pad-right" title="<?=_('Login')?>"></i>
 
+          <? } ?>
 
         <? } ?>
 
       </div>
 
-      <div class="clearfix l-unit__stat-col--left super-compact">
 
+      <div class="clearfix l-unit__stat-col--left small text-center">
 
         <? if ($data[$key]['STATUS'] == 'success') { ?>
 
           <i class="fas fa-check-circle status-icon green icon-pad-right" title="<?=_('Success')?>"></i>
 
         <? } else {?>
 
           <i class="fas fa-minus-circle status-icon red icon-pad-right" title="<?=_('Failed')?>"></i>
 
         <? } ?>
 
       </div>
 
-      <div class="clearfix l-unit__stat-col--left super-compact">
 
-        <? if ($data[$key]['STATUS'] === 'failed') {?>
 
-          <!-- Do not display session status as login was never active-->
 
-          &nbsp;
 
-          <? } else {?>
 
-            <? if ($data[$key]['ACTIVE'] === 'yes') {?>
 
-              <i class="fas fa-user-circle status-icon dim icon-pad-right" title="<?=_('Active Session')?>"></i>
 
-            <? } else {?>
 
-              <!-- Do not display indicator for non-active sessions -- note: whitespace char required to pad cell at this time -->
 
-              &nbsp;
 
-            <? } ?>
 
-          <? } ?>
 
-      </div>
 
-      <div class="clearfix l-unit__stat-col--left small"><b><?=translate_date($data[$key]['DATE'])?></b></div>
 
-      <div class="clearfix l-unit__stat-col--left"><b><?=$data[$key]['TIME']?></b></div>
 
+      <div class="clearfix l-unit__stat-col--left"><b><?=translate_date($data[$key]['DATE'])?></b></div>
 
+      <div class="clearfix l-unit__stat-col--left compact"><b><?=$data[$key]['TIME']?></b></div>
 
       <div class="clearfix l-unit__stat-col--left"><?=$data[$key]['IP']?></div>
 
+      <div class="clearfix l-unit__stat-col--left wide-6"><?=$data[$key]['USER_AGENT']?></b></div>
 
     </div>
 
   </div>
 
 <?}?>

+ 36 - 13
web/templates/user/list_log_auth.html
Просмотреть файл 

@@ -4,43 +4,66 @@
 
       <a href="/list/log/" id="btn-back" class="ui-button cancel" dir="ltr"><i class="fas fa-arrow-left status-icon blue"></i><?=_('Back')?></a>
 
     </div>
 
     <div class="l-unit-toolbar__buttonstrip float-right">
 
-      <a href="javascript:location.reload();" class="ui-button cancel" dir="ltr"><i class="fas fa-redo status-icon green"></i> <?=_('Refresh')?></a>
 
+      <a href="javascript:location.reload();" class="ui-button cancel" dir="ltr"><i class="fas fa-redo status-icon green"></i><?=_('Refresh')?></a>
 
     </div>
 
   </div>
 
 </div>
 
+
 
 <div class="l-separator"></div>
 
 
-<div class="l-center units animated fadeIn">
 
+<div class="l-center units">
 
 <div class="header table-header">     
     <div class="l-unit__col l-unit__col--right">
 
       <div class="clearfix l-unit__stat-col--left super-compact">
 
         &nbsp;
 
-      </div>       
+      </div>
 
+      <div class="clearfix l-unit__stat-col--left super-compact">
 
+        &nbsp;
 
+      </div>
 
+      <div class="clearfix l-unit__stat-col--left super-compact">
 
+        &nbsp;
 
+      </div>
 
       <div class="clearfix l-unit__stat-col--left small"><b><?php print _('Date');?></b></div>
 
       <div class="clearfix l-unit__stat-col--left"><b><?php print _('Time');?></b></div>
 
       <div class="clearfix l-unit__stat-col--left"><b><?php print _('IP address');?></b></div>
 
-      <div class="clearfix l-unit__stat-col--left"><b><?php print _('Status');?></b></div>
 
-      <div class="clearfix l-unit__stat-col--left"><b><?php print _('Active');?></b></div>
 
-      <div class="clearfix l-unit__stat-col--left wide-4"><b><?php print _('Browser Fingerprint');?></b></div>
 
+      <div class="clearfix l-unit__stat-col--left wide-6"><b><?php print _('Browser');?></b></div>
 
     </div>
 
   </div> 
 <?php
 
   foreach ($data as $key => $value) {
 
     ++$i;
 
   ?>
 
-  <div class="l-unit header">
 
+  <div class="l-unit header animated fadeIn">
 
     <div class="l-unit__col l-unit__col--right">
 
       <div class="clearfix l-unit__stat-col--left super-compact">
 
-        <i class="fas fa-info-circle status-icon dim"></i>
 
+        <? if ($data[$key]['ACTION'] == 'login') { ?>
 
+          <i class="fas fa-sign-in-alt status-icon dim icon-pad-right" title="<?=_('Login')?>"></i>
 
+        <? } ?>
 
+      </div>
 
+      <div class="clearfix l-unit__stat-col--left super-compact">
 
+        <? if ($data[$key]['STATUS'] == 'success') { ?>
 
+          <i class="fas fa-check-circle status-icon green icon-pad-right" title="<?=_('Success')?>"></i>
 
+        <? } else {?>
 
+          <i class="fas fa-minus-circle status-icon red icon-pad-right" title="<?=_('Failed')?>"></i>
 
+        <? } ?>
 
+      </div>
 
+      <div class="clearfix l-unit__stat-col--left super-compact">
 
+        <? if ($data[$key]['STATUS'] === 'failed') {?>
 
+          <!-- Do not display session status as login was never active-->
 
+          &nbsp;
 
+          <? } else {?>
 
+            <? if ($data[$key]['ACTIVE'] === 'yes') {?>
 
+              <i class="fas fa-user-circle status-icon dim icon-pad-right" title="<?=_('Active Session')?>"></i>
 
+            <? } else {?>
 
+              <!-- Do not display indicator for non-active sessions -- note: whitespace char required to pad cell at this time -->
 
+              &nbsp;
 
+            <? } ?>
 
+          <? } ?>
 
       </div>
 
       <div class="clearfix l-unit__stat-col--left small"><b><?=translate_date($data[$key]['DATE'])?></b></div>
 
       <div class="clearfix l-unit__stat-col--left"><b><?=$data[$key]['TIME']?></b></div>
 
       <div class="clearfix l-unit__stat-col--left"><?=$data[$key]['IP']?></div>
 
-      <div class="clearfix l-unit__stat-col--left"><?=$data[$key]['STATUS']?></div>
 
-      <div class="clearfix l-unit__stat-col--left"><?=$data[$key]['ACTIVE']?></div>
 
-      <div class="clearfix l-unit__stat-col--left"><?=$data[$key]['FINGERPRINT']?></div>
 
-      
-      
+      <div class="clearfix l-unit__stat-col--left wide-6"><?=$data[$key]['USER_AGENT']?></b></div>
 
     </div>
 
   </div>
 
 <?}?>