Pro-Idler
/
AccountHub
forked from Business/AccountHub
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add more details to logging

Browse Source
V2_Rewrite
Skylar Ittner 7 years ago
parent 5929d13147
commit 2a9ad78477
4 changed files with 34 additions and 15 deletions
Show Stats Download Patch File Download Diff File

38
api.php
Unescape Escape View File

@ -15,19 +15,36 @@ header("Content-Type: application/json");
$key = $VARS['key']; $key = $VARS['key'];
if ($database->has('apikeys', ['key' => $key]) !== TRUE) { if ($database->has('apikeys', ['key' => $key]) !== TRUE) {
header("HTTP/1.1 403 Unauthorized"); header("HTTP/1.1 403 Unauthorized");
insertAuthLog(14, null, "Key: " . $key);
die("\"403 Unauthorized\""); die("\"403 Unauthorized\"");
} }
/**
* Get the API key with most of the characters replaced with *s.
* @global string $key
* @return string
*/
function getCensoredKey() {
global $key;
$resp = $key;
if (strlen($key) > 5) {
for ($i = 2; $i < strlen($key) - 2; $i++) {
$resp[$i] = "*";
}
}
return $resp;
}
switch ($VARS['action']) { switch ($VARS['action']) {
case "ping": case "ping":
exit(json_encode(["status" => "OK"])); exit(json_encode(["status" => "OK"]));
break; break;
case "auth": case "auth":
if (authenticate_user($VARS['username'], $VARS['password'])) { if (authenticate_user($VARS['username'], $VARS['password'])) {
insertAuthLog(12); insertAuthLog(12, null, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "OK", "msg" => lang("login successful", false)])); exit(json_encode(["status" => "OK", "msg" => lang("login successful", false)]));
} else { } else {
insertAuthLog(13); insertAuthLog(13, null, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "ERROR", "msg" => lang("login incorrect", false)])); exit(json_encode(["status" => "ERROR", "msg" => lang("login incorrect", false)]));
} }
break; break;
@ -57,7 +74,7 @@ switch ($VARS['action']) {
if (verifyTOTP($VARS['username'], $VARS['code'])) { if (verifyTOTP($VARS['username'], $VARS['code'])) {
exit(json_encode(["status" => "OK", "valid" => true])); exit(json_encode(["status" => "OK", "valid" => true]));
} else { } else {
insertAuthLog(7); insertAuthLog(7, null, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "ERROR", "msg" => lang("2fa incorrect", false), "valid" => false])); exit(json_encode(["status" => "ERROR", "msg" => lang("2fa incorrect", false), "valid" => false]));
} }
break; break;
@ -66,29 +83,30 @@ switch ($VARS['action']) {
case "login": case "login":
// simulate a login, checking account status and alerts // simulate a login, checking account status and alerts
if (authenticate_user($VARS['username'], $VARS['password'])) { if (authenticate_user($VARS['username'], $VARS['password'])) {
$uid = $database->select('accounts', 'uid', ['username' => $VARS['username']])[0];
switch (get_account_status($VARS['username'])) { switch (get_account_status($VARS['username'])) {
case "LOCKED_OR_DISABLED": case "LOCKED_OR_DISABLED":
insertAuthLog(5); insertAuthLog(5, $uid, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "ERROR", "msg" => lang("account locked", false)])); exit(json_encode(["status" => "ERROR", "msg" => lang("account locked", false)]));
case "TERMINATED": case "TERMINATED":
insertAuthLog(5); insertAuthLog(5, $uid, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "ERROR", "msg" => lang("account terminated", false)])); exit(json_encode(["status" => "ERROR", "msg" => lang("account terminated", false)]));
case "CHANGE_PASSWORD": case "CHANGE_PASSWORD":
insertAuthLog(5); insertAuthLog(5, $uid, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "ERROR", "msg" => lang("password expired", false)])); exit(json_encode(["status" => "ERROR", "msg" => lang("password expired", false)]));
case "NORMAL": case "NORMAL":
insertAuthLog(4); insertAuthLog(4, $uid, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "OK"])); exit(json_encode(["status" => "OK"]));
case "ALERT_ON_ACCESS": case "ALERT_ON_ACCESS":
sendLoginAlertEmail($VARS['username']); sendLoginAlertEmail($VARS['username']);
insertAuthLog(4); insertAuthLog(4, $uid, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "OK", "alert" => true])); exit(json_encode(["status" => "OK", "alert" => true]));
default: default:
insertAuthLog(5); insertAuthLog(5, $uid, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "ERROR", "msg" => lang("account state error", false)])); exit(json_encode(["status" => "ERROR", "msg" => lang("account state error", false)]));
} }
} else { } else {
insertAuthLog(5); insertAuthLog(5, null, "Username: " . $VARS['username'] . ", Key: " . getCensoredKey());
exit(json_encode(["status" => "ERROR", "msg" => lang("login incorrect", false)])); exit(json_encode(["status" => "ERROR", "msg" => lang("login incorrect", false)]));
} }
break; break;

BIN
database.mwb
View File

Binary file not shown.

6
index.php
Unescape Escape View File

@ -38,11 +38,11 @@ if ($VARS['progress'] == "1") {
} }
} else { } else {
$alert = lang("login incorrect", false); $alert = lang("login incorrect", false);
insertAuthLog(2); insertAuthLog(2, null, "Username: ".$VARS['username']);
} }
} else { } else {
$alert = lang("captcha error", false); $alert = lang("captcha error", false);
insertAuthLog(8); insertAuthLog(8, null, "Username: ".$VARS['username']);
} }
} else if ($VARS['progress'] == "2") { } else if ($VARS['progress'] == "2") {
if (verifyTOTP($VARS['username'], $VARS['authcode'])) { if (verifyTOTP($VARS['username'], $VARS['authcode'])) {
@ -52,7 +52,7 @@ if ($VARS['progress'] == "1") {
die("Logged in, go to home.php"); die("Logged in, go to home.php");
} else { } else {
$alert = lang("2fa incorrect", false); $alert = lang("2fa incorrect", false);
insertAuthLog(6); insertAuthLog(6, null, "Username: ".$VARS['username']);
} }
} }
?> ?>

5
lib/login.php
Unescape Escape View File

@ -183,8 +183,9 @@ function sendLoginAlertEmail($username) {
// TODO: add email code // TODO: add email code
} }
function insertAuthLog($type, $uid = null) { function insertAuthLog($type, $uid = null, $data = "") {
global $database; global $database;
// find IP address
$ip = ""; $ip = "";
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) { if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$ip = $_SERVER["HTTP_CF_CONNECTING_IP"]; $ip = $_SERVER["HTTP_CF_CONNECTING_IP"];
@ -203,7 +204,7 @@ function insertAuthLog($type, $uid = null) {
} else { } else {
$ip = "NOT FOUND"; $ip = "NOT FOUND";
} }
$database->insert("authlog", ['#logtime' => 'NOW()', 'logtype' => $type, 'uid' => $uid, 'ip' => $ip]); $database->insert("authlog", ['#logtime' => 'NOW()', 'logtype' => $type, 'uid' => $uid, 'ip' => $ip, 'otherdata' => $data]);
} }
function verifyReCaptcha($response) { function verifyReCaptcha($response) {

Write Preview
Loading…
Cancel
Save