Mercurial > prosody-modules
annotate mod_audit_auth/mod_audit_auth.lua @ 5818:d3b69859553a
mod_password_policy: Change error type from 'cancel' to 'modify'
This makes more sense, as the problem relates to the data that has been
entered, and therefore the request could be retried with different data.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 08 Jan 2024 17:28:39 +0000 |
| parents | f199bff16f1f |
| children | cc30c4b5f006 |
| rev | line source |
|---|---|
|
5712
b357ff3d0c8a
mod_audit_auth: Include hostpart with audit events
Kim Alvefur <zash@zash.se>
parents:
4934
diff
changeset
|
1 local jid = require"util.jid"; |
|
5749
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
2 local st = require "util.stanza"; |
|
5712
b357ff3d0c8a
mod_audit_auth: Include hostpart with audit events
Kim Alvefur <zash@zash.se>
parents:
4934
diff
changeset
|
3 |
|
4933
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
4 module:depends("audit"); |
|
4934
08dea42a302a
mod_audit*: fix luacheck warnings
Jonas Schäfer <jonas@wielicki.name>
parents:
4933
diff
changeset
|
5 -- luacheck: read globals module.audit |
|
4933
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
6 |
|
5748
dfbced5e54b9
mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents:
5712
diff
changeset
|
7 local only_passwords = module:get_option_boolean("audit_auth_passwords_only", true); |
|
dfbced5e54b9
mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents:
5712
diff
changeset
|
8 |
|
4933
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
9 module:hook("authentication-failure", function(event) |
|
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
10 local session = event.session; |
|
5712
b357ff3d0c8a
mod_audit_auth: Include hostpart with audit events
Kim Alvefur <zash@zash.se>
parents:
4934
diff
changeset
|
11 module:audit(jid.join(session.sasl_handler.username, module.host), "authentication-failure", { |
|
4933
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
12 session = session, |
|
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
13 }); |
|
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
14 end) |
|
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
15 |
|
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
16 module:hook("authentication-success", function(event) |
|
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
17 local session = event.session; |
|
5748
dfbced5e54b9
mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents:
5712
diff
changeset
|
18 if only_passwords and session.sasl_handler.fast then |
|
dfbced5e54b9
mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents:
5712
diff
changeset
|
19 return; |
|
dfbced5e54b9
mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents:
5712
diff
changeset
|
20 end |
|
5712
b357ff3d0c8a
mod_audit_auth: Include hostpart with audit events
Kim Alvefur <zash@zash.se>
parents:
4934
diff
changeset
|
21 module:audit(jid.join(session.sasl_handler.username, module.host), "authentication-success", { |
|
4933
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
22 session = session, |
|
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
23 }); |
|
530d116b7f68
mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff
changeset
|
24 end) |
|
5749
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
25 |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
26 module:hook("client_management/new-client", function (event) |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
27 local session, client = event.session, event.client; |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
28 |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
29 local client_info = st.stanza("client", { id = client.id }); |
|
5780
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
30 |
|
5749
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
31 if client.user_agent then |
|
5780
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
32 local user_agent = st.stanza("user-agent", { xmlns = "urn:xmpp:sasl:2" }) |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
33 if client.user_agent.software then |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
34 user_agent:text_tag("software", client.user_agent.software, { id = client.user_agent.software_id; version = client.user_agent.software_version }); |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
35 end |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
36 if client.user_agent.device then |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
37 user_agent:text_tag("device", client.user_agent.device); |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
38 end |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
39 if client.user_agent.uri then |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
40 user_agent:text_tag("uri", client.user_agent.uri); |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
41 end |
|
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
42 client_info:add_child(user_agent); |
|
5749
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
43 end |
|
5780
f199bff16f1f
mod_audit_auth: Improve user-agent building (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents:
5749
diff
changeset
|
44 |
|
5749
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
45 if client.legacy then |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
46 client_info:text_tag("legacy"); |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
47 end |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
48 |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
49 module:audit(jid.join(session.username, module.host), "new-client", { |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
50 session = session; |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
51 custom = { |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
52 }; |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
53 }); |
|
238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents:
5748
diff
changeset
|
54 end); |