Add IndieAuth security logs in the admin

This commit is contained in:
Thomas Sileo 2019-05-02 21:53:17 +02:00
parent 23c8ca0c5a
commit 616b853009
3 changed files with 54 additions and 2 deletions

23
app.py
View file

@ -365,6 +365,16 @@ def format_time(val):
return val return val
@app.template_filter()
def format_ts(val):
return datetime.fromtimestamp(val).strftime("%B %d, %Y, %H:%M %p")
@app.template_filter()
def gt_ts(val):
return datetime.now() > datetime.fromtimestamp(val)
@app.template_filter() @app.template_filter()
def format_timeago(val): def format_timeago(val):
if val: if val:
@ -1356,6 +1366,15 @@ def admin():
) )
@app.route("/admin/indieauth", methods=["GET"])
@login_required
def admin_indieauth():
return render_template(
"admin_indieauth.html",
indieauth_actions=DB.indieauth.find().sort("ts", -1).limit(100),
)
@app.route("/admin/tasks", methods=["GET"]) @app.route("/admin/tasks", methods=["GET"])
@login_required @login_required
def admin_tasks(): def admin_tasks():
@ -2205,7 +2224,7 @@ def indieauth_endpoint():
{ {
"$set": { "$set": {
"verified": True, "verified": True,
"verified_by": "login", "verified_by": "id",
"verified_at": datetime.now().timestamp(), "verified_at": datetime.now().timestamp(),
} }
}, },
@ -2252,7 +2271,7 @@ def token_endpoint():
{ {
"$set": { "$set": {
"verified": True, "verified": True,
"verified_by": "token", "verified_by": "code",
"verified_at": now.timestamp(), "verified_at": now.timestamp(),
} }
}, },

View file

@ -6,6 +6,11 @@
{% include "header.html" %} {% include "header.html" %}
<div id="admin"> <div id="admin">
<h3>Admin</h3> <h3>Admin</h3>
<h4>Links</h4>
<ul>
<li><a href="/admin/indieauth">IndieAuth logs</a></li>
<li><a href="/admin/tasks">Poussetaches tasks</a></li>
</ul>
<h4>DB</h4> <h4>DB</h4>
<ul> <ul>
<li>Inbox size: <strong>{{ inbox_size }}</strong></li> <li>Inbox size: <strong>{{ inbox_size }}</strong></li>

View file

@ -0,0 +1,28 @@
{% extends "layout.html" %}
{% import 'utils.html' as utils %}
{% block title %}IndieAuth logs - {{ config.NAME }}{% endblock %}
{% block content %}
<div id="container">
{% include "header.html" %}
<div id="admin">
<h3>IndieAuth logs</h3>
<ul style="list-style-type:none;padding:0;">
{% for action in indieauth_actions %}
<li style="margin-bottom:15px;"><span class="lcolor">{{action.ts|format_ts}}</span>
<strong>{% if action.verified_by == "login" %}Authorization{% else %}Token{% endif %}</strong>
requested by <a style="font-weight:bold" href="{{ action.client_id }}">{{ action.client_id }}</a>
<a style="font-weight:bold;" href="{{action.me}}">{{action.me}}</a>
({% if action.scope %}scope=<code>{{action.scope}}</code>,{% endif %}redirect_uri={{action.redirect_uri}}).
{% if action.token_expires %}
<br>
The token <code title="{{action.token}}">{{action.token[:20]}}...</code>
{% if action.token_expires|gt_ts%}has expired on{% else %}expires{% endif %} {{ action.token_expires|format_ts }}
{% endif %}
</li>
{% endfor %}
</ul>
</div>
</div>
{% endblock %}