feat(oauth): add user agent and IP logging to registration and login processes
This commit is contained in:
Chang lue Tsen
parent
584067375b
commit
71d32d73bb
@ -25,6 +25,7 @@ func TelephoneUserRegisterHandler(svcCtx *svc.ServiceContext) func(c *gin.Contex
|
|||||||
}
|
}
|
||||||
// get client ip
|
// get client ip
|
||||||
req.IP = c.ClientIP()
|
req.IP = c.ClientIP()
|
||||||
|
req.UserAgent = c.Request.UserAgent()
|
||||||
if svcCtx.Config.Verify.RegisterVerify {
|
if svcCtx.Config.Verify.RegisterVerify {
|
||||||
verifyTurns := turnstile.New(turnstile.Config{
|
verifyTurns := turnstile.New(turnstile.Config{
|
||||||
Secret: svcCtx.Config.Verify.TurnstileSecret,
|
Secret: svcCtx.Config.Verify.TurnstileSecret,
|
||||||
|
|||||||
@ -20,6 +20,7 @@ func UserRegisterHandler(svcCtx *svc.ServiceContext) func(c *gin.Context) {
|
|||||||
_ = c.ShouldBind(&req)
|
_ = c.ShouldBind(&req)
|
||||||
// get client ip
|
// get client ip
|
||||||
req.IP = c.ClientIP()
|
req.IP = c.ClientIP()
|
||||||
|
req.UserAgent = c.Request.UserAgent()
|
||||||
if svcCtx.Config.Verify.RegisterVerify {
|
if svcCtx.Config.Verify.RegisterVerify {
|
||||||
verifyTurns := turnstile.New(turnstile.Config{
|
verifyTurns := turnstile.New(turnstile.Config{
|
||||||
Secret: svcCtx.Config.Verify.TurnstileSecret,
|
Secret: svcCtx.Config.Verify.TurnstileSecret,
|
||||||
|
|||||||
@ -68,7 +68,7 @@ func (l *OAuthLoginGetTokenLogic) OAuthLoginGetToken(req *types.OAuthLoginGetTok
|
|||||||
l.recordLoginStatus(loginStatus, userInfo, ip, userAgent, requestID, req.Method)
|
l.recordLoginStatus(loginStatus, userInfo, ip, userAgent, requestID, req.Method)
|
||||||
}()
|
}()
|
||||||
|
|
||||||
userInfo, err = l.handleOAuthProvider(req, requestID)
|
userInfo, err = l.handleOAuthProvider(req, requestID, ip, userAgent)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -82,7 +82,7 @@ func (l *OAuthLoginGetTokenLogic) OAuthLoginGetToken(req *types.OAuthLoginGetTok
|
|||||||
return &types.LoginResponse{Token: token}, nil
|
return &types.LoginResponse{Token: token}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (l *OAuthLoginGetTokenLogic) google(req *types.OAuthLoginGetTokenRequest, requestID string) (*user.User, error) {
|
func (l *OAuthLoginGetTokenLogic) google(req *types.OAuthLoginGetTokenRequest, requestID, ip, userAgent string) (*user.User, error) {
|
||||||
startTime := time.Now()
|
startTime := time.Now()
|
||||||
l.Infow("google oauth processing started",
|
l.Infow("google oauth processing started",
|
||||||
logger.Field("request_id", requestID),
|
logger.Field("request_id", requestID),
|
||||||
@ -157,10 +157,10 @@ func (l *OAuthLoginGetTokenLogic) google(req *types.OAuthLoginGetTokenRequest, r
|
|||||||
logger.Field("duration_ms", time.Since(startTime).Milliseconds()),
|
logger.Field("duration_ms", time.Since(startTime).Milliseconds()),
|
||||||
)
|
)
|
||||||
|
|
||||||
return l.findOrRegisterUser(OAuthGoogle, googleUserInfo.OpenID, googleUserInfo.Email, googleUserInfo.Picture, requestID)
|
return l.findOrRegisterUser(OAuthGoogle, googleUserInfo.OpenID, googleUserInfo.Email, googleUserInfo.Picture, requestID, ip, userAgent)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (l *OAuthLoginGetTokenLogic) apple(req *types.OAuthLoginGetTokenRequest, requestID string) (*user.User, error) {
|
func (l *OAuthLoginGetTokenLogic) apple(req *types.OAuthLoginGetTokenRequest, requestID, ip, userAgent string) (*user.User, error) {
|
||||||
startTime := time.Now()
|
startTime := time.Now()
|
||||||
l.Infow("apple oauth processing started",
|
l.Infow("apple oauth processing started",
|
||||||
logger.Field("request_id", requestID),
|
logger.Field("request_id", requestID),
|
||||||
@ -257,10 +257,10 @@ func (l *OAuthLoginGetTokenLogic) apple(req *types.OAuthLoginGetTokenRequest, re
|
|||||||
logger.Field("duration_ms", time.Since(startTime).Milliseconds()),
|
logger.Field("duration_ms", time.Since(startTime).Milliseconds()),
|
||||||
)
|
)
|
||||||
|
|
||||||
return l.findOrRegisterUser(OAuthApple, appleUnique, email, "", requestID)
|
return l.findOrRegisterUser(OAuthApple, appleUnique, email, "", requestID, ip, userAgent)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (l *OAuthLoginGetTokenLogic) telegram(req *types.OAuthLoginGetTokenRequest, requestID string) (*user.User, error) {
|
func (l *OAuthLoginGetTokenLogic) telegram(req *types.OAuthLoginGetTokenRequest, requestID, ip, userAgent string) (*user.User, error) {
|
||||||
startTime := time.Now()
|
startTime := time.Now()
|
||||||
l.Infow("telegram oauth processing started",
|
l.Infow("telegram oauth processing started",
|
||||||
logger.Field("request_id", requestID),
|
logger.Field("request_id", requestID),
|
||||||
@ -320,10 +320,10 @@ func (l *OAuthLoginGetTokenLogic) telegram(req *types.OAuthLoginGetTokenRequest,
|
|||||||
logger.Field("duration_ms", time.Since(startTime).Milliseconds()),
|
logger.Field("duration_ms", time.Since(startTime).Milliseconds()),
|
||||||
)
|
)
|
||||||
|
|
||||||
return l.findOrRegisterUser(OAuthTelegram, userID, email, avatar, requestID)
|
return l.findOrRegisterUser(OAuthTelegram, userID, email, avatar, requestID, ip, userAgent)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (l *OAuthLoginGetTokenLogic) register(email, avatar, method, openid, requestID string) (*user.User, error) {
|
func (l *OAuthLoginGetTokenLogic) register(email, avatar, method, openid, requestID, ip, userAgent string) (*user.User, error) {
|
||||||
startTime := time.Now()
|
startTime := time.Now()
|
||||||
l.Infow("user registration started",
|
l.Infow("user registration started",
|
||||||
logger.Field("request_id", requestID),
|
logger.Field("request_id", requestID),
|
||||||
@ -424,6 +424,31 @@ func (l *OAuthLoginGetTokenLogic) register(email, avatar, method, openid, reques
|
|||||||
logger.Field("duration_ms", time.Since(startTime).Milliseconds()),
|
logger.Field("duration_ms", time.Since(startTime).Milliseconds()),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// Register log
|
||||||
|
registerLog := log.Register{
|
||||||
|
AuthMethod: method,
|
||||||
|
Identifier: openid,
|
||||||
|
RegisterIP: ip,
|
||||||
|
UserAgent: userAgent,
|
||||||
|
Timestamp: time.Now().UnixMilli(),
|
||||||
|
}
|
||||||
|
content, _ := registerLog.Marshal()
|
||||||
|
|
||||||
|
err = l.svcCtx.LogModel.Insert(l.ctx, &log.SystemLog{
|
||||||
|
Type: log.TypeRegister.Uint8(),
|
||||||
|
Date: time.Now().Format("2006-01-02"),
|
||||||
|
ObjectID: userInfo.Id,
|
||||||
|
Content: string(content),
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
l.Errorw("failed to insert register log",
|
||||||
|
logger.Field("request_id", requestID),
|
||||||
|
logger.Field("user_id", userInfo.Id),
|
||||||
|
logger.Field("ip", ip),
|
||||||
|
logger.Field("error", err.Error()),
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
return userInfo, err
|
return userInfo, err
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -514,7 +539,7 @@ func (l *OAuthLoginGetTokenLogic) recordLoginStatus(loginStatus bool, userInfo *
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (l *OAuthLoginGetTokenLogic) handleOAuthProvider(req *types.OAuthLoginGetTokenRequest, requestID string) (*user.User, error) {
|
func (l *OAuthLoginGetTokenLogic) handleOAuthProvider(req *types.OAuthLoginGetTokenRequest, requestID, ip, userAgent string) (*user.User, error) {
|
||||||
l.Debugw("handling oauth provider",
|
l.Debugw("handling oauth provider",
|
||||||
logger.Field("request_id", requestID),
|
logger.Field("request_id", requestID),
|
||||||
logger.Field("provider", req.Method),
|
logger.Field("provider", req.Method),
|
||||||
@ -522,11 +547,11 @@ func (l *OAuthLoginGetTokenLogic) handleOAuthProvider(req *types.OAuthLoginGetTo
|
|||||||
|
|
||||||
switch req.Method {
|
switch req.Method {
|
||||||
case OAuthGoogle:
|
case OAuthGoogle:
|
||||||
return l.google(req, requestID)
|
return l.google(req, requestID, ip, userAgent)
|
||||||
case OAuthApple:
|
case OAuthApple:
|
||||||
return l.apple(req, requestID)
|
return l.apple(req, requestID, ip, userAgent)
|
||||||
case OAuthTelegram:
|
case OAuthTelegram:
|
||||||
return l.telegram(req, requestID)
|
return l.telegram(req, requestID, ip, userAgent)
|
||||||
default:
|
default:
|
||||||
l.Errorw("unsupported oauth login method",
|
l.Errorw("unsupported oauth login method",
|
||||||
logger.Field("request_id", requestID),
|
logger.Field("request_id", requestID),
|
||||||
@ -715,7 +740,7 @@ func (l *OAuthLoginGetTokenLogic) getTelegramConfig(requestID string) (*auth.Tel
|
|||||||
return &cfg, nil
|
return &cfg, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (l *OAuthLoginGetTokenLogic) findOrRegisterUser(authType, openID, email, avatar, requestID string) (*user.User, error) {
|
func (l *OAuthLoginGetTokenLogic) findOrRegisterUser(authType, openID, email, avatar, requestID, ip, userAgent string) (*user.User, error) {
|
||||||
l.Debugw("finding or registering user",
|
l.Debugw("finding or registering user",
|
||||||
logger.Field("request_id", requestID),
|
logger.Field("request_id", requestID),
|
||||||
logger.Field("auth_type", authType),
|
logger.Field("auth_type", authType),
|
||||||
@ -732,7 +757,7 @@ func (l *OAuthLoginGetTokenLogic) findOrRegisterUser(authType, openID, email, av
|
|||||||
logger.Field("openid", openID),
|
logger.Field("openid", openID),
|
||||||
logger.Field("email", email),
|
logger.Field("email", email),
|
||||||
)
|
)
|
||||||
return l.register(email, avatar, authType, openID, requestID)
|
return l.register(email, avatar, authType, openID, requestID, ip, userAgent)
|
||||||
}
|
}
|
||||||
l.Errorw("failed to find user auth method by openid",
|
l.Errorw("failed to find user auth method by openid",
|
||||||
logger.Field("request_id", requestID),
|
logger.Field("request_id", requestID),
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user