Annotate

mod_audit_auth/mod_audit_auth.lua @ 5792:bb4335c8f500

mod_restrict_xmpp: Allow all XEP-0199 pings to self No permission to send a ping without a 'to' attribute?
author Kim Alvefur <zash@zash.se>
date Mon, 04 Dec 2023 00:23:19 +0100
parent 5772:238c4ac8b735
child 5803:f199bff16f1f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5735
b357ff3d0c8a mod_audit_auth: Include hostpart with audit events
Kim Alvefur <zash@zash.se>
parents: 4933
diff changeset
1 local jid = require"util.jid";
5772
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
2 local st = require "util.stanza";
5735
b357ff3d0c8a mod_audit_auth: Include hostpart with audit events
Kim Alvefur <zash@zash.se>
parents: 4933
diff changeset
3
4932
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
4 module:depends("audit");
4933
08dea42a302a mod_audit*: fix luacheck warnings
Jonas Schäfer <jonas@wielicki.name>
parents: 4932
diff changeset
5 -- luacheck: read globals module.audit
4932
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
6
5771
dfbced5e54b9 mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents: 5735
diff changeset
7 local only_passwords = module:get_option_boolean("audit_auth_passwords_only", true);
dfbced5e54b9 mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents: 5735
diff changeset
8
4932
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
9 module:hook("authentication-failure", function(event)
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
10 local session = event.session;
5735
b357ff3d0c8a mod_audit_auth: Include hostpart with audit events
Kim Alvefur <zash@zash.se>
parents: 4933
diff changeset
11 module:audit(jid.join(session.sasl_handler.username, module.host), "authentication-failure", {
4932
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
12 session = session,
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
13 });
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
14 end)
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
15
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
16 module:hook("authentication-success", function(event)
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
17 local session = event.session;
5771
dfbced5e54b9 mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents: 5735
diff changeset
18 if only_passwords and session.sasl_handler.fast then
dfbced5e54b9 mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents: 5735
diff changeset
19 return;
dfbced5e54b9 mod_audit_auth: Ignore FAST authentication events by default
Matthew Wild <mwild1@gmail.com>
parents: 5735
diff changeset
20 end
5735
b357ff3d0c8a mod_audit_auth: Include hostpart with audit events
Kim Alvefur <zash@zash.se>
parents: 4933
diff changeset
21 module:audit(jid.join(session.sasl_handler.username, module.host), "authentication-success", {
4932
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
22 session = session,
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
23 });
530d116b7f68 mod_audit*: modules for audit logging in prosody
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
24 end)
5772
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
25
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
26 module:hook("client_management/new-client", function (event)
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
27 local session, client = event.session, event.client;
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
28
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
29 local client_info = st.stanza("client", { id = client.id });
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
30 if client.user_agent then
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
31 client_info:text_tag("agent", client.user_agent);
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
32 end
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
33 if client.legacy then
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
34 client_info:text_tag("legacy");
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
35 end
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
36
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
37 module:audit(jid.join(session.username, module.host), "new-client", {
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
38 session = session;
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
39 custom = {
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
40 };
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
41 });
238c4ac8b735 mod_audit_auth: Add audit record when a client connects that has not been seen before
Matthew Wild <mwild1@gmail.com>
parents: 5771
diff changeset
42 end);