File

mod_audit_auth/mod_audit_auth.lua @ 5790:a967bb4972c5

mod_http_oauth2: Reject unparsable URLs This used to be caught by luaPattern=https:// in the schema but that's been removed for some reason
author Kim Alvefur <zash@zash.se>
date Sun, 03 Dec 2023 23:51:54 +0100
parent 5772:238c4ac8b735
child 5803:f199bff16f1f
line wrap: on
line source

local jid = require"util.jid";
local st = require "util.stanza";

module:depends("audit");
-- luacheck: read globals module.audit

local only_passwords = module:get_option_boolean("audit_auth_passwords_only", true);

module:hook("authentication-failure", function(event)
	local session = event.session;
	module:audit(jid.join(session.sasl_handler.username, module.host), "authentication-failure", {
		session = session,
	});
end)

module:hook("authentication-success", function(event)
	local session = event.session;
	if only_passwords and session.sasl_handler.fast then
		return;
	end
	module:audit(jid.join(session.sasl_handler.username, module.host), "authentication-success", {
		session = session,
	});
end)

module:hook("client_management/new-client", function (event)
	local session, client = event.session, event.client;

	local client_info = st.stanza("client", { id = client.id });
	if client.user_agent then
		client_info:text_tag("agent", client.user_agent);
	end
	if client.legacy then
		client_info:text_tag("legacy");
	end

	module:audit(jid.join(session.username, module.host), "new-client", {
		session = session;
		custom = {
		};
	});
end);