Software / code / prosody-modules
Changeset
5772:238c4ac8b735
mod_audit_auth: Add audit record when a client connects that has not been seen before
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Fri, 01 Dec 2023 11:59:02 +0000 |
| parents | 5771:dfbced5e54b9 |
| children | 5773:c89077b4f46e |
| files | mod_audit_auth/README.md mod_audit_auth/mod_audit_auth.lua |
| diffstat | 2 files changed, 23 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_audit_auth/README.md Fri Dec 01 11:34:52 2023 +0000 +++ b/mod_audit_auth/README.md Fri Dec 01 11:59:02 2023 +0000 @@ -7,3 +7,7 @@ This module stores authentication failures and authentication successes in the audit log provided by `mod_audit`. + +If mod_client_management is loaded, it will also record entries when a new +client is connected to the user's account for the first time. For non-SASL2 +clients, this may have false positives.
--- a/mod_audit_auth/mod_audit_auth.lua Fri Dec 01 11:34:52 2023 +0000 +++ b/mod_audit_auth/mod_audit_auth.lua Fri Dec 01 11:59:02 2023 +0000 @@ -1,4 +1,5 @@ local jid = require"util.jid"; +local st = require "util.stanza"; module:depends("audit"); -- luacheck: read globals module.audit @@ -21,3 +22,21 @@ session = session, }); end) + +module:hook("client_management/new-client", function (event) + local session, client = event.session, event.client; + + local client_info = st.stanza("client", { id = client.id }); + if client.user_agent then + client_info:text_tag("agent", client.user_agent); + end + if client.legacy then + client_info:text_tag("legacy"); + end + + module:audit(jid.join(session.username, module.host), "new-client", { + session = session; + custom = { + }; + }); +end);
