diff options
| author | Devaev Maxim <[email protected]> | 2018-12-17 23:09:48 +0300 |
|---|---|---|
| committer | Devaev Maxim <[email protected]> | 2018-12-17 23:09:48 +0300 |
| commit | eeecf78796553ac714139847f78c494cfac69d30 (patch) | |
| tree | 7d7e5810c412287ba9a411849229ae5069d6a852 | |
| parent | 9bd83b886e610aff97f68b887c60cc823daa38a3 (diff) | |
user login in access log
| -rw-r--r-- | configs/kvmd/platforms/kvmd.v1-hdmi.yaml | 2 | ||||
| -rw-r--r-- | configs/kvmd/platforms/kvmd.v1-vga.yaml | 2 | ||||
| -rw-r--r-- | kvmd/apps/kvmd/auth.py | 4 | ||||
| -rw-r--r-- | kvmd/apps/kvmd/server.py | 21 | ||||
| -rw-r--r-- | testenv/kvmd.yaml | 2 | ||||
| -rw-r--r-- | testenv/tox.ini | 2 |
6 files changed, 26 insertions, 7 deletions
diff --git a/configs/kvmd/platforms/kvmd.v1-hdmi.yaml b/configs/kvmd/platforms/kvmd.v1-hdmi.yaml index 305c5ae6..7a39f98d 100644 --- a/configs/kvmd/platforms/kvmd.v1-hdmi.yaml +++ b/configs/kvmd/platforms/kvmd.v1-hdmi.yaml @@ -6,7 +6,7 @@ kvmd: host: 127.0.0.1 port: 8081 heartbeat: 3.0 - access_log_format: "[%{X-Real-IP}i] '%r' => %s; size=%b --- referer='%{Referer}i'; user_agent='%{User-Agent}i'" + access_log_format: "[%P / %{X-Real-IP}i] '%r' => %s; size=%b --- referer='%{Referer}i'; user_agent='%{User-Agent}i'" auth: htpasswd: /etc/kvmd/htpasswd diff --git a/configs/kvmd/platforms/kvmd.v1-vga.yaml b/configs/kvmd/platforms/kvmd.v1-vga.yaml index ffc1ceab..82be2fb0 100644 --- a/configs/kvmd/platforms/kvmd.v1-vga.yaml +++ b/configs/kvmd/platforms/kvmd.v1-vga.yaml @@ -6,7 +6,7 @@ kvmd: host: 127.0.0.1 port: 8081 heartbeat: 3.0 - access_log_format: "[%{X-Real-IP}i] '%r' => %s; size=%b --- referer='%{Referer}i'; user_agent='%{User-Agent}i'" + access_log_format: "[%P / %{X-Real-IP}i] '%r' => %s; size=%b --- referer='%{Referer}i'; user_agent='%{User-Agent}i'" auth: htpasswd: /etc/kvmd/htpasswd diff --git a/kvmd/apps/kvmd/auth.py b/kvmd/apps/kvmd/auth.py index f319b5cc..923a06fe 100644 --- a/kvmd/apps/kvmd/auth.py +++ b/kvmd/apps/kvmd/auth.py @@ -33,5 +33,5 @@ class AuthManager: if user: get_logger().info("Logged out user %r", user) - def check(self, token: str) -> bool: - return (token in self.__tokens) + def check(self, token: str) -> Optional[str]: + return self.__tokens.get(token) diff --git a/kvmd/apps/kvmd/server.py b/kvmd/apps/kvmd/server.py index b204df7d..9d580fe0 100644 --- a/kvmd/apps/kvmd/server.py +++ b/kvmd/apps/kvmd/server.py @@ -35,6 +35,23 @@ from .streamer import Streamer # ===== +try: + from aiohttp.web import AccessLogger # type: ignore # pylint: disable=ungrouped-imports +except ImportError: + from aiohttp.helpers import AccessLogger # type: ignore # pylint: disable=ungrouped-imports + + +_ATTR_KVMD_USER = "kvmd_user" + + +def _format_P(request: aiohttp.web.BaseRequest, *_, **__) -> str: # type: ignore # pylint: disable=invalid-name + return (getattr(request, _ATTR_KVMD_USER, None) or "-") + + +AccessLogger._format_P = staticmethod(_format_P) # type: ignore # pylint: disable=protected-access + + +# ===== class HttpError(Exception): pass @@ -97,8 +114,10 @@ def _exposed(http_method: str, path: str, auth_required: bool=True) -> Callable: if auth_required: token = request.cookies.get(_COOKIE_AUTH_TOKEN, "") if token: - if not self._auth_manager.check(_valid_token(token)): + user = self._auth_manager.check(_valid_token(token)) + if not user: raise ForbiddenError("Forbidden") + setattr(request, _ATTR_KVMD_USER, user) else: raise UnauthorizedError("Unauthorized") diff --git a/testenv/kvmd.yaml b/testenv/kvmd.yaml index e8c10539..b2c91c3e 100644 --- a/testenv/kvmd.yaml +++ b/testenv/kvmd.yaml @@ -3,7 +3,7 @@ kvmd: host: 0.0.0.0 port: 8081 heartbeat: 3.0 - access_log_format: "[%{X-Real-IP}i] '%r' => %s; size=%b --- referer='%{Referer}i'; user_agent='%{User-Agent}i'" + access_log_format: "[%P / %{X-Real-IP}i] '%r' => %s; size=%b --- referer='%{Referer}i'; user_agent='%{User-Agent}i'" auth: htpasswd: /etc/kvmd/htpasswd diff --git a/testenv/tox.ini b/testenv/tox.ini index b10700a2..918a086e 100644 --- a/testenv/tox.ini +++ b/testenv/tox.ini @@ -26,7 +26,7 @@ deps = -rrequirements.txt [testenv:vulture] -commands = vulture --ignore-decorators=@_exposed,@_system_task kvmd genmap.py testenv/vulture-wl.py +commands = vulture --ignore-names=_format_P --ignore-decorators=@_exposed,@_system_task kvmd genmap.py testenv/vulture-wl.py deps = vulture -rrequirements.txt |