diff --git a/api.js b/api.js index 2ed38340..ba4c73c6 100644 --- a/api.js +++ b/api.js @@ -3436,6 +3436,7 @@ server.get({ name: 'authlog', path: '/users/:user/authlog' }, (req, res, next) = const schema = Joi.object().keys({ user: Joi.string().hex().lowercase().length(24).required(), + action: Joi.string().trim().lowercase().empty('').max(100), limit: Joi.number().default(20).min(1).max(250), next: Joi.string().alphanum().max(100), prev: Joi.string().alphanum().max(100), @@ -3459,6 +3460,7 @@ server.get({ name: 'authlog', path: '/users/:user/authlog' }, (req, res, next) = let user = new ObjectID(result.value.user); let limit = result.value.limit; + let action = result.value.action; let page = result.value.page; let pageNext = result.value.next; let pagePrev = result.value.prev; @@ -3483,9 +3485,14 @@ server.get({ name: 'authlog', path: '/users/:user/authlog' }, (req, res, next) = return next(); } - let filter = { - user - }; + let filter = action + ? { + user, + action + } + : { + user + }; db.database.collection('authlog').count(filter, (err, total) => { if (err) { @@ -3520,12 +3527,19 @@ server.get({ name: 'authlog', path: '/users/:user/authlog' }, (req, res, next) = } let prevUrl = result.hasPrevious - ? server.router.render('authlog', { user: user.toString() }, { prev: result.previous, limit, page: Math.max(page - 1, 1) }) + ? server.router.render( + 'authlog', + { user: user.toString() }, + { prev: result.previous, action: action || '', limit, page: Math.max(page - 1, 1) } + ) + : false; + let nextUrl = result.hasNext + ? server.router.render('authlog', { user: user.toString() }, { next: result.next, action: action || '', limit, page: page + 1 }) : false; - let nextUrl = result.hasNext ? server.router.render('authlog', { user: user.toString() }, { next: result.next, limit, page: page + 1 }) : false; let response = { success: true, + action, total, page, prev: prevUrl, diff --git a/docs/api.md b/docs/api.md index df3fd63f..36ae6e91 100644 --- a/docs/api.md +++ b/docs/api.md @@ -378,6 +378,7 @@ Returns data about authentication related events. This includes also password ch - **user** (required) is the ID of the user - **limit** is an optional number to limit listing length, defaults to 20 +- **action** is an optional filter to list only specific actions, for example "create asp" to list only entries for creating new application specific passwords **Example** diff --git a/lib/user-handler.js b/lib/user-handler.js index be1ff58d..8f2af310 100644 --- a/lib/user-handler.js +++ b/lib/user-handler.js @@ -129,6 +129,9 @@ class UserHandler { if (success) { meta.result = 'success'; meta.source = 'master'; + if (userData.enabled2fa) { + meta.require2fa = true; + } return this.logAuthEvent(userData._id, meta, () => callback(null, { user: userData._id,