From 7330fc2c5b05d929e0255e35ac58daf98bea644a Mon Sep 17 00:00:00 2001
From: Andris Reinman <andris@kreata.ee>
Date: Wed, 26 Jul 2017 11:00:16 +0300
Subject: [PATCH] allow filtering authlog based on action value

---
 api.js              | 24 +++++++++++++++++++-----
 docs/api.md         |  1 +
 lib/user-handler.js |  3 +++
 3 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/api.js b/api.js
index 2ed38340..ba4c73c6 100644
--- a/api.js
+++ b/api.js
@@ -3436,6 +3436,7 @@ server.get({ name: 'authlog', path: '/users/:user/authlog' }, (req, res, next) =
 
     const schema = Joi.object().keys({
         user: Joi.string().hex().lowercase().length(24).required(),
+        action: Joi.string().trim().lowercase().empty('').max(100),
         limit: Joi.number().default(20).min(1).max(250),
         next: Joi.string().alphanum().max(100),
         prev: Joi.string().alphanum().max(100),
@@ -3459,6 +3460,7 @@ server.get({ name: 'authlog', path: '/users/:user/authlog' }, (req, res, next) =
 
     let user = new ObjectID(result.value.user);
     let limit = result.value.limit;
+    let action = result.value.action;
     let page = result.value.page;
     let pageNext = result.value.next;
     let pagePrev = result.value.prev;
@@ -3483,9 +3485,14 @@ server.get({ name: 'authlog', path: '/users/:user/authlog' }, (req, res, next) =
             return next();
         }
 
-        let filter = {
-            user
-        };
+        let filter = action
+            ? {
+                user,
+                action
+            }
+            : {
+                user
+            };
 
         db.database.collection('authlog').count(filter, (err, total) => {
             if (err) {
@@ -3520,12 +3527,19 @@ server.get({ name: 'authlog', path: '/users/:user/authlog' }, (req, res, next) =
                 }
 
                 let prevUrl = result.hasPrevious
-                    ? server.router.render('authlog', { user: user.toString() }, { prev: result.previous, limit, page: Math.max(page - 1, 1) })
+                    ? server.router.render(
+                        'authlog',
+                        { user: user.toString() },
+                        { prev: result.previous, action: action || '', limit, page: Math.max(page - 1, 1) }
+                    )
+                    : false;
+                let nextUrl = result.hasNext
+                    ? server.router.render('authlog', { user: user.toString() }, { next: result.next, action: action || '', limit, page: page + 1 })
                     : false;
-                let nextUrl = result.hasNext ? server.router.render('authlog', { user: user.toString() }, { next: result.next, limit, page: page + 1 }) : false;
 
                 let response = {
                     success: true,
+                    action,
                     total,
                     page,
                     prev: prevUrl,
diff --git a/docs/api.md b/docs/api.md
index df3fd63f..36ae6e91 100644
--- a/docs/api.md
+++ b/docs/api.md
@@ -378,6 +378,7 @@ Returns data about authentication related events. This includes also password ch
 
 - **user** (required) is the ID of the user
 - **limit** is an optional number to limit listing length, defaults to 20
+- **action** is an optional filter to list only specific actions, for example "create asp" to list only entries for creating new application specific passwords
 
 **Example**
 
diff --git a/lib/user-handler.js b/lib/user-handler.js
index be1ff58d..8f2af310 100644
--- a/lib/user-handler.js
+++ b/lib/user-handler.js
@@ -129,6 +129,9 @@ class UserHandler {
                     if (success) {
                         meta.result = 'success';
                         meta.source = 'master';
+                        if (userData.enabled2fa) {
+                            meta.require2fa = true;
+                        }
                         return this.logAuthEvent(userData._id, meta, () =>
                             callback(null, {
                                 user: userData._id,