diff options
author | Sean McGivern <sean@mcgivern.me.uk> | 2018-07-31 10:44:22 +0000 |
---|---|---|
committer | Sean McGivern <sean@mcgivern.me.uk> | 2018-07-31 10:44:22 +0000 |
commit | e6dd3c527626af1c0f521792360f7c4b29bfee36 (patch) | |
tree | 79dee0a3eb392d42478011af8e3eaa8d94c3e370 /config/initializers | |
parent | eb8597a1b9eb575121f09b8b9904c0ad7cd489cc (diff) | |
parent | 3b81345a730714a94b3e15f0eb91c4f1e8216a44 (diff) | |
download | gitlab-ce-e6dd3c527626af1c0f521792360f7c4b29bfee36.tar.gz |
Merge branch 'feature/gb/login-activity-metrics' into 'master'
Add user authentication activity metrics
Closes #47789
See merge request gitlab-org/gitlab-ce!20668
Diffstat (limited to 'config/initializers')
-rw-r--r-- | config/initializers/warden.rb | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/config/initializers/warden.rb b/config/initializers/warden.rb index 8cc36820d3c..d64b659c6d7 100644 --- a/config/initializers/warden.rb +++ b/config/initializers/warden.rb @@ -1,10 +1,20 @@ Rails.application.configure do |config| Warden::Manager.after_set_user(scope: :user) do |user, auth, opts| Gitlab::Auth::UniqueIpsLimiter.limit_user!(user) - end - Warden::Manager.before_failure(scope: :user) do |env, opts| - Gitlab::Auth::BlockedUserTracker.log_if_user_blocked(env) + activity = Gitlab::Auth::Activity.new(user, opts) + + case opts[:event] + when :authentication + activity.user_authenticated! + when :set_user + activity.user_authenticated! + activity.user_session_override! + when :fetch # rubocop:disable Lint/EmptyWhen + # We ignore session fetch events + else + activity.user_session_override! + end end Warden::Manager.after_authentication(scope: :user) do |user, auth, opts| @@ -15,7 +25,17 @@ Rails.application.configure do |config| ActiveSession.set(user, auth.request) end - Warden::Manager.before_logout(scope: :user) do |user, auth, opts| - ActiveSession.destroy(user || auth.user, auth.request.session.id) + Warden::Manager.before_failure(scope: :user) do |env, opts| + tracker = Gitlab::Auth::BlockedUserTracker.new(env) + tracker.log_blocked_user_activity! if tracker.user_blocked? + + Gitlab::Auth::Activity.new(tracker.user, opts).user_authentication_failed! + end + + Warden::Manager.before_logout(scope: :user) do |user_warden, auth, opts| + user = user_warden || auth.user + + ActiveSession.destroy(user, auth.request.session.id) + Gitlab::Auth::Activity.new(user, opts).user_session_destroyed! end end |