This commit is contained in:
James Cole 2016-12-13 20:37:38 +01:00
parent a9e57e1c34
commit 0335a64a21
6 changed files with 198 additions and 26 deletions

View File

@ -0,0 +1,42 @@
<?php
/**
* BlockedUseOfDomain.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Events;
use Illuminate\Queue\SerializesModels;
/**
* Class BlockedUseOfDomain
*
* @package FireflyIII\Events
*/
class BlockedUseOfDomain extends Event
{
use SerializesModels;
public $email;
public $ipAddress;
/**
* Create a new event instance. This event is triggered when a user tries to register with a banned domain (on blocked domain list).
*
* @param string $email
* @param string $ipAddress
*/
public function __construct(string $email, string $ipAddress)
{
$this->email = $email;
$this->ipAddress = $ipAddress;
}
}

View File

@ -0,0 +1,42 @@
<?php
/**
* BlockedUseOfEmail.php
* Copyright (C) 2016 thegrumpydictator@gmail.com
*
* This software may be modified and distributed under the terms of the
* Creative Commons Attribution-ShareAlike 4.0 International License.
*
* See the LICENSE file for details.
*/
declare(strict_types = 1);
namespace FireflyIII\Events;
use Illuminate\Queue\SerializesModels;
/**
* Class BlockedUseOfEmail
*
* @package FireflyIII\Events
*/
class BlockedUseOfEmail extends Event
{
use SerializesModels;
public $email;
public $ipAddress;
/**
* Create a new event instance. This event is triggered when a user tries to register with a banned email address (already used before).
*
* @param string $email
* @param string $ipAddress
*/
public function __construct(string $email, string $ipAddress)
{
$this->email = $email;
$this->ipAddress = $ipAddress;
}
}

View File

@ -16,6 +16,8 @@ namespace FireflyIII\Handlers\Events;
use Exception;
use FireflyConfig;
use FireflyIII\Events\BlockedBadLogin;
use FireflyIII\Events\BlockedUseOfDomain;
use FireflyIII\Events\BlockedUseOfEmail;
use FireflyIII\Events\BlockedUserLogin;
use FireflyIII\Events\ConfirmedUser;
use FireflyIII\Events\DeletedUser;
@ -85,25 +87,25 @@ class UserEventHandler
*
* @return bool
*/
public function respondToBlockedBadLogin(BlockedBadLogin $event)
public function reportBadLogin(BlockedBadLogin $event)
{
$email = $event->email;
$ipAddress = $event->ipAddress;
/** @var Configuration $sendmail */
$sendmail = FireflyConfig::get('mail_for_bad_login', config('firefly.configuration.mail_for_bad_login'));
Log::debug(sprintf('Now in respondToBlockedBadLogin for email address %s', $email));
Log::debug(sprintf('Now in reportBadLogin for email address %s', $email));
Log::error(sprintf('User %s tried to login with bad credentials.', $email));
if (is_null($sendmail) || (!is_null($sendmail) && $sendmail->data === false)) {
Log::error(sprintf('User %s tried to login with bad credentials.', $email));
return true;
}
// send email message:
try {
Mail::send(
['emails.blocked-bad-creds-html', 'emails.blocked-bad-creds-text'], ['email' => $email, 'ip' => $ipAddress], function (Message $message) use ($email) {
$message->to($email, $email)->subject('Blocked login attempt with bad credentials');
}
['emails.blocked-bad-creds-html', 'emails.blocked-bad-creds-text'], ['email' => $email, 'ip' => $ipAddress],
function (Message $message) use ($email) {
$message->to($email, $email)->subject('Blocked login attempt with bad credentials');
}
);
} catch (Swift_TransportException $e) {
Log::error($e->getMessage());
@ -117,17 +119,16 @@ class UserEventHandler
*
* @return bool
*/
public function respondToBlockedUserLogin(BlockedUserLogin $event): bool
public function reportBlockedUser(BlockedUserLogin $event): bool
{
$user = $event->user;
$email = $user->email;
$ipAddress = $event->ipAddress;
/** @var Configuration $sendmail */
$sendmail = FireflyConfig::get('mail_for_blocked_login', config('firefly.configuration.mail_for_blocked_login'));
Log::debug(sprintf('Now in respondToBlockedUserLogin for email address %s', $email));
Log::debug(sprintf('Now in reportBlockedUser for email address %s', $email));
Log::error(sprintf('User #%d (%s) has their accout blocked (blocked_code is "%s") but tried to login.', $user->id, $email, $user->blocked_code));
if (is_null($sendmail) || (!is_null($sendmail) && $sendmail->data === false)) {
Log::error(sprintf('User #%d (%s) has their accout blocked (blocked_code is "%s") but tried to login.', $user->id, $email, $user->blocked_code));
return true;
}
@ -156,16 +157,15 @@ class UserEventHandler
*
* @return bool
*/
public function respondToLockout(LockedOutUser $event): bool
public function reportLockout(LockedOutUser $event): bool
{
$email = $event->email;
$ipAddress = $event->ipAddress;
/** @var Configuration $sendmail */
$sendmail = FireflyConfig::get('mail_for_lockout', config('firefly.configuration.mail_for_lockout'));
Log::debug(sprintf('Now in respondToLockout for email address %s', $email));
Log::error(sprintf('User %s was locked out after too many invalid login attempts.', $email));
if (is_null($sendmail) || (!is_null($sendmail) && $sendmail->data === false)) {
Log::error(sprintf('User %s was locked out after too many invalid login attempts.', $email));
return true;
}
@ -183,6 +183,77 @@ class UserEventHandler
return true;
}
/**
* @param BlockedUseOfDomain $event
*
* @return bool
*/
public function reportUseBlockedDomain(BlockedUseOfDomain $event): bool
{
$email = $event->email;
$ipAddress = $event->ipAddress;
$parts = explode('@', $email);
/** @var Configuration $sendmail */
$sendmail = FireflyConfig::get('mail_for_blocked_domain', config('firefly.configuration.mail_for_blocked_domain'));
Log::debug(sprintf('Now in reportUseBlockedDomain for email address %s', $email));
Log::error(sprintf('Somebody tried to register using an email address (%s) connected to a banned domain (%s).', $email, $parts[1]));
if (is_null($sendmail) || (!is_null($sendmail) && $sendmail->data === false)) {
return true;
}
// send email message:
try {
Mail::send(
['emails.blocked-domain-html', 'emails.blocked-domain-text'],
[
'user_address' => $email,
'ip' => $ipAddress,
], function (Message $message) use ($email) {
$message->to($email, $email)->subject('Blocked registration attempt with blocked email address');
}
);
} catch (Swift_TransportException $e) {
Log::error($e->getMessage());
}
return true;
}
/**
* @param BlockedUseOfEmail $event
*
* @return bool
*/
public function reportUseOfBlockedEmail(BlockedUseOfEmail $event): bool
{
$email = $event->email;
$ipAddress = $event->ipAddress;
/** @var Configuration $sendmail */
$sendmail = FireflyConfig::get('mail_for_blocked_email', config('firefly.configuration.mail_for_blocked_email'));
Log::debug(sprintf('Now in reportUseOfBlockedEmail for email address %s', $email));
Log::error(sprintf('Somebody tried to register using email address %s which is blocked (SHA2 hash).', $email));
if (is_null($sendmail) || (!is_null($sendmail) && $sendmail->data === false)) {
return true;
}
// send email message:
try {
Mail::send(
['emails.blocked-email-html', 'emails.blocked-email-text'],
[
'user_address' => $email,
'ip' => $ipAddress,
], function (Message $message) use ($email) {
$message->to($email, $email)->subject('Blocked registration attempt with blocked email address');
}
);
} catch (Swift_TransportException $e) {
Log::error($e->getMessage());
}
return true;
}
/**
* @param DeletedUser $event
*

View File

@ -96,6 +96,8 @@ class LoginController extends Controller
$errorMessage = strval(trans('firefly.' . $code . '_error', ['email' => $credentials['email']]));
event(new BlockedUserLogin($foundUser, $request->ip()));
}
// simply a bad login.
if (is_null($foundUser)) {
event(new BlockedBadLogin($credentials['email'], $request->ip()));
}

View File

@ -14,9 +14,11 @@ namespace FireflyIII\Http\Controllers\Auth;
use Auth;
use Config;
use FireflyIII\Events\BlockedUseOfDomain;
use FireflyIII\Events\BlockedUseOfEmail;
use FireflyIII\Events\RegisteredUser;
use FireflyIII\Http\Controllers\Controller;
use FireflyIII\Support\Facades\FireflyConfig;
use FireflyConfig;
use FireflyIII\User;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Http\Request;
@ -92,7 +94,9 @@ class RegisterController extends Controller
// is user email domain blocked?
if ($this->isBlockedDomain($data['email'])) {
$validator->getMessageBag()->add('email', (string)trans('validation.invalid_domain'));
$this->reportBlockedDomainRegistrationAttempt($data['email'], $request->ip());
event(new BlockedUseOfDomain($data['email'], $request->ip()));
// $this->reportBlockedDomainRegistrationAttempt($data['email'], $request->ip());
$this->throwValidationException($request, $validator);
}
@ -103,9 +107,9 @@ class RegisterController extends Controller
Log::debug(sprintf('Hash of email is %s', $hash));
Log::debug('Hashes of deleted users: ', $set);
if (in_array($hash, $set)) {
// user already deleted, cannot re-register :(
$validator->getMessageBag()->add('email', (string)trans('validation.deleted_user'));
$this->reportBlockedDomainRegistrationAttempt($data['email'], $request->ip());
event(new BlockedUseOfEmail($data['email'], $request->ip()));
//$this->reportBlockedDomainRegistrationAttempt($data['email'], $request->ip());
$this->throwValidationException($request, $validator);
}

View File

@ -37,26 +37,37 @@ class EventServiceProvider extends ServiceProvider
protected $listen
= [
// new event handlers:
'FireflyIII\Events\ConfirmedUser' => // is a User related event.
'FireflyIII\Events\ConfirmedUser' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@storeConfirmationIpAddress',
],
'FireflyIII\Events\DeletedUser' => // is a User related event.
'FireflyIII\Events\DeletedUser' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@saveEmailAddress',
],
'FireflyIII\Events\LockedOutUser' => // is a User related event.
'FireflyIII\Events\LockedOutUser' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@respondToLockout',
'FireflyIII\Handlers\Events\UserEventHandler@reportLockout',
],
'FireflyIII\Events\BlockedUserLogin' => // is a User related event.
'FireflyIII\Events\BlockedUserLogin' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@respondToBlockedUserLogin',
'FireflyIII\Handlers\Events\UserEventHandler@reportBlockedUser',
],
'FireflyIII\Events\BlockedBadLogin' => // is a User related event.
'FireflyIII\Events\BlockedUseOfEmail' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@respondToBlockedBadLogin',
'FireflyIII\Handlers\Events\UserEventHandler@reportUseOfBlockedEmail',
],
'FireflyIII\Events\BlockedUseOfDomain' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@reportUseBlockedDomain',
],
'FireflyIII\Events\BlockedBadLogin' => // is a User related event.
[
'FireflyIII\Handlers\Events\UserEventHandler@reportBadLogin',
],
'FireflyIII\Events\RegisteredUser' => // is a User related event.
[