IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2024-11-25 18:30:55 -06:00
Code Issues Packages Projects Releases Wiki Activity

Better audit logs

Browse Source
This commit is contained in:
James Cole 2020-08-13 13:18:54 +02:00
parent ee3ef4b8cc
commit 76cd77cc73
No known key found for this signature in database
GPG Key ID: B5669F9493CDE38D
5 changed files with 23 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.env.example
View File

@ -53,13 +53,6 @@ LOG_CHANNEL=stack
# nothing will get logged, ever. # nothing will get logged, ever.
APP_LOG_LEVEL=notice APP_LOG_LEVEL=notice
#
# Firefly III keeps track of specific (security) related events in an audit log.
# These are stored on the drive, but in case of Docker can best be sent to 'stdout'.
#
AUDIT_LOG_CHANNEL=daily
# Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III # Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III
# For other database types, please see the FAQ: https://docs.firefly-iii.org/support/faq # For other database types, please see the FAQ: https://docs.firefly-iii.org/support/faq
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE # If you use Docker or similar, you can set these variables from a file by appending them with _FILE

3
app/Http/Controllers/Auth/LoginController.php
View File

@ -124,6 +124,9 @@ class LoginController extends Controller
*/ */
public function showLoginForm(Request $request) public function showLoginForm(Request $request)
{ {
Log::channel('audit')->info('Show login form.');
$count = DB::table('users')->count(); $count = DB::table('users')->count();
$loginProvider = config('firefly.login_provider'); $loginProvider = config('firefly.login_provider');
$title = (string) trans('firefly.login_page_title'); $title = (string) trans('firefly.login_page_title');

17
app/Support/Logging/AuditLogger.php
View File

@ -24,6 +24,11 @@ declare(strict_types=1);
namespace FireflyIII\Support\Logging; namespace FireflyIII\Support\Logging;
use Illuminate\Log\Logger;
use Monolog\Formatter\LineFormatter;
use Monolog\Handler\AbstractProcessingHandler;
use Monolog\Handler\Handler;
/** /**
* Class AuditLogger * Class AuditLogger
* @codeCoverageIgnore * @codeCoverageIgnore
@ -33,13 +38,19 @@ class AuditLogger
/** /**
* Customize the given logger instance. * Customize the given logger instance.
* *
* @param \Illuminate\Log\Logger $logger * @param Logger $logger
* *
* @return void * @return void
*/ */
public function __invoke($logger) public function __invoke(Logger $logger)
{ {
$processor = new AuditProcessor; $processor = new AuditProcessor;
$logger->pushProcessor($processor); /** @var AbstractProcessingHandler $handler */
foreach ($logger->getHandlers() as $handler) {
$formatter = new LineFormatter("[%datetime%] %channel%.%level_name%: %message% %context% %extra%\n");
$handler->setFormatter($formatter);
$handler->pushProcessor($processor);
}
} }
} }

2
app/Support/Logging/AuditProcessor.php
View File

@ -38,13 +38,11 @@ class AuditProcessor
public function __invoke(array $record): array public function __invoke(array $record): array
{ {
$record['extra']['path'] = request()->method() . ':' . request()->url(); $record['extra']['path'] = request()->method() . ':' . request()->url();
$record['extra']['IP'] = app('request')->ip(); $record['extra']['IP'] = app('request')->ip();
if (auth()->check()) { if (auth()->check()) {
$record['extra']['user'] = auth()->user()->email; $record['extra']['user'] = auth()->user()->email;
} }
return $record; return $record;
} }
} }

8
config/logging.php
View File

@ -56,6 +56,10 @@ return [
'driver' => 'stack', 'driver' => 'stack',
'channels' => ['daily', 'stdout'], 'channels' => ['daily', 'stdout'],
], ],
'audit' => [
'driver' => 'stack',
'channels' => ['daily_audit', 'stdout'],
],
'single' => [ 'single' => [
'driver' => 'single', 'driver' => 'single',
'path' => storage_path('logs/laravel.log'), 'path' => storage_path('logs/laravel.log'),
@ -77,8 +81,8 @@ return [
'level' => envNonEmpty('APP_LOG_LEVEL', 'info'), 'level' => envNonEmpty('APP_LOG_LEVEL', 'info'),
'days' => 7, 'days' => 7,
], ],
'audit' => [ 'daily_audit' => [
'driver' => envNonEmpty('AUDIT_LOG_CHANNEL', 'daily'), 'driver' => 'daily',
'path' => storage_path('logs/ff3-audit.log'), 'path' => storage_path('logs/ff3-audit.log'),
'tap' => [AuditLogger::class], 'tap' => [AuditLogger::class],
'level' => 'info', 'level' => 'info',