Add IndieAuth security logs in the admin

2019-05-02 21:53:17 +02:00 · 2019-05-02 21:53:17 +02:00 · 616b853009
commit 616b853009
parent 23c8ca0c5a
3 changed files with 54 additions and 2 deletions
--- a/app.py
+++ b/app.py
@ -365,6 +365,16 @@ def format_time(val):
    return val


+@app.template_filter()
+def format_ts(val):
+    return datetime.fromtimestamp(val).strftime("%B %d, %Y, %H:%M %p")
+
+
+@app.template_filter()
+def gt_ts(val):
+    return datetime.now() > datetime.fromtimestamp(val)
+
+
@app.template_filter()
 def format_timeago(val):
    if val:
@ -1356,6 +1366,15 @@ def admin():
    )


+@app.route("/admin/indieauth", methods=["GET"])
+@login_required
+def admin_indieauth():
+    return render_template(
+        "admin_indieauth.html",
+        indieauth_actions=DB.indieauth.find().sort("ts", -1).limit(100),
+    )
+
+
@app.route("/admin/tasks", methods=["GET"])
@login_required
 def admin_tasks():
@ -2205,7 +2224,7 @@ def indieauth_endpoint():
        {
            "$set": {
                "verified": True,
-                "verified_by": "login",
+                "verified_by": "id",
                "verified_at": datetime.now().timestamp(),
            }
        },
@ -2252,7 +2271,7 @@ def token_endpoint():
            {
                "$set": {
                    "verified": True,
-                    "verified_by": "token",
+                    "verified_by": "code",
                    "verified_at": now.timestamp(),
                }
            },
--- a/templates/admin.html
+++ b/templates/admin.html
@ -6,6 +6,11 @@
 {% include "header.html" %}
 <div id="admin">
 <h3>Admin</h3>
+<h4>Links</h4>
+<ul>
+    <li><a href="/admin/indieauth">IndieAuth logs</a></li>
+    <li><a href="/admin/tasks">Poussetaches tasks</a></li>
+</ul>
 <h4>DB</h4>
 <ul>
 	<li>Inbox size: <strong>{{ inbox_size }}</strong></li>
--- a/templates/admin_indieauth.html
+++ b/templates/admin_indieauth.html
@ -0,0 +1,28 @@
+{% extends "layout.html" %}
+{% import 'utils.html' as utils %}
+{% block title %}IndieAuth logs - {{ config.NAME }}{% endblock %}
+{% block content %}
+<div id="container">
+{% include "header.html" %}
+<div id="admin">
+<h3>IndieAuth logs</h3>
+<ul style="list-style-type:none;padding:0;">
+{% for action in indieauth_actions %}
+<li style="margin-bottom:15px;"><span class="lcolor">{{action.ts|format_ts}}</span>
+<strong>{% if action.verified_by == "login" %}Authorization{% else %}Token{% endif %}</strong>
+requested by <a style="font-weight:bold" href="{{ action.client_id }}">{{ action.client_id }}</a>
+<a style="font-weight:bold;" href="{{action.me}}">{{action.me}}</a>
+({% if action.scope %}scope=<code>{{action.scope}}</code>,{% endif %}redirect_uri={{action.redirect_uri}}).
+{% if action.token_expires %}
+<br>
+The token <code title="{{action.token}}">{{action.token[:20]}}...</code>
+{% if action.token_expires|gt_ts%}has expired on{% else %}expires{% endif %} {{ action.token_expires|format_ts }}
+{% endif %}
+
+</li>
+{% endfor %}
+</ul>
+</div>
+
+</div>
+{% endblock %}