Auditlog 작성

myungwoo · Oct 21, 2017 · bd0f48a · bd0f48a
1 parent 6ba4619
commit bd0f48a
Show file tree

Hide file tree

Showing 9 changed files with 38 additions and 6 deletions.
diff --git a/api/auth.js b/api/auth.js
@@ -27,6 +27,7 @@ router.post('/login', (req, res) => {
       let affils = await db.affiliation.getByAffilId(team.affilid);
       let affiliation = affils.length === 1 ? affils[0] : null;
       let userdata = {
+        userid: user.userid,
         username: user.username,
         name: user.name,
         teamname: team.name,
@@ -35,17 +36,19 @@ router.post('/login', (req, res) => {
       };
       const token = jwt.sign(userdata, secret, {
         expiresIn: req.app.get('jwt-expire'),
-        issuer: req.app.get('jwt-issuer')
+        issuer: req.app.get('jwt-issuer'),
+        subject: req.app.get('jwt-subject'),
       });
 
       let ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
       db.user.login(user.username, ip);
-      // TODO: update teampage first visit
+      db.team.teampageVisit(team.teamid);
       res.send({
         success: true,
         userdata,
         token
       });
+      db.auditlog.addLog(null, user.username, 'user', user.userid, 'logged in', `${ip} - via react`);
     } catch (error) {
       res.send({
         success: false,
@@ -55,6 +58,13 @@ router.post('/login', (req, res) => {
   })(req, res);
 });
 
+router.get('/logout', (req, res) => {
+  if (!req.user){ res.sendStatus(401); return; }
+  let ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
+  db.auditlog.addLog(null, req.user.username, 'user', req.user.userid, 'logged out', `${ip} - via react`);
+  res.sendStatus(200);
+});
+
 router.get('/user', (req, res) => {
   (async function(req, res){
     if (!req.user) throw Error();

diff --git a/api/index.js b/api/index.js
@@ -117,7 +117,7 @@ router.get('/languages', (req, res) => {
 router.post('/submit', upload.array('files'), (req, res) => {
   const files = req.files;
   const {cid, probid, langid} = req.body;
-  const {teamid} = req.user;
+  const {teamid, username} = req.user;
   if (!(files.length > 0)){ res.sendStatus(400); return; }
   if (!cid || isNaN(Number(cid))){ res.sendStatus(400); return; }
   if (!probid || isNaN(Number(probid))){ res.sendStatus(400); return; }
@@ -163,6 +163,7 @@ router.post('/submit', upload.array('files'), (req, res) => {
         });
       });
       res.send({success: true});
+      db.auditlog.addLog(cid, username, 'submission', submitid, 'added', 'via react');
     }catch (err){
       await new Promise((resolve, reject) => {
         conn.query('ROLLBACK', (err, res) => {

diff --git a/client/src/Main.js b/client/src/Main.js
@@ -1,5 +1,7 @@
 import React from 'react';
 import PropTypes from 'prop-types';
+import axios from 'axios';
+
 import {Route, Switch, Redirect} from 'react-router-dom';
 import {AppBar, Toolbar, Typography, Button, IconButton, Drawer, Divider, Tooltip} from 'material-ui';
 import MenuIcon from 'material-ui-icons/Menu';
@@ -66,7 +68,11 @@ class Main extends React.Component {
   }
 
   logout() {
-    Auth.doLogout(); this.props.onLogout();
+    const {user, toast} = this.props;
+    toast(`Bye bye, ${user.username}!`);
+    axios.get('/api/auth/logout', Auth.getHeader());
+    Auth.doLogout();
+    this.props.onLogout();
   }
 
   render() {

diff --git a/config.js b/config.js
@@ -3,6 +3,7 @@ module.exports = {
     secret      : 'DDQwP6fY4TZBDsWhgWWLUNhKWp9V7TsXEbw77yVe4QupSmJR',
     token_expire: '10h',
     issuer      : 'Myungwoo Chun',
+    subject     : 'token-v1',
   },
   db: {
     connection_limit: 500,

diff --git a/db/auditlog.js b/db/auditlog.js
@@ -0,0 +1,11 @@
+const pool = require('./pool');
+
+exports.addLog = (cid, user, datatype, dataid, action, extrainfo) => {
+  return new Promise((resolve, reject) => {
+    pool.query('INSERT INTO auditlog (logtime, cid, user, datatype, dataid, action, extrainfo) VALUES(NOW(), ?, ?, ?, ?, ?, ?)',
+      [cid, user, datatype, dataid, action, extrainfo], (err, res) => {
+        if (err) reject(err);
+        resolve(res);
+      });
+  });
+};
diff --git a/db/index.js b/db/index.js
@@ -10,6 +10,7 @@ module.exports = {
       });
     })
   ),
+  auditlog: require('./auditlog'),
   configuration: require('./configuration'),
   user: require('./user'),
   team: require('./team'),

diff --git a/db/team.js b/db/team.js
@@ -9,7 +9,7 @@ exports.getByTeamId = teamid => {
   });
 };
 
-exports.teampage_visit = teamid => {
+exports.teampageVisit = teamid => {
   return new Promise((resolve, reject) => {
     pool.query('UPDATE team SET teampage_first_visited = UNIX_TIMESTAMP() WHERE teamid = ? AND teampage_first_visited IS NULL', [teamid], (err, res) => {
       if (err) reject(err);

diff --git a/middlewares/auth.js b/middlewares/auth.js
@@ -8,7 +8,8 @@ module.exports = function(req, res, next) {
   try {
     // eslint-disable-next-line no-unused-vars
     let {iat, exp, iss, ...rest} = jwt.verify(token, secret, {
-      issuer: req.app.get('jwt-issuer')
+      issuer: req.app.get('jwt-issuer'),
+      subject: req.app.get('jwt-subject'),
     });
     req.user = rest;
   } catch (e) {

diff --git a/server.js b/server.js
@@ -15,6 +15,7 @@ app.use(bodyParser.json({limit: config.express.max_body_size}));
 app.set('jwt-secret', config.auth.secret);
 app.set('jwt-expire', config.auth.token_expire);
 app.set('jwt-issuer', config.auth.issuer);
+app.set('jwt-subject', config.auth.subject);
 
 app.use('/api', require('./api'));