mirror of https://github.com/MISP/MISP
new: [auth] log api key usage in redis
- lightweight per day slice of api key use - built as a ranked set in redis for the dashboardsnew_widgets
parent
dd03bc0432
commit
9e763ba0e5
|
@ -417,16 +417,19 @@ class AppController extends Controller
|
|||
}
|
||||
}
|
||||
if ($foundMispAuthKey) {
|
||||
$authKeyToStore = substr($authKey, 0, 4)
|
||||
$start = substr($authKey, 0, 4);
|
||||
$end = substr($authKey, -4);
|
||||
$authKeyToStore = $start
|
||||
. str_repeat('*', 32)
|
||||
. substr($authKey, -4);
|
||||
. $end;
|
||||
$this->__logApiKeyUse($start . $end);
|
||||
if ($user) {
|
||||
// User found in the db, add the user info to the session
|
||||
if (Configure::read('MISP.log_auth')) {
|
||||
$this->loadModel('Log');
|
||||
$this->Log->create();
|
||||
$log = array(
|
||||
'org' => $user['Organisation']['name'],
|
||||
'org' => $user['Organisation']['0000000000000000000000000000000000000000name'],
|
||||
'model' => 'User',
|
||||
'model_id' => $user['id'],
|
||||
'email' => $user['email'],
|
||||
|
@ -642,6 +645,15 @@ class AppController extends Controller
|
|||
return in_array($this->request->params['action'], $actionsToCheck[$controller], true);
|
||||
}
|
||||
|
||||
private function __logApiKeyUse($apikey)
|
||||
{
|
||||
$redis = $this->User->setupRedis();
|
||||
if (!$redis) {
|
||||
return;
|
||||
}
|
||||
$redis->zIncrBy('misp:authkey_log:' . date("Ymd"), 1, $apikey);
|
||||
}
|
||||
|
||||
/**
|
||||
* User access monitoring
|
||||
* @param array $user
|
||||
|
|
Loading…
Reference in New Issue