parent
8dd3accfc4
commit
d29e6f057a
@ -0,0 +1,37 @@
|
|||||||
|
const { Job } = require('flitter-jobs')
|
||||||
|
|
||||||
|
class ForeignIPLoginAlertJob extends Job {
|
||||||
|
static get services() { return [...super.services, 'models', 'jobs', 'output', 'configs'] }
|
||||||
|
|
||||||
|
async execute(job) {
|
||||||
|
const { data } = job
|
||||||
|
const { user_id, ip } = data
|
||||||
|
|
||||||
|
try {
|
||||||
|
const User = this.models.get('auth:User')
|
||||||
|
const user = await User.findById(user_id)
|
||||||
|
if ( !user ) throw new Error('Unable to find user with ID: '+user_id)
|
||||||
|
|
||||||
|
this.output.info('Sending foreign IP login alert to user.')
|
||||||
|
|
||||||
|
await this.jobs.queue('mailer').add('EMail', {
|
||||||
|
to: user.email,
|
||||||
|
subject: `Security Alert | ${this.configs.get('app.name')}`,
|
||||||
|
email_params: {
|
||||||
|
header_text: 'Login From New IP',
|
||||||
|
body_paragraphs: [
|
||||||
|
`We've detected a login to your ${this.configs.get('app.name')} account from a new IP address (${ip}).`,
|
||||||
|
'If this was you, no further action is required. If this was not you, please log into your account and reset your password.',
|
||||||
|
'Also, consider enabling multi-factor authentication to protect your account.',
|
||||||
|
],
|
||||||
|
button_text: 'Account Settings',
|
||||||
|
button_link: `${this.configs.get('app.url')}dash/profile`,
|
||||||
|
}
|
||||||
|
})
|
||||||
|
} catch (e) {
|
||||||
|
this.output.error(e)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = exports = ForeignIPLoginAlertJob
|
@ -0,0 +1,15 @@
|
|||||||
|
const { Model } = require('flitter-orm')
|
||||||
|
|
||||||
|
class ActivityModel extends Model {
|
||||||
|
static get schema() {
|
||||||
|
return {
|
||||||
|
user_id: String,
|
||||||
|
session_id: String,
|
||||||
|
action: String,
|
||||||
|
timestamp: { type: Date, default: () => new Date },
|
||||||
|
metadata: Object,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = exports = ActivityModel
|
@ -0,0 +1,45 @@
|
|||||||
|
const { Service } = require('flitter-di')
|
||||||
|
|
||||||
|
class ActivityService extends Service {
|
||||||
|
static get services() { return ['models', 'jobs'] }
|
||||||
|
|
||||||
|
model() {
|
||||||
|
return this.models.get('Activity')
|
||||||
|
}
|
||||||
|
|
||||||
|
async login(req) {
|
||||||
|
const Activity = this.model()
|
||||||
|
const activity = new Activity({
|
||||||
|
user_id: req.session.auth.user_id,
|
||||||
|
session_id: req.session.id,
|
||||||
|
action: 'login',
|
||||||
|
metadata: {
|
||||||
|
ip: req.ip
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
// If this is a new IP login, send an e-mail alert
|
||||||
|
const foreign_ip = await this.foreign_login_ip(req.session.auth.user_id, req.ip)
|
||||||
|
if ( foreign_ip ) {
|
||||||
|
await this.jobs.queue('notifications').add('ForeignIPLoginAlert', {
|
||||||
|
ip: req.ip,
|
||||||
|
user_id: req.session.auth.user_id,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
await activity.save()
|
||||||
|
}
|
||||||
|
|
||||||
|
async foreign_login_ip(user_id, ip) {
|
||||||
|
const Activity = this.model()
|
||||||
|
const existing_ip = await Activity.findOne({
|
||||||
|
user_id,
|
||||||
|
action: 'login',
|
||||||
|
'metadata.ip': ip,
|
||||||
|
})
|
||||||
|
|
||||||
|
return !existing_ip
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = exports = ActivityService
|
Loading…
Reference in new issue