CoreID/app/services/activity.service.js

const { Service } = require('flitter-di')

class ActivityService extends Service {
    static get services() { return ['models', 'jobs'] }

    model() {
        return this.models.get('Activity')
    }

    async login(req) {
        const activity = this.from_req(req)
        activity.action = 'login'
        activity.metadata = {
            ip: req.ip
        }

        // If this is a new IP login, send an e-mail alert
        const foreign_ip = await this.foreign_login_ip(req.session.auth.user_id, req.ip)
        if ( foreign_ip ) {
            await this.jobs.queue('notifications').add('ForeignIPLoginAlert', {
                ip: req.ip,
                user_id: req.session.auth.user_id,
            })
        }

        await activity.save()
    }

    async api_access_denial({ req, reason, check, oauth_client_id = null }) {
        const activity = this.from_req(req)
        activity.action = 'api-access-denial'
        activity.metadata = {
            scope: check,
            reason,
            oauth_client_id,
        }

        await activity.save()
        return activity
    }

    async mfa_enable({ req }) {
        const activity = this.from_req(req)
        activity.action = 'mfa-enable'
        await activity.save()
    }

    async mfa_disable({ req }) {
        const activity = this.from_req(req)
        activity.action = 'mfa-disable'
        await activity.save()
    }

    async mfa_recovery_created({ req }) {
        const activity = this.from_req(req)
        activity.action = 'mfa-recovery-created'
        await activity.save()
    }

    async app_password_created({ req, name }) {
        const activity = this.from_req(req)
        activity.action = 'app-password-created'
        activity.metadata = { name }
        await activity.save()
    }

    async password_reset({ req, ip }) {
        const activity = this.from_req(req)
        activity.action = 'password-reset'
        activity.metadata = { ip }
        await activity.save()

        // Send an alert to the user
        await this.jobs.queue('notifications').add('PasswordResetAlert', {
            ip, user_id: req.session.auth.user_id,
        })
    }

    async api_token_created({ req, oauth_client_id }) {
        const activity = this.from_req(req)
        activity.action = 'api-token-created'
        activity.metadata = {
            ip: req.ip,
            oauth_client_id,
        }
    }

    async foreign_login_ip(user_id, ip) {
        const Activity = this.model()
        const existing_ip = await Activity.findOne({
            user_id,
            action: 'login',
            'metadata.ip': ip,
        })

        return !existing_ip
    }

    from_req(req) {
        const Activity = this.model()
        return new Activity({
            user_id: req.session.auth.user_id,
            session_id: req.session.id,
        })
    }
}

module.exports = exports = ActivityService