Skip to content

Commit

Permalink
Merge pull request #304 from elpablos/feature/303-anonymous-endpoint-…
Browse files Browse the repository at this point in the history
…perf

Disable auditing anonymous sessions
  • Loading branch information
byewokko authored Oct 18, 2023
2 parents 00f1383 + feed7c6 commit 48dfec3
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
### Features
- Login with AppleID (#293, PLUM Sprint 230908, @filipmelik)
- Webauthn authenticator metadata (#256, PLUM Sprint 230908)
- Configurably disable auditing of anonymous sessions (#304, PLUM Sprint 231006)

---

Expand Down
13 changes: 13 additions & 0 deletions seacatauth/audit/service.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,14 @@

#

asab.Config.add_defaults({
"seacatauth:audit": {
# Enable or disable the auditing of anonymous sessions.
# Disabling may be desirable for database performance reasons.
"log_anonymous_sessions": True,
},
})


class AuditService(asab.Service):

Expand All @@ -26,6 +34,7 @@ class AuditService(asab.Service):
def __init__(self, app, service_name="seacatauth.AuditService"):
super().__init__(app, service_name)
self.StorageService = app.get_service("asab.StorageService")
self.IsAnonymousLoggingEnabled = asab.Config.getboolean("seacatauth:audit", "log_anonymous_sessions")


async def append(
Expand All @@ -41,6 +50,10 @@ async def append(
"""
assert (isinstance(code, AuditCode))

# Do not audit anonymous sessions if desired (performance reasons)
if not self.IsAnonymousLoggingEnabled and code == AuditCode.ANONYMOUS_SESSION_CREATED:
return

# Do not use upsertor because it can trigger webhook
now = datetime.datetime.now(datetime.timezone.utc)
entry = {
Expand Down

0 comments on commit 48dfec3

Please sign in to comment.