Skip to content

Commit

Permalink
535: log failed login requests
Browse files Browse the repository at this point in the history
  • Loading branch information
@sarahsporck
sarahsporck committed Dec 5, 2022
1 parent d631ed1 commit fbc8fb1
Show file tree
Hide file tree
Showing 4 changed files with 107 additions and 23 deletions.
98 changes: 80 additions & 18 deletions .vscode/tasks.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,14 @@
"label": "import",
"type": "shell",
"command": "${workspaceFolder}/backend/gradlew",
"options": { "cwd": "${workspaceFolder}/backend" },
"args": ["run", "--args", "import"],
"options": {
"cwd": "${workspaceFolder}/backend"
},
"args": [
"run",
"--args",
"import"
],
"problemMatcher": [
"$gradle"
]
Expand All @@ -17,8 +23,17 @@
"label": "Run Backend",
"type": "shell",
"command": "${workspaceFolder}/backend/gradlew",
"options": { "cwd": "${workspaceFolder}/backend", "env": { "JWT_SECRET": "Hello World!"} },
"args": ["run", "--args", "execute"],
"options": {
"cwd": "${workspaceFolder}/backend",
"env": {
"JWT_SECRET": "Hello World!"
}
},
"args": [
"run",
"--args",
"execute"
],
"problemMatcher": [
"$gradle"
]
Expand All @@ -27,8 +42,14 @@
"label": "Run Frontend",
"type": "shell",
"command": "fvm",
"options": { "cwd": "${workspaceFolder}/frontend" },
"args": ["flutter", "run", "--dart-define=environment=local"],
"options": {
"cwd": "${workspaceFolder}/frontend"
},
"args": [
"flutter",
"run",
"--dart-define=environment=local"
],
"problemMatcher": [
"$gradle"
]
Expand All @@ -37,8 +58,13 @@
"label": "Create Admin Account",
"type": "shell",
"command": "${workspaceFolder}/backend/gradlew",
"options": { "cwd": "${workspaceFolder}/backend" },
"args": ["run", "--args=\"create-admin nuernberg.sozialpass.app REGION_MANAGER [email protected] Administrator! 9\""],
"options": {
"cwd": "${workspaceFolder}/backend"
},
"args": [
"run",
"--args=\"create-admin nuernberg.sozialpass.app REGION_MANAGER [email protected] Administrator! 9\""
],
"problemMatcher": [
"$gradle"
]
Expand All @@ -47,8 +73,13 @@
"label": "Generate React GraphQL Client",
"type": "shell",
"command": "npm",
"options": { "cwd": "${workspaceFolder}/administration" },
"args": ["run", "generate-graphql"],
"options": {
"cwd": "${workspaceFolder}/administration"
},
"args": [
"run",
"generate-graphql"
],
"problemMatcher": [
"$gradle"
]
Expand All @@ -57,8 +88,13 @@
"label": "GraphQL Schema Export",
"type": "shell",
"command": "${workspaceFolder}/backend/gradlew",
"options": { "cwd": "${workspaceFolder}/backend" },
"args": ["run", "--args=\"graphql-export ../specs/backend-api.graphql\""],
"options": {
"cwd": "${workspaceFolder}/backend"
},
"args": [
"run",
"--args=\"graphql-export ../specs/backend-api.graphql\""
],
"problemMatcher": [
"$gradle"
]
Expand All @@ -67,22 +103,48 @@
"label": "Format",
"type": "shell",
"command": "fvm",
"options": { "cwd": "${workspaceFolder}/frontend" },
"args": ["flutter", "format", "-l", "120", "."],
"options": {
"cwd": "${workspaceFolder}/frontend"
},
"args": [
"flutter",
"format",
"-l",
"120",
"."
]
},
{
"label": "Select bayern",
"type": "shell",
"command": "fvm",
"options": { "cwd": "${workspaceFolder}/frontend" },
"args": ["flutter", "pub", "run", "build_runner", "build", "--delete-conflicting-outputs", "--define", "\"df_build_config=name=bayern\""],
"options": {
"cwd": "${workspaceFolder}/frontend"
},
"args": [
"flutter",
"pub",
"run",
"build_runner",
"build",
"--delete-conflicting-outputs",
"--define",
"\"df_build_config=name=bayern\""
]
},
{
"label": "Format backend",
"type": "shell",
"command": "${workspaceFolder}/backend/gradlew",
"options": { "cwd": "${workspaceFolder}/backend" },
"args": ["ktlintformat"]
"options": {
"cwd": "${workspaceFolder}/backend"
},
"args": [
"ktlintformat"
],
"problemMatcher": [
"$gradle"
]
}
]
}
15 changes: 13 additions & 2 deletions ...rc/main/kotlin/app/ehrenamtskarte/backend/auth/webservice/schema/SignInMutationService.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,17 +6,28 @@ import app.ehrenamtskarte.backend.auth.webservice.schema.types.Administrator
import app.ehrenamtskarte.backend.auth.webservice.schema.types.AuthData
import app.ehrenamtskarte.backend.auth.webservice.schema.types.Role
import app.ehrenamtskarte.backend.auth.webservice.schema.types.SignInPayload
import app.ehrenamtskarte.backend.common.webservice.GraphQLContext
import com.expediagroup.graphql.generator.annotations.GraphQLDescription
import com.expediagroup.graphql.generator.exceptions.GraphQLKotlinException
import graphql.schema.DataFetchingEnvironment
import org.jetbrains.exposed.sql.transactions.transaction
import org.slf4j.LoggerFactory

@Suppress("unused")
class SignInMutationService {
@GraphQLDescription("Signs in an administrator")
fun signIn(project: String, authData: AuthData): SignInPayload {
fun signIn(project: String, authData: AuthData, dfe: DataFetchingEnvironment): SignInPayload {
val logger = LoggerFactory.getLogger(SignInMutationService::class.java)

val administratorEntity = transaction {
AdministratorsRepository.findByAuthData(project, authData.email, authData.password)
} ?: throw GraphQLKotlinException("Invalid credentials")
}
if (administratorEntity == null) {
val context = dfe.getContext<GraphQLContext>()
logger.info("${context.remoteIp} ${authData.email} failed to log in")
throw GraphQLKotlinException("Invalid credentials")
}

val role = Role.fromDbValue(administratorEntity.role) ?: throw GraphQLKotlinException("Invalid role.")
val administrator = Administrator(
administratorEntity.id.value,
Expand Down
1 change: 1 addition & 0 deletions backend/src/main/kotlin/app/ehrenamtskarte/backend/common/webservice/GraphQLContext.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ data class GraphQLContext(
val applicationData: File,
val jwtPayload: JwtPayload?,
val files: List<Part>,
val remoteIp: String,
val backendConfiguration: BackendConfiguration
) : GraphQLContext {

Expand Down
16 changes: 13 additions & 3 deletions backend/src/main/kotlin/app/ehrenamtskarte/backend/common/webservice/GraphQLHandler.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,14 @@ class GraphQLHandler(
}
}

private fun getIpAdress(context: Context): String {
val xRealIp = context.header("X-Real-IP")
val xForwardedFor = context.header("X-Forwarded-For")
val remoteAddress = context.req().remoteAddr

return listOf(xRealIp, xForwardedFor, remoteAddress).firstNotNullOf { it }
}

/**
* Get any errors and data from [executionResult].
*/
Expand Down Expand Up @@ -109,16 +117,17 @@ class GraphQLHandler(
return result
}

private fun getGraphQLContext(context: Context, files: List<Part>, applicationData: File) =
private fun getGraphQLContext(context: Context, files: List<Part>, remoteIp: String, applicationData: File) =
try {
GraphQLContext(applicationData, JwtService.verifyRequest(context), files, backendConfiguration)
GraphQLContext(applicationData, JwtService.verifyRequest(context), files, remoteIp, backendConfiguration)
} catch (e: Exception) {
when (e) {
is JWTDecodeException, is AlgorithmMismatchException, is SignatureVerificationException,
is InvalidClaimException, is TokenExpiredException -> GraphQLContext(
applicationData,
null,
files,
remoteIp,
backendConfiguration
)

Expand All @@ -133,7 +142,8 @@ class GraphQLHandler(
// Execute the query against the schema
try {
val (payload, files) = getPayload(context)
val graphQLContext = getGraphQLContext(context, files, applicationData)
val remoteIp = getIpAdress(context)
val graphQLContext = getGraphQLContext(context, files, remoteIp, applicationData)

val variables = payload.getOrDefault("variables", emptyMap<String, Any>()) as Map<String, Any>?
val executionInput =
Expand Down

0 comments on commit fbc8fb1

Please sign in to comment.