2018-07-17 12:50:04 +00:00
|
|
|
module Gitlab
|
|
|
|
|
module Auth
|
|
|
|
|
##
|
|
|
|
|
# Metrics and logging for user authentication activity.
|
|
|
|
|
#
|
|
|
|
|
class Activity
|
|
|
|
|
extend Gitlab::Utils::StrongMemoize
|
|
|
|
|
|
|
|
|
|
COUNTERS = {
|
|
|
|
|
user_authenticated: 'Counter of total successful authentication events',
|
|
|
|
|
user_unauthenticated: 'Counter of total authentication failures',
|
|
|
|
|
user_not_found: 'Counter of total failed log-ins when user is unknown',
|
|
|
|
|
user_password_invalid: 'Counter of failed log-ins with invalid password',
|
|
|
|
|
user_session_override: 'Counter of manual log-ins and sessions overrides',
|
2018-07-23 13:13:11 +00:00
|
|
|
user_two_factor_authenticated: 'Counter of two factor authentications',
|
|
|
|
|
user_blocked: 'Counter of total sign in attempts when user is blocked',
|
2018-07-17 12:50:04 +00:00
|
|
|
user_signed_out: 'Counter of total user sign out events'
|
|
|
|
|
}.freeze
|
|
|
|
|
|
2018-07-20 14:00:28 +00:00
|
|
|
def initialize(user, opts)
|
|
|
|
|
@user = user
|
2018-07-17 12:50:04 +00:00
|
|
|
@opts = opts
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def user_authentication_failed!
|
2018-07-23 15:20:24 +00:00
|
|
|
self.class.user_unauthenticated_counter_increment!
|
2018-07-17 12:50:04 +00:00
|
|
|
|
|
|
|
|
case @opts[:message]
|
|
|
|
|
when :not_found_in_database
|
2018-07-23 15:20:24 +00:00
|
|
|
self.class.user_not_found_counter_increment!
|
2018-07-17 12:50:04 +00:00
|
|
|
when :invalid
|
2018-07-23 15:20:24 +00:00
|
|
|
self.class.user_password_invalid_counter_increment!
|
2018-07-17 12:50:04 +00:00
|
|
|
end
|
2018-07-20 14:00:28 +00:00
|
|
|
|
2018-07-23 13:13:11 +00:00
|
|
|
if @user.present? && @user.blocked?
|
2018-07-23 15:20:24 +00:00
|
|
|
self.class.user_blocked_counter_increment!
|
2018-07-23 13:13:11 +00:00
|
|
|
end
|
2018-07-17 12:50:04 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def user_authenticated!
|
2018-07-23 15:20:24 +00:00
|
|
|
self.class.user_authenticated_counter_increment!
|
2018-07-17 12:50:04 +00:00
|
|
|
end
|
|
|
|
|
|
2018-07-19 08:34:58 +00:00
|
|
|
def user_session_override!
|
2018-07-23 15:20:24 +00:00
|
|
|
self.class.user_authenticated_counter_increment!
|
|
|
|
|
self.class.user_session_override_counter_increment!
|
2018-07-23 13:13:11 +00:00
|
|
|
|
|
|
|
|
if @opts[:message] == :two_factor_authenticated
|
2018-07-23 15:20:24 +00:00
|
|
|
self.class.user_two_factor_authenticated_counter_increment!
|
2018-07-23 13:13:11 +00:00
|
|
|
end
|
2018-07-17 12:50:04 +00:00
|
|
|
end
|
|
|
|
|
|
2018-07-19 08:34:58 +00:00
|
|
|
def user_signed_out!
|
2018-07-23 15:20:24 +00:00
|
|
|
self.class.user_signed_out_counter_increment!
|
2018-07-17 12:50:04 +00:00
|
|
|
end
|
|
|
|
|
|
2018-07-20 13:06:11 +00:00
|
|
|
def self.each_counter
|
|
|
|
|
COUNTERS.each_pair do |metric, description|
|
|
|
|
|
yield "#{metric}_counter", metric, description
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
each_counter do |counter, metric, description|
|
|
|
|
|
define_singleton_method(counter) do
|
2018-07-23 15:20:24 +00:00
|
|
|
strong_memoize(counter) do
|
|
|
|
|
Gitlab::Metrics.counter("gitlab_auth_#{metric}_total", description)
|
2018-07-17 12:50:04 +00:00
|
|
|
end
|
|
|
|
|
end
|
2018-07-23 15:20:24 +00:00
|
|
|
|
|
|
|
|
define_singleton_method("#{counter}_increment!") do
|
|
|
|
|
public_send(counter).increment # rubocop:disable GitlabSecurity/PublicSend
|
|
|
|
|
end
|
2018-07-17 12:50:04 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
