2018-10-11 16:12:21 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2018-07-17 08:50:04 -04:00
|
|
|
module Gitlab
|
|
|
|
|
module Auth
|
|
|
|
|
##
|
|
|
|
|
# Metrics and logging for user authentication activity.
|
|
|
|
|
#
|
|
|
|
|
class Activity
|
|
|
|
|
extend Gitlab::Utils::StrongMemoize
|
|
|
|
|
|
|
|
|
|
COUNTERS = {
|
2018-07-31 03:24:19 -04:00
|
|
|
user_authenticated: 'Counter of successful authentication events',
|
|
|
|
|
user_unauthenticated: 'Counter of authentication failures',
|
|
|
|
|
user_not_found: 'Counter of failed log-ins when user is unknown',
|
2018-07-17 08:50:04 -04:00
|
|
|
user_password_invalid: 'Counter of failed log-ins with invalid password',
|
|
|
|
|
user_session_override: 'Counter of manual log-ins and sessions overrides',
|
2018-07-31 03:24:19 -04:00
|
|
|
user_session_destroyed: 'Counter of user sessions being destroyed',
|
2018-07-23 09:13:11 -04:00
|
|
|
user_two_factor_authenticated: 'Counter of two factor authentications',
|
2018-07-27 06:56:34 -04:00
|
|
|
user_sessionless_authentication: 'Counter of sessionless authentications',
|
2018-07-31 03:24:19 -04:00
|
|
|
user_blocked: 'Counter of sign in attempts when user is blocked'
|
2018-07-17 08:50:04 -04:00
|
|
|
}.freeze
|
|
|
|
|
|
2018-08-01 09:56:44 -04:00
|
|
|
def initialize(opts)
|
2018-07-17 08:50:04 -04:00
|
|
|
@opts = opts
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def user_authentication_failed!
|
2018-07-23 11:20:24 -04:00
|
|
|
self.class.user_unauthenticated_counter_increment!
|
2018-07-17 08:50:04 -04:00
|
|
|
|
|
|
|
|
case @opts[:message]
|
|
|
|
|
when :not_found_in_database
|
2018-07-23 11:20:24 -04:00
|
|
|
self.class.user_not_found_counter_increment!
|
2018-07-17 08:50:04 -04:00
|
|
|
when :invalid
|
2018-07-23 11:20:24 -04:00
|
|
|
self.class.user_password_invalid_counter_increment!
|
2018-07-17 08:50:04 -04:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def user_authenticated!
|
2018-07-23 11:20:24 -04:00
|
|
|
self.class.user_authenticated_counter_increment!
|
2019-07-26 03:05:50 -04:00
|
|
|
|
|
|
|
|
case @opts[:message]
|
|
|
|
|
when :two_factor_authenticated
|
|
|
|
|
self.class.user_two_factor_authenticated_counter_increment!
|
|
|
|
|
end
|
2018-07-17 08:50:04 -04:00
|
|
|
end
|
|
|
|
|
|
2018-07-19 04:34:58 -04:00
|
|
|
def user_session_override!
|
2018-07-23 11:20:24 -04:00
|
|
|
self.class.user_session_override_counter_increment!
|
2018-07-23 09:13:11 -04:00
|
|
|
|
2018-07-27 06:56:34 -04:00
|
|
|
case @opts[:message]
|
|
|
|
|
when :sessionless_sign_in
|
|
|
|
|
self.class.user_sessionless_authentication_counter_increment!
|
2018-07-23 09:13:11 -04:00
|
|
|
end
|
2018-07-17 08:50:04 -04:00
|
|
|
end
|
|
|
|
|
|
2018-08-01 08:23:06 -04:00
|
|
|
def user_blocked!
|
|
|
|
|
self.class.user_blocked_counter_increment!
|
|
|
|
|
end
|
|
|
|
|
|
2018-07-26 12:35:15 -04:00
|
|
|
def user_session_destroyed!
|
|
|
|
|
self.class.user_session_destroyed_counter_increment!
|
2018-07-17 08:50:04 -04:00
|
|
|
end
|
|
|
|
|
|
2018-07-20 09:06:11 -04:00
|
|
|
def self.each_counter
|
|
|
|
|
COUNTERS.each_pair do |metric, description|
|
|
|
|
|
yield "#{metric}_counter", metric, description
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
each_counter do |counter, metric, description|
|
|
|
|
|
define_singleton_method(counter) do
|
2018-07-23 11:20:24 -04:00
|
|
|
strong_memoize(counter) do
|
2018-07-24 04:20:48 -04:00
|
|
|
Gitlab::Metrics.counter("gitlab_auth_#{metric}_total".to_sym, description)
|
2018-07-17 08:50:04 -04:00
|
|
|
end
|
|
|
|
|
end
|
2018-07-23 11:20:24 -04:00
|
|
|
|
|
|
|
|
define_singleton_method("#{counter}_increment!") do
|
|
|
|
|
public_send(counter).increment # rubocop:disable GitlabSecurity/PublicSend
|
|
|
|
|
end
|
2018-07-17 08:50:04 -04:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
