Implement scaffold of authentication activity metrics
This commit is contained in:
parent
7f0431dd85
commit
416076610e
|
@ -5,17 +5,29 @@ Rails.application.configure do |config|
|
|||
|
||||
Warden::Manager.before_failure(scope: :user) do |env, opts|
|
||||
Gitlab::Auth::BlockedUserTracker.log_if_user_blocked(env)
|
||||
|
||||
Gitlab::Auth::Activity.new(opts).user_authentication_failed!
|
||||
end
|
||||
|
||||
Warden::Manager.after_authentication(scope: :user) do |user, auth, opts|
|
||||
ActiveSession.cleanup(user)
|
||||
|
||||
Gitlab::Auth::Activity.new(opts).user_authenticated!
|
||||
end
|
||||
|
||||
Warden::Manager.after_set_user(scope: :user, only: :fetch) do |user, auth, opts|
|
||||
ActiveSession.set(user, auth.request)
|
||||
|
||||
Gitlab::Auth::Activity.new(opts).user_session_fetched!
|
||||
end
|
||||
|
||||
Warden::Manager.after_set_user(scope: :user, only: :set_user) do |user, auth, opts|
|
||||
Gitlab::Auth::Activity.new(opts).user_set_manually!
|
||||
end
|
||||
|
||||
Warden::Manager.before_logout(scope: :user) do |user, auth, opts|
|
||||
ActiveSession.destroy(user || auth.user, auth.request.session.id)
|
||||
|
||||
Gitlab::Auth::Activity.new(opts).user_logout!
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,69 @@
|
|||
module Gitlab
|
||||
module Auth
|
||||
##
|
||||
# Metrics and logging for user authentication activity.
|
||||
#
|
||||
class Activity
|
||||
extend Gitlab::Utils::StrongMemoize
|
||||
|
||||
COUNTERS = {
|
||||
user_authenticated: 'Counter of total successful authentication events',
|
||||
user_unauthenticated: 'Counter of total authentication failures',
|
||||
user_not_found: 'Counter of total failed log-ins when user is unknown',
|
||||
user_password_invalid: 'Counter of failed log-ins with invalid password',
|
||||
user_session_fetched: 'Counter of total sessions fetched',
|
||||
user_session_override: 'Counter of manual log-ins and sessions overrides',
|
||||
user_signed_out: 'Counter of total user sign out events'
|
||||
}.freeze
|
||||
|
||||
def initialize(opts)
|
||||
@opts = opts
|
||||
end
|
||||
|
||||
def user_authentication_failed!
|
||||
self.class.user_unauthenticated_counter.increment
|
||||
|
||||
case @opts[:message]
|
||||
when :not_found_in_database
|
||||
self.class.user_not_found_counter.increment
|
||||
when :invalid
|
||||
self.class.user_password_invalid_counter.increment
|
||||
end
|
||||
end
|
||||
|
||||
def user_authenticated!
|
||||
self.class.user_authenticated_counter.increment
|
||||
end
|
||||
|
||||
def user_session_fetched!
|
||||
self.class.user_session_fetched_counter.increment
|
||||
end
|
||||
|
||||
def user_set_manually!
|
||||
self.class.user_session_override_counter.increment
|
||||
end
|
||||
|
||||
def user_logout!
|
||||
self.class.user_signed_out_counter.increment
|
||||
end
|
||||
|
||||
class StubCounter
|
||||
def initialize(metric)
|
||||
Rails.logger.warn("METRIC #{metric}")
|
||||
end
|
||||
|
||||
def increment
|
||||
end
|
||||
end
|
||||
|
||||
COUNTERS.each_pair do |metric, description|
|
||||
define_singleton_method("#{metric}_counter") do
|
||||
strong_memoize(metric) do
|
||||
StubCounter.new(metric)
|
||||
# Gitlab::Metrics.counter("gitlab_auth_#{metric}_total", description)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -0,0 +1,11 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe Gitlab::Auth::Activity do
|
||||
describe 'counters' do
|
||||
it 'has all static counters defined' do
|
||||
described_class::COUNTERS.each_key do |metric|
|
||||
expect(described_class).to respond_to("#{metric}_counter")
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue