Commit 49b17430 authored by ls1947's avatar ls1947
Browse files

Add Login since timestamps

parent 2ef5b6ac
package edu.kit.scc.webreg.service.saml;
import java.time.Instant;
import java.util.Date;
import java.util.List;
import java.util.Map;
......@@ -21,11 +22,15 @@ import org.slf4j.MDC;
import edu.kit.scc.webreg.bootstrap.ApplicationConfig;
import edu.kit.scc.webreg.dao.SamlIdpMetadataDao;
import edu.kit.scc.webreg.dao.SamlUserDao;
import edu.kit.scc.webreg.dao.UserLoginInfoDao;
import edu.kit.scc.webreg.drools.impl.KnowledgeSessionSingleton;
import edu.kit.scc.webreg.entity.SamlIdpMetadataEntity;
import edu.kit.scc.webreg.entity.SamlIdpMetadataEntityStatus;
import edu.kit.scc.webreg.entity.SamlSpConfigurationEntity;
import edu.kit.scc.webreg.entity.SamlUserEntity;
import edu.kit.scc.webreg.entity.UserLoginInfoEntity;
import edu.kit.scc.webreg.entity.UserLoginInfoStatus;
import edu.kit.scc.webreg.entity.UserLoginMethod;
import edu.kit.scc.webreg.exc.UserUpdateException;
import edu.kit.scc.webreg.service.impl.UserUpdater;
import edu.kit.scc.webreg.service.saml.exc.SamlAuthenticationException;
......@@ -44,6 +49,9 @@ public class SamlSpPostServiceImpl implements SamlSpPostService {
@Inject
private SamlUserDao userDao;
@Inject
private UserLoginInfoDao userLoginInfoDao;
@Inject
private UserUpdater userUpdater;
......@@ -141,9 +149,18 @@ public class SamlSpPostServiceImpl implements SamlSpPostService {
}
session.setUserId(user.getId());
session.setLoginTime(Instant.now());
session.setTheme(user.getTheme());
session.setLocale(user.getLocale());
UserLoginInfoEntity loginInfo = userLoginInfoDao.createNew();
loginInfo.setUser(user);
loginInfo.setLoginDate(new Date());
loginInfo.setLoginMethod(UserLoginMethod.HOME_ORG);
loginInfo.setLoginStatus(UserLoginInfoStatus.SUCCESS);
loginInfo.setFrom(request.getRemoteAddr());
loginInfo = userLoginInfoDao.persist(loginInfo);
if (session.getOriginalRequestPath() != null) {
String orig = session.getOriginalRequestPath();
session.setOriginalRequestPath(null);
......
......@@ -11,8 +11,8 @@
package edu.kit.scc.webreg.session;
import java.io.Serializable;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
......@@ -68,7 +68,8 @@ public class SessionManager implements Serializable {
private String locale;
private Date twoFaElevation;
private Instant twoFaElevation;
private Instant loginTime;
@PostConstruct
public void init() {
......@@ -269,11 +270,19 @@ public class SessionManager implements Serializable {
return serviceSshPubKeyApproverList;
}
public Date getTwoFaElevation() {
public Instant getTwoFaElevation() {
return twoFaElevation;
}
public void setTwoFaElevation(Date twoFaElevation) {
public void setTwoFaElevation(Instant twoFaElevation) {
this.twoFaElevation = twoFaElevation;
}
public Instant getLoginTime() {
return loginTime;
}
public void setLoginTime(Instant loginTime) {
this.loginTime = loginTime;
}
}
......@@ -12,7 +12,7 @@ package edu.kit.scc.webreg.bean;
import java.io.IOException;
import java.io.Serializable;
import java.util.Date;
import java.time.Instant;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ViewScoped;
......@@ -80,7 +80,7 @@ public class TwoFaLoginBean implements Serializable {
if (response.getResult() != null && response.getResult().isStatus() && response.getResult().isValue()) {
// Succesfull check
sessionManager.setTwoFaElevation(new Date());
sessionManager.setTwoFaElevation(Instant.now());
userService.addLoginInfo(user.getId(), UserLoginMethod.TWOFA, UserLoginInfoStatus.SUCCESS,
request.getRemoteAddr());
......
......@@ -11,6 +11,8 @@
package edu.kit.scc.webreg.sec;
import java.io.Serializable;
import java.time.Duration;
import java.time.Instant;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
......@@ -229,6 +231,39 @@ public class AuthorizationBean implements Serializable {
}
}
public Duration getLoggedInSince() {
if (sessionManager.getLoginTime() != null) {
return Duration.between(sessionManager.getLoginTime(), Instant.now());
}
else {
return null;
}
}
public Duration getTwoFaElevatedSince() {
if (sessionManager.getTwoFaElevation() != null) {
return Duration.between(sessionManager.getTwoFaElevation(), Instant.now());
}
else {
return null;
}
}
public Boolean isTwoFaElevated() {
long elevationTime = 5L * 60L * 1000L;
if (appConfig.getConfigValue("elevation_time") != null) {
elevationTime = Long.parseLong(appConfig.getConfigValue("elevation_time"));
}
if (sessionManager.getTwoFaElevation() != null &&
(System.currentTimeMillis() - sessionManager.getTwoFaElevation().toEpochMilli()) < elevationTime) {
return true;
}
else {
return false;
}
}
public boolean isUserInRole(String roleName) {
if (roleName.startsWith("ROLE_"))
roleName = roleName.substring(5);
......
......@@ -151,7 +151,7 @@ public class SecurityFilter implements Filter {
}
if (session.getTwoFaElevation() != null &&
(System.currentTimeMillis() - session.getTwoFaElevation().getTime()) < elevationTime) {
(System.currentTimeMillis() - session.getTwoFaElevation().toEpochMilli()) < elevationTime) {
// user already elevated
chain.doFilter(servletRequest, servletResponse);
}
......@@ -182,7 +182,7 @@ public class SecurityFilter implements Filter {
}
if (session.getTwoFaElevation() != null &&
(System.currentTimeMillis() - session.getTwoFaElevation().getTime()) < elevationTime) {
(System.currentTimeMillis() - session.getTwoFaElevation().toEpochMilli()) < elevationTime) {
// user already elevated
chain.doFilter(servletRequest, servletResponse);
}
......
my_twofa=Zweite Faktoren
check=Pr\u00FCfen
twofa_elevated_since_recently=Mit 2FA eben
logged_in_since_recently=Eingeloggt seit eben
twofa_login_text=Um die angeforderte Aktion durchzuf\u00FChren, muss ein zweiter Faktor eingegeben werden. Bitte geben Sie einen beliebigen zweiten Faktor aus der unten stehenden Liste ein um fortzufahren.
twofa_login=Login mit zweiten Faktor
twofa_code=Aktueller code
login_status=Loginstatus
logged_in_since_not_set=Keine Loginzeit
logged_in_since=Eingeloggt seit
minutes=Minuten
twofa_elevated_since=Mit 2FA seit
unknown=Unbekannt
twofa_list=Liste zweiter Faktor
accept_tou=Ich habe die Nutzungsbedingungen gelesen und bin einverstanden.
set_ssh_pub_key=SSH Key setzen
......
my_twofa=Second factors
twofa_login_text=To perform the requested action, a second factor must be entered. Please enter any second factor from the list below to continue.
twofa_login=Login with second factor
twofa_code=Current code
check=Check
twofa_elevated_since_recently=With 2FA recently
logged_in_since_recently=Logged in recently
login_status=Login status
logged_in_since_not_set=No login time
logged_in_since=Logged in for
minutes=minutes
twofa_elevated_since=With 2FA for
unknown=Unknown
twofa_list=List of second factors
aa_entities=Attribute authorities
set_ssh_pub_key=Set SSH Key
......
......@@ -6,7 +6,8 @@
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:p="http://primefaces.org/ui">
xmlns:p="http://primefaces.org/ui"
xmlns:of="http://omnifaces.org/functions">
<head>
<title>Left side bar</title>
</head>
......@@ -17,9 +18,40 @@
</h:panelGroup>
<h:panelGroup rendered="#{sessionManager.isLoggedIn()}">
<div class="submenu">
<div class="submenu-title">#{messages.user}</div>
<div class="submenu-content">
<div style="padding: 8px;">
#{messages.login_status}:<br/>
<h:panelGroup rendered="#{empty authorizationBean.loggedInSince}">
<div>
#{messages.logged_in_since_not_set}
</div>
</h:panelGroup>
<h:panelGroup rendered="#{not empty authorizationBean.loggedInSince and (authorizationBean.loggedInSince.toMinutes() gt 2)}">
<div>
#{messages.logged_in_since} #{authorizationBean.loggedInSince.toMinutes()} #{messages.minutes}
</div>
</h:panelGroup>
<h:panelGroup rendered="#{not empty authorizationBean.loggedInSince and (authorizationBean.loggedInSince.toMinutes() lt 2)}">
<div>
#{messages.logged_in_since_recently}
</div>
</h:panelGroup>
<h:panelGroup rendered="#{authorizationBean.isTwoFaElevated() and (authorizationBean.twoFaElevatedSince.toMinutes() gt 2)}">
<div>
#{messages.twofa_elevated_since} #{authorizationBean.twoFaElevatedSince.toMinutes()} #{messages.minutes}
</div>
</h:panelGroup>
<h:panelGroup rendered="#{authorizationBean.isTwoFaElevated() and (authorizationBean.twoFaElevatedSince.toMinutes() lt 2)}">
<div>
#{messages.twofa_elevated_since_recently}
</div>
</h:panelGroup>
</div>
<hr style="border: 1px solid white;"/>
<ul>
<li><span class="ui-icon ui-icon-home" style="display:inline-block; vertical-align: bottom;" /><a href="#{request.contextPath}/index.xhtml">#{messages.index}</a></li>
<li><span class="ui-icon ui-icon-star" style="display:inline-block; vertical-align: bottom;" />
......
......@@ -20,6 +20,36 @@
<div class="submenu">
<div class="submenu-title">#{messages.user}</div>
<div class="submenu-content">
<div style="padding: 8px;">
#{messages.login_status}:<br/>
<h:panelGroup rendered="#{empty authorizationBean.loggedInSince}">
<div>
#{messages.logged_in_since_not_set}
</div>
</h:panelGroup>
<h:panelGroup rendered="#{not empty authorizationBean.loggedInSince and (authorizationBean.loggedInSince.toMinutes() gt 2)}">
<div>
#{messages.logged_in_since} #{authorizationBean.loggedInSince.toMinutes()} #{messages.minutes}
</div>
</h:panelGroup>
<h:panelGroup rendered="#{not empty authorizationBean.loggedInSince and (authorizationBean.loggedInSince.toMinutes() lt 2)}">
<div>
#{messages.logged_in_since_recently}
</div>
</h:panelGroup>
<h:panelGroup rendered="#{authorizationBean.isTwoFaElevated() and (authorizationBean.twoFaElevatedSince.toMinutes() gt 2)}">
<div>
#{messages.twofa_elevated_since} #{authorizationBean.twoFaElevatedSince.toMinutes()} #{messages.minutes}
</div>
</h:panelGroup>
<h:panelGroup rendered="#{authorizationBean.isTwoFaElevated() and (authorizationBean.twoFaElevatedSince.toMinutes() lt 2)}">
<div>
#{messages.twofa_elevated_since_recently}
</div>
</h:panelGroup>
</div>
<hr style="border: 1px solid white;"/>
<ul>
<li><span class="ui-icon ui-icon-home" style="display:inline-block; vertical-align: bottom;" /><a href="#{request.contextPath}/index.xhtml">#{messages.index}</a></li>
<li><span class="ui-icon ui-icon-star" style="display:inline-block; vertical-align: bottom;" />
......
......@@ -78,7 +78,7 @@
<dependency>
<groupId>org.omnifaces</groupId>
<artifactId>omnifaces</artifactId>
<version>3.3</version>
<version>3.6.1</version>
</dependency>
<dependency>
<groupId>commons-fileupload</groupId>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment