[Web] Log only latest datetime of a unique datetime, service and ip combination
parent
9b8f5b7cc1
commit
78084c5e7b
|
@ -156,7 +156,7 @@ function auth_password_verify(req, pass)
|
||||||
while row do
|
while row do
|
||||||
if req.password_verify(req, row.password, pass) == 1 then
|
if req.password_verify(req, row.password, pass) == 1 then
|
||||||
cur:close()
|
cur:close()
|
||||||
con:execute(string.format([[INSERT INTO sasl_logs (service, app_password, username, real_rip)
|
con:execute(string.format([[REPLACE INTO sasl_log (service, app_password, username, real_rip)
|
||||||
VALUES ("%s", 0, "%s", "%s")]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip)))
|
VALUES ("%s", 0, "%s", "%s")]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip)))
|
||||||
return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass
|
return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass
|
||||||
end
|
end
|
||||||
|
@ -176,7 +176,7 @@ function auth_password_verify(req, pass)
|
||||||
while row do
|
while row do
|
||||||
if req.password_verify(req, row.password, pass) == 1 then
|
if req.password_verify(req, row.password, pass) == 1 then
|
||||||
cur:close()
|
cur:close()
|
||||||
con:execute(string.format([[INSERT INTO sasl_logs (service, app_password, username, real_rip)
|
con:execute(string.format([[REPLACE INTO sasl_log (service, app_password, username, real_rip)
|
||||||
VALUES ("%s", %d, "%s", "%s")]], con:escape(req.service), row.id, con:escape(req.user), con:escape(req.real_rip)))
|
VALUES ("%s", %d, "%s", "%s")]], con:escape(req.service), row.id, con:escape(req.user), con:escape(req.real_rip)))
|
||||||
return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass
|
return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass
|
||||||
end
|
end
|
||||||
|
@ -195,7 +195,7 @@ function auth_password_verify(req, pass)
|
||||||
-- }]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip))
|
-- }]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip))
|
||||||
-- http.request {
|
-- http.request {
|
||||||
-- method = "POST",
|
-- method = "POST",
|
||||||
-- url = "http://nginx:8081/sasl_logs.php",
|
-- url = "http://nginx:8081/sasl_log.php",
|
||||||
-- source = ltn12.source.string(reqbody),
|
-- source = ltn12.source.string(reqbody),
|
||||||
-- headers = {
|
-- headers = {
|
||||||
-- ["content-type"] = "application/json",
|
-- ["content-type"] = "application/json",
|
||||||
|
|
|
@ -258,8 +258,8 @@ function last_login($action, $username, $sasl_limit_days = 7) {
|
||||||
switch ($action) {
|
switch ($action) {
|
||||||
case 'get':
|
case 'get':
|
||||||
if (filter_var($username, FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
if (filter_var($username, FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
||||||
$stmt = $pdo->prepare('SELECT `real_rip`, MAX(`datetime`) as `datetime`, `service`, `app_password` FROM `sasl_logs`
|
$stmt = $pdo->prepare('SELECT `real_rip`, MAX(`datetime`) as `datetime`, `service`, `app_password` FROM `sasl_log`
|
||||||
LEFT OUTER JOIN `app_passwd` on `sasl_logs`.`app_password` = `app_passwd`.`id`
|
LEFT OUTER JOIN `app_passwd` on `sasl_log`.`app_password` = `app_passwd`.`id`
|
||||||
WHERE `username` = :username
|
WHERE `username` = :username
|
||||||
AND HOUR(TIMEDIFF(NOW(), `datetime`)) < :sasl_limit_days
|
AND HOUR(TIMEDIFF(NOW(), `datetime`)) < :sasl_limit_days
|
||||||
GROUP BY `real_rip`, `service`, `app_password`
|
GROUP BY `real_rip`, `service`, `app_password`
|
||||||
|
@ -331,7 +331,7 @@ function last_login($action, $username, $sasl_limit_days = 7) {
|
||||||
break;
|
break;
|
||||||
case 'reset':
|
case 'reset':
|
||||||
if (filter_var($username, FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
if (filter_var($username, FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
||||||
$stmt = $pdo->prepare('DELETE FROM `sasl_logs`
|
$stmt = $pdo->prepare('DELETE FROM `sasl_log`
|
||||||
WHERE `username` = :username');
|
WHERE `username` = :username');
|
||||||
$stmt->execute(array(':username' => $username));
|
$stmt->execute(array(':username' => $username));
|
||||||
}
|
}
|
||||||
|
@ -1938,7 +1938,7 @@ function get_logs($application, $lines = false) {
|
||||||
}
|
}
|
||||||
if ($application == "sasl") {
|
if ($application == "sasl") {
|
||||||
if (isset($from) && isset($to)) {
|
if (isset($from) && isset($to)) {
|
||||||
$stmt = $pdo->prepare("SELECT * FROM `sasl_logs` ORDER BY `id` DESC LIMIT :from, :to");
|
$stmt = $pdo->prepare("SELECT * FROM `sasl_log` ORDER BY `datetime` DESC LIMIT :from, :to");
|
||||||
$stmt->execute(array(
|
$stmt->execute(array(
|
||||||
':from' => $from - 1,
|
':from' => $from - 1,
|
||||||
':to' => $to
|
':to' => $to
|
||||||
|
@ -1946,7 +1946,7 @@ function get_logs($application, $lines = false) {
|
||||||
$data = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
$data = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$stmt = $pdo->prepare("SELECT * FROM `sasl_logs` ORDER BY `id` DESC LIMIT :lines");
|
$stmt = $pdo->prepare("SELECT * FROM `sasl_log` ORDER BY `datetime` DESC LIMIT :lines");
|
||||||
$stmt->execute(array(
|
$stmt->execute(array(
|
||||||
':lines' => $lines + 1,
|
':lines' => $lines + 1,
|
||||||
));
|
));
|
||||||
|
|
|
@ -3547,7 +3547,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Determine last logins
|
// Determine last logins
|
||||||
$stmt = $pdo->prepare("SELECT MAX(`datetime`) AS `datetime`, `service` FROM `sasl_logs`
|
$stmt = $pdo->prepare("SELECT MAX(`datetime`) AS `datetime`, `service` FROM `sasl_log`
|
||||||
WHERE `username` = :mailbox
|
WHERE `username` = :mailbox
|
||||||
GROUP BY `service` DESC");
|
GROUP BY `service` DESC");
|
||||||
$stmt->execute(array(':mailbox' => $_data));
|
$stmt->execute(array(':mailbox' => $_data));
|
||||||
|
|
|
@ -3,7 +3,7 @@ function init_db_schema() {
|
||||||
try {
|
try {
|
||||||
global $pdo;
|
global $pdo;
|
||||||
|
|
||||||
$db_version = "30062021_0910";
|
$db_version = "01072021_0630";
|
||||||
|
|
||||||
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
|
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
|
||||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||||
|
@ -508,9 +508,8 @@ function init_db_schema() {
|
||||||
),
|
),
|
||||||
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
|
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
|
||||||
),
|
),
|
||||||
"sasl_logs" => array(
|
"sasl_log" => array(
|
||||||
"cols" => array(
|
"cols" => array(
|
||||||
"id" => "INT NOT NULL AUTO_INCREMENT",
|
|
||||||
"service" => "VARCHAR(32) NOT NULL DEFAULT ''",
|
"service" => "VARCHAR(32) NOT NULL DEFAULT ''",
|
||||||
"app_password" => "INT",
|
"app_password" => "INT",
|
||||||
"username" => "VARCHAR(255) NOT NULL",
|
"username" => "VARCHAR(255) NOT NULL",
|
||||||
|
@ -519,7 +518,7 @@ function init_db_schema() {
|
||||||
),
|
),
|
||||||
"keys" => array(
|
"keys" => array(
|
||||||
"primary" => array(
|
"primary" => array(
|
||||||
"" => array("id")
|
"" => array("service", "real_rip", "username")
|
||||||
),
|
),
|
||||||
"key" => array(
|
"key" => array(
|
||||||
"username" => array("username"),
|
"username" => array("username"),
|
||||||
|
@ -1017,19 +1016,6 @@ function init_db_schema() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Remove deprecated success = 0 entries before migrating sasl_logs
|
|
||||||
if ($table == 'sasl_logs') {
|
|
||||||
$stmt = $pdo->query("SHOW TABLES LIKE 'sasl_logs'");
|
|
||||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
|
||||||
if ($num_results != 0) {
|
|
||||||
$stmt = $pdo->query("SHOW COLUMNS FROM `sasl_logs` LIKE '%success%'");
|
|
||||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
|
||||||
if ($num_results != 0) {
|
|
||||||
$stmt = $pdo->query("DELETE FROM `sasl_logs` WHERE `success` = 0");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$stmt = $pdo->query("SHOW TABLES LIKE '" . $table . "'");
|
$stmt = $pdo->query("SHOW TABLES LIKE '" . $table . "'");
|
||||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||||
if ($num_results != 0) {
|
if ($num_results != 0) {
|
||||||
|
|
|
@ -207,7 +207,7 @@ services:
|
||||||
- sogo
|
- sogo
|
||||||
|
|
||||||
dovecot-mailcow:
|
dovecot-mailcow:
|
||||||
image: mailcow/dovecot:1.152
|
image: mailcow/dovecot:1.153
|
||||||
depends_on:
|
depends_on:
|
||||||
- mysql-mailcow
|
- mysql-mailcow
|
||||||
dns:
|
dns:
|
||||||
|
|
Loading…
Reference in New Issue