Web UI for login history

Author: jaapmarcus

bin/v-delete-user-auth-log

@@ -0,0 +1,38 @@
+#!/bin/bash
+# info: Delete auth log file for user
+#
+# The function for deleting a users auth log file
+
+# Argument definition
+user=$1
+date=$(date "+%F %T")
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'USER'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+
+if [ ! -f $USER_DATA/auth.log ]; then
+    touch  $USER_DATA/auth.log
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+rm $USER_DATA/auth.log
+
+log_history "Authentication log for $user was cleared on $date."
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-list-sys-config

@@ -55,7 +55,7 @@ json_list() {
         "DB_PGA_ALIAS": "'$DB_PGA_ALIAS'",
         "SOFTACULOUS": "'$SOFTACULOUS'",
         "INACTIVE_SESSION_TIMEOUT": "'$INACTIVE_SESSION_TIMEOUT'",
-        "TWOFA_VALID_LENGTH": "'$TWOFA_VALID_LENGTH'",
+        "TWOFA_VALID_LENGTH": "'$TWOFA_VALID_LENGTH'"
     }
 }'
 }

bin/v-list-user-auth-log

@@ -0,0 +1,120 @@
+#!/bin/bash
+# info: list user log
+# options: USER [FORMAT]
+#
+# The function of obtaining the list of 10 last users commands.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+format=${2-shell}
+
+# Includes
+source $HESTIA/func/main.sh
+
+# JSON list function
+json_list() {
+    IFS=$'\n'
+    i=1
+    objects=$(echo "$logs" |wc -l)
+    echo "{"
+    for str in $logs; do
+        IP=$(echo "$str" |cut -f 2 -d \')
+        FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
+        DATE=$(echo "$str" |cut -f 6 -d \')
+        TIME=$(echo "$str" |cut -f 8 -d \')
+        ACTIVE=$(echo "$str" |cut -f 10 -d \')
+        CMD=${CMD//\"/\\\"}
+        echo -n '    {
+        "DATE": "'$DATE'",
+        "TIME": "'$TIME'",
+        "IP": "'$IP'",
+        "FINGERPRINT": "'$FINGERPRINT'",
+        "ACTIVE": "'$ACTIVE'",
+        
+    }'
+        if [ "$i" -lt "$objects" ]; then
+            echo ','
+        else
+            echo
+        fi
+        ((i++))
+    done
+    echo '}'
+}
+
+shell_list() {
+    IFS=$'\n'
+    echo "DATE~TIME~IP~FINGERPRINT~ACTIVE"
+    echo "----~----~--~-----------~------"
+    for str in $logs; do
+        IP=$(echo "$str" |cut -f 2 -d \')
+        FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
+        DATE=$(echo "$str" |cut -f 6 -d \')
+        TIME=$(echo "$str" |cut -f 8 -d \')
+        ACTIVE=$(echo "$str" |cut -f 10 -d \')
+        echo "$DATE~$TIME~$IP~$FINGERPRINT~$ACTIVE"
+    done
+}
+
+# PLAIN list function
+plain_list() {
+    IFS=$'\n'
+    for str in $logs; do
+        IP=$(echo "$str" |cut -f 2 -d \')
+        FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
+        DATE=$(echo "$str" |cut -f 6 -d \')
+        TIME=$(echo "$str" |cut -f 8 -d \')
+        ACTIVE=$(echo "$str" |cut -f 10 -d \')
+        echo -e "$DATE\t$TIME\t$IP\t$FINGERPRINT\t$ACTIVE"
+    done
+}
+
+# CSV list function
+csv_list() {
+    IFS=$'\n'
+    echo "ID,CMD,UNDO,TIME,DATE"
+    for str in $logs; do
+        IP=$(echo "$str" |cut -f 2 -d \')
+        FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
+        DATE=$(echo "$str" |cut -f 6 -d \')
+        TIME=$(echo "$str" |cut -f 8 -d \')
+        ACTIVE=$(echo "$str" |cut -f 10 -d \')
+        echo "$DATE,$TIME,$IP,$FINGERPRINT,$ACTIVE"
+
+    done
+}
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Parsing history log
+logs=$(tail -n 10 $USER_DATA/auth.log 2>/dev/null)
+
+case $format in
+    json)   json_list ;;
+    plain)  plain_list ;;
+    csv)    csv_list ;;
+    shell)  shell_list |column -t -s '~';;
+esac
+
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+exit

bin/v-log-user-login

@@ -26,17 +26,17 @@ time_n_date=$(date +'%T %F')
 time=$(echo "$time_n_date" |cut -f 1 -d \ )
 date=$(echo "$time_n_date" |cut -f 2 -d \ )
 
-if [ ! -f $HESTIA/data/users/$user/auth.log ]; then
-    touch  $HESTIA/data/users/$user/auth.log
+if [ ! -f $USER_DATA/auth.log ]; then
+    touch  $USER_DATA/auth.log
 fi
 
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 
-awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $HESTIA/data/users/$user/auth.log   
+awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $USER_DATA/auth.log   
 
-echo "IP='$ip' FINGERPRINT='$fingerprint' DATE='$date' TIME='$time' active='yes'" >> $HESTIA/data/users/$user/auth.log
+echo "IP='$ip' FINGERPRINT='$fingerprint' DATE='$date' TIME='$time' active='yes'" >> $USER_DATA/auth.log
 
 #----------------------------------------------------------#
 #                       Hestia                             #

bin/v-log-user-logout

@@ -18,15 +18,15 @@ check_args '2' "$#" 'USER FINGERPRINT'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
-if [ ! -f $HESTIA/data/users/$user/auth.log ]; then
-    touch  $HESTIA/data/users/$user/auth.log
+if [ ! -f $USER_DATA/auth.log ]; then
+    touch  $USER_DATA/auth.log
 fi
 
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 
-awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $HESTIA/data/users/$user/auth.log 
+awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $USER_DATA/auth.log 
 
 #----------------------------------------------------------#
 #                       Hestia                             #

web/delete/user/log/index.php

@@ -0,0 +1,40 @@
+<?php
+// Init
+error_reporting(NULL);
+session_start();
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
+// Clear log
+$v_username = escapeshellarg($user);
+exec (HESTIA_CMD."v-delete-user-auth-log ".$v_username, $output, $return_var);
+//check_return_code($return_var,$output);
+//unset($output);
+
+
+$ip = $_SERVER['REMOTE_ADDR'];
+if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])){
+    if(!empty($_SERVER['HTTP_CF_CONNECTING_IP'])){
+        $ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
+    }
+} 
+$v_ip = escapeshellarg($ip);
+    
+$v_murmur = escapeshellarg($_SESSION['MURMUR']);
+exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." ".$v_murmur, $output, $return_var);
+
+// Render page
+//render_page($user, $TAB, 'list_auth');
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
+
+header("Location: /edit/user/log/?user=".$_SESSION['user']);
+
+exit;

web/edit/user/log/index.php

@@ -0,0 +1,35 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'USER';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+
+// Check user argument
+if (empty($_GET['user'])) {
+    header("Location: /list/user/");
+    exit;
+}
+
+// Edit as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=$_GET['user'];
+    $v_username=$_GET['user'];
+} else {
+    $user=$_SESSION['user'];
+    $v_username=$_SESSION['user'];
+}
+exec(HESTIA_CMD."v-list-user-auth-log ".escapeshellarg($v_username)." json", $output, $return_var);
+check_return_code($return_var,$output);
+$data = json_decode(implode('', $output), true);
+array_reverse($data);
+unset($output);
+
+// Render page
+render_page($user, $TAB, 'list_auth');
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);

web/templates/admin/edit_user.html

@@ -2,7 +2,7 @@
         <div class="l-sort clearfix">
           <div class="l-unit-toolbar__buttonstrip">
             <a class="ui-button cancel" id="btn-back" href="/list/user/"><i class="fas fa-arrow-left status-icon blue"></i> <?=__('Back')?></a>
-            <a href="/list/key/" id="btn-create" class="ui-button cancel" title="<?=__('Manage SSH keys');?>"><i class="fas fa-key status-icon orange"></i><?=__('Manage SSH keys')?></a>
+            <a href="/list/key/" id="btn-create" class="ui-button cancel" title="<?=__('Manage SSH keys');?>"><i class="fas fa-key status-icon orange"></i><?=__('Manage SSH keys')?></a> <a href="/edit/user/log/?user=<?php echo $_SESSION['user'];?>" id="btn-list" class="ui-button cancel" title="<?=__('Login history');?>"><i class="fas fa-key status-icon orange"></i><?=__('Login history')?></a>
           </div>
           <div class="l-unit-toolbar__buttonstrip float-right">
             <a href="#" class="ui-button" title="<?=__('Save')?>" data-action="submit" data-id="vstobjects"><i class="fas fa-save status-icon purple"></i> <?=__('Save')?></a>

web/templates/admin/list_auth.html

@@ -0,0 +1,73 @@
+<div class="l-center">
+  <div class="l-sort clearfix noselect">
+    <div class="l-unit-toolbar__buttonstrip">
+      <a href="javascript:location.reload();" class="ui-button cancel" title="<?=__('Refresh')?>"><i class="fas fa-redo status-icon green"></i> <?=__('Refresh')?></a>
+      <div class="actions-panel display-inline-block" key-action="js">
+        <a class="data-controls do_delete ui-button danger cancel" title="<?=__('Delete')?>">
+          <i class="do_delete fas fa-times-circle status-icon red"></i>
+          <?=__('Delete')?>
+          <input type="hidden" name="delete_url" value="/delete/user/log/?token=<?=$_SESSION['token']?>" />
+            <div class="confirmation-text-delete hidden" title="<?=__('Confirmation')?>">
+              <p class="confirmation"><?=__('Delete authentication logs?')?></p>
+            </div>
+        </a>
+      </div>
+    </div>
+    <div class="l-sort-toolbar clearfix">
+    </div>
+  </div>
+</div>
+
+<div class="l-separator"></div>
+
+<div class="l-center units animated fadeIn">
+
+  <div class="header table-header">     
+    <div class="l-unit__col l-unit__col--right">
+      <div class="clearfix l-unit__stat-col--left super-compact">
+        &nbsp;
+      </div>       
+      <div class="clearfix l-unit__stat-col--left"><b><?php print __('Date');?></b></div>
+      <div class="clearfix l-unit__stat-col--left"><b><?php print __('Time');?></b></div>
+      <div class="clearfix l-unit__stat-col--left "><b><?php print __('Ip adress');?></b></div>
+      <div class="clearfix l-unit__stat-col--left "><b><?php print __('Active');?></b></div>
+      <div class="clearfix l-unit__stat-col--left "><b><?php print __('Browser Fingerprint');?></b></div>
+    </div>
+  </div>
+
+  <?php
+      foreach ($data as $key => $value) {
+        ++$i;
+      ?>
+      <div class="l-unit header">
+        <div class="l-unit__col l-unit__col--right">
+          <div class="clearfix l-unit__stat-col--left super-compact">
+            <i class="fas fa-info-circle status-icon dim"></i>
+          </div>
+          <div class="clearfix l-unit__stat-col--left "><b><?=translate_date($data[$key]['DATE'])?></b></div>
+          <div class="clearfix l-unit__stat-col--left "><b><?=$data[$key]['TIME']?></b></div>
+          <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['IP']?></div>
+          <div class="clearfix l-unit__stat-col--left small"><?=$data[$key]['ACTIVE']?></div>
+          <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['FINGERPRINT']?></div>
+        </div>
+      </div>
+  <?}?>
+</div>
+
+<div id="vstobjects">
+  <div class="l-separator"></div>
+  <div class="l-center">
+    <div class="l-unit-ft">
+      <table class='data'></table>
+      <div class="data-count l-unit__col l-unit__col--right clearfix">
+        <?
+          if ( $i == 1) {
+            echo __('1 log record');
+          } else {
+            echo __('%s log records',$i);
+          }
+        ?>
+      </div>
+    </div>
+  </div>
+</div>