[Web] Log only latest datetime of a unique datetime, service and ip combination

This commit is contained in:
andryyy 2021-07-01 06:44:37 +02:00
parent 9b8f5b7cc1
commit 78084c5e7b
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
5 changed files with 13 additions and 27 deletions

View File

@ -156,7 +156,7 @@ function auth_password_verify(req, pass)
while row do
if req.password_verify(req, row.password, pass) == 1 then
cur:close()
con:execute(string.format([[INSERT INTO sasl_logs (service, app_password, username, real_rip)
con:execute(string.format([[REPLACE INTO sasl_log (service, app_password, username, real_rip)
VALUES ("%s", 0, "%s", "%s")]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip)))
return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass
end
@ -176,7 +176,7 @@ function auth_password_verify(req, pass)
while row do
if req.password_verify(req, row.password, pass) == 1 then
cur:close()
con:execute(string.format([[INSERT INTO sasl_logs (service, app_password, username, real_rip)
con:execute(string.format([[REPLACE INTO sasl_log (service, app_password, username, real_rip)
VALUES ("%s", %d, "%s", "%s")]], con:escape(req.service), row.id, con:escape(req.user), con:escape(req.real_rip)))
return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass
end
@ -195,7 +195,7 @@ function auth_password_verify(req, pass)
-- }]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip))
-- http.request {
-- method = "POST",
-- url = "http://nginx:8081/sasl_logs.php",
-- url = "http://nginx:8081/sasl_log.php",
-- source = ltn12.source.string(reqbody),
-- headers = {
-- ["content-type"] = "application/json",

View File

@ -258,8 +258,8 @@ function last_login($action, $username, $sasl_limit_days = 7) {
switch ($action) {
case 'get':
if (filter_var($username, FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
$stmt = $pdo->prepare('SELECT `real_rip`, MAX(`datetime`) as `datetime`, `service`, `app_password` FROM `sasl_logs`
LEFT OUTER JOIN `app_passwd` on `sasl_logs`.`app_password` = `app_passwd`.`id`
$stmt = $pdo->prepare('SELECT `real_rip`, MAX(`datetime`) as `datetime`, `service`, `app_password` FROM `sasl_log`
LEFT OUTER JOIN `app_passwd` on `sasl_log`.`app_password` = `app_passwd`.`id`
WHERE `username` = :username
AND HOUR(TIMEDIFF(NOW(), `datetime`)) < :sasl_limit_days
GROUP BY `real_rip`, `service`, `app_password`
@ -331,7 +331,7 @@ function last_login($action, $username, $sasl_limit_days = 7) {
break;
case 'reset':
if (filter_var($username, FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
$stmt = $pdo->prepare('DELETE FROM `sasl_logs`
$stmt = $pdo->prepare('DELETE FROM `sasl_log`
WHERE `username` = :username');
$stmt->execute(array(':username' => $username));
}
@ -1938,7 +1938,7 @@ function get_logs($application, $lines = false) {
}
if ($application == "sasl") {
if (isset($from) && isset($to)) {
$stmt = $pdo->prepare("SELECT * FROM `sasl_logs` ORDER BY `id` DESC LIMIT :from, :to");
$stmt = $pdo->prepare("SELECT * FROM `sasl_log` ORDER BY `datetime` DESC LIMIT :from, :to");
$stmt->execute(array(
':from' => $from - 1,
':to' => $to
@ -1946,7 +1946,7 @@ function get_logs($application, $lines = false) {
$data = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
else {
$stmt = $pdo->prepare("SELECT * FROM `sasl_logs` ORDER BY `id` DESC LIMIT :lines");
$stmt = $pdo->prepare("SELECT * FROM `sasl_log` ORDER BY `datetime` DESC LIMIT :lines");
$stmt->execute(array(
':lines' => $lines + 1,
));

View File

@ -3547,7 +3547,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
// Determine last logins
$stmt = $pdo->prepare("SELECT MAX(`datetime`) AS `datetime`, `service` FROM `sasl_logs`
$stmt = $pdo->prepare("SELECT MAX(`datetime`) AS `datetime`, `service` FROM `sasl_log`
WHERE `username` = :mailbox
GROUP BY `service` DESC");
$stmt->execute(array(':mailbox' => $_data));

View File

@ -3,7 +3,7 @@ function init_db_schema() {
try {
global $pdo;
$db_version = "30062021_0910";
$db_version = "01072021_0630";
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@ -508,9 +508,8 @@ function init_db_schema() {
),
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
),
"sasl_logs" => array(
"sasl_log" => array(
"cols" => array(
"id" => "INT NOT NULL AUTO_INCREMENT",
"service" => "VARCHAR(32) NOT NULL DEFAULT ''",
"app_password" => "INT",
"username" => "VARCHAR(255) NOT NULL",
@ -519,7 +518,7 @@ function init_db_schema() {
),
"keys" => array(
"primary" => array(
"" => array("id")
"" => array("service", "real_rip", "username")
),
"key" => array(
"username" => array("username"),
@ -1017,19 +1016,6 @@ function init_db_schema() {
}
}
// Remove deprecated success = 0 entries before migrating sasl_logs
if ($table == 'sasl_logs') {
$stmt = $pdo->query("SHOW TABLES LIKE 'sasl_logs'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {
$stmt = $pdo->query("SHOW COLUMNS FROM `sasl_logs` LIKE '%success%'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {
$stmt = $pdo->query("DELETE FROM `sasl_logs` WHERE `success` = 0");
}
}
}
$stmt = $pdo->query("SHOW TABLES LIKE '" . $table . "'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {

View File

@ -207,7 +207,7 @@ services:
- sogo
dovecot-mailcow:
image: mailcow/dovecot:1.152
image: mailcow/dovecot:1.153
depends_on:
- mysql-mailcow
dns: