1. Advisor
  2. @node-red/util
  3. functions
  4. @node-red/util.log.audit
View all @node-red/util analysis

How to use the @node-red/util.log.audit function in @node-red/util

To help you get started, we’ve selected a few @node-red/util examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github node-red / node-red / packages / node_modules / @node-red / editor-api / lib / auth / strategies.js View on Github external
var passwordTokenExchange = function(client, username, password, scope, done) {
    var now = Date.now();
    loginAttempts = loginAttempts.filter(function(logEntry) {
        return logEntry.time + loginSignInWindow > now;
    });
    loginAttempts.push({time:now, user:username});
    var attemptCount = 0;
    loginAttempts.forEach(function(logEntry) {
        /* istanbul ignore else */
        if (logEntry.user == username) {
            attemptCount++;
        }
    });
    if (attemptCount > 5) {
        log.audit({event: "auth.login.fail.too-many-attempts",username:username,client:client.id});
        done(new Error("Too many login attempts. Wait 10 minutes and try again"),false);
        return;
    }

    Users.authenticate(username,password).then(function(user) {
        if (user) {
            if (scope === "") {
                scope = user.permissions;
            }
            if (permissions.hasPermission(user.permissions,scope)) {
                loginAttempts = loginAttempts.filter(function(logEntry) {
                    return logEntry.user !== username;
                });
                Tokens.create(username,client.id,scope).then(function(tokens) {
                    log.audit({event: "auth.login",username:username,client:client.id,scope:scope});
                    done(null,tokens.accessToken,null,{expires_in:tokens.expires_in});
github node-red / node-red / packages / node_modules / @node-red / editor-api / lib / util.js View on Github external
rejectHandler: function(req,res,err) {
        //TODO: why this when errorHandler also?!
        log.audit({event: "api.error",error:err.code||"unexpected_error",message:err.message||err.toString()},req);
        res.status(err.status||400).json({
            code: err.code||"unexpected_error",
            message: err.message||err.toString()
        });
    },
    getRequestLogObject: function(req) {
github node-red / node-red / packages / node_modules / @node-red / editor-api / lib / editor / comms.js View on Github external
self.user = user;
                                log.audit({event: "comms.auth",user:self.user});
                                completeConnection(client.scope,true);
                            } else {
                                log.audit({event: "comms.auth.fail"});
                                completeConnection(null,false);
                            }
                        });
                    } else {
                        log.audit({event: "comms.auth.fail"});
                        completeConnection(null,false);
                    }
                });
            } else {
                if (anonymousUser) {
                    log.audit({event: "comms.auth",user:anonymousUser});
                    self.user = anonymousUser;
                    completeConnection(anonymousUser.permissions,false);
                    //TODO: duplicated code - pull non-auth message handling out
                    if (msg.subscribe) {
                        self.subscribe(msg.subscribe);
                    }
                } else {
                    log.audit({event: "comms.auth.fail"});
                    completeConnection(null,false);
                }
            }
        }
    });
    ws.on('error', function(err) {
github node-red / node-red / packages / node_modules / @node-red / editor-api / lib / editor / comms.js View on Github external
function CommsConnection(ws) {
    this.session = generateSession(32);
    this.ws = ws;
    this.stack = [];
    this.user = null;
    this.lastSentTime = 0;
    var self = this;

    log.audit({event: "comms.open"});
    log.trace("comms.open "+self.session);
    var pendingAuth = (settings.adminAuth != null);

    if (!pendingAuth) {
        addActiveConnection(self);
    }
    ws.on('close',function() {
        log.audit({event: "comms.close",user:self.user, session: self.session});
        log.trace("comms.close "+self.session);
        removeActiveConnection(self);
    });
    ws.on('message', function(data,flags) {
        var msg = null;
        try {
            msg = JSON.parse(data);
        } catch(err) {
github node-red / node-red / packages / node_modules / @node-red / editor-api / lib / auth / index.js View on Github external
return passport.authenticate(['bearer','anon'],{ session: false })(req,res,function() {
                if (!req.user) {
                    return next();
                }
                if (permissions.hasPermission(req.authInfo.scope,permission)) {
                    return next();
                }
                log.audit({event: "permission.fail", permissions: permission},req);
                return res.status(401).end();
            });
        } else {
github node-red / node-red / packages / node_modules / @node-red / editor-api / lib / auth / index.js View on Github external
Tokens.create(user.username,"node-red-editor",user.permissions).then(function(tokens) {
                log.audit({event: "auth.login",username:user.username,scope:user.permissions});
                user.tokens = tokens;
                done(null,user);
            });
        } else {

@node-red/util

@node-red/util ====================

GitHub
Apache-2.0
Latest version published 29 days ago

Package Health Score

95 / 100
Full package analysis

Popular @node-red/util functions

Similar packages