From 4061241650352d430082a5fdf1f29000df51df96 Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Wed, 15 Nov 2023 09:37:03 +0100 Subject: [PATCH 1/5] refs #6434 feat: create signInLog table --- db/changes/234801/00-createSignInLogTable.sql | 19 ++++++++++ modules/account/back/model-config.json | 3 ++ modules/account/back/models/sign_in-log.json | 35 +++++++++++++++++++ 3 files changed, 57 insertions(+) create mode 100644 db/changes/234801/00-createSignInLogTable.sql create mode 100644 modules/account/back/models/sign_in-log.json diff --git a/db/changes/234801/00-createSignInLogTable.sql b/db/changes/234801/00-createSignInLogTable.sql new file mode 100644 index 0000000000..977de46463 --- /dev/null +++ b/db/changes/234801/00-createSignInLogTable.sql @@ -0,0 +1,19 @@ + + +-- +-- Table structure for table `signInLog` +-- + +DROP TABLE IF EXISTS `account`.`signInLog`; +/*!40101 SET @saved_cs_client = @@character_set_client */; +/*!40101 SET character_set_client = utf8 */; +CREATE TABLE `account`.`signInLog` ( + `id` varchar(10) NOT NULL , + `userFk` int(10) unsigned DEFAULT NULL, + `creationDate` timestamp NULL DEFAULT current_timestamp(), + `ip` varchar(100) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL, + PRIMARY KEY (`id`), + KEY `userFk` (`userFk`), + CONSTRAINT `signInLog_ibfk_1` FOREIGN KEY (`userFk`) REFERENCES `user` (`id`) ON DELETE CASCADE ON UPDATE CASCADE +); + diff --git a/modules/account/back/model-config.json b/modules/account/back/model-config.json index a4eb9fa571..b4bd6dbafd 100644 --- a/modules/account/back/model-config.json +++ b/modules/account/back/model-config.json @@ -35,6 +35,9 @@ "SambaConfig": { "dataSource": "vn" }, + "SignInLog": { + "dataSource": "vn" + }, "Sip": { "dataSource": "vn" }, diff --git a/modules/account/back/models/sign_in-log.json b/modules/account/back/models/sign_in-log.json new file mode 100644 index 0000000000..df9ad8153e --- /dev/null +++ b/modules/account/back/models/sign_in-log.json @@ -0,0 +1,35 @@ +{ + "name": "SignInLog", + "base": "VnModel", + "options": { + "mysql": { + "table": "account.signInLog" + } + }, + "properties": { + "id": { + "id": true, + "type": "string", + "forceId": false + }, + "creationDate": { + "type": "date" + }, + "userFk": { + "type": "number" + }, + "ip": { + "type": "string" + } + }, + "relations": { + "user": { + "type": "belongsTo", + "model": "VnUser", + "foreignKey": "userFk" + } + }, + "scope": { + "order": ["creationDate DESC", "id DESC"] + } +} From e25b7d0a12638801f7ab21eb80b70c252fdff668 Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Wed, 15 Nov 2023 09:39:51 +0100 Subject: [PATCH 2/5] refs #6434 feat: show error for wrong login --- back/models/vn-user.js | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index de5bf7b63e..00f5cd0b87 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -2,6 +2,7 @@ const vnModel = require('vn-loopback/common/models/vn-model'); const {Email} = require('vn-print'); const ForbiddenError = require('vn-loopback/util/forbiddenError'); const LoopBackContext = require('loopback-context'); +const UserError = require('vn-loopback/util/user-error'); module.exports = function(Self) { vnModel(Self); @@ -121,10 +122,16 @@ module.exports = function(Self) { }); Self.validateLogin = async function(user, password) { - let loginInfo = Object.assign({password}, Self.userUses(user)); - token = await Self.login(loginInfo, 'user'); + const loginInfo = Object.assign({password}, Self.userUses(user)); + const token = await Self.login(loginInfo, 'user'); const userToken = await token.user.get(); + + if (userToken.username !== user) { + console.error('ERROR!!! - Signin with other user', userToken, user); + throw new UserError('Try again'); + } + try { await Self.app.models.Account.sync(userToken.name, password); } catch (err) { From 11352798f09da689ab275f670ce2c55e426f00b1 Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Wed, 15 Nov 2023 09:41:12 +0100 Subject: [PATCH 3/5] refs #6434 feat: save token in db for each login --- back/methods/vn-user/sign-in.js | 9 +++++++-- loopback/locale/es.json | 5 +++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/back/methods/vn-user/sign-in.js b/back/methods/vn-user/sign-in.js index b9e0d2f705..25f708b8e5 100644 --- a/back/methods/vn-user/sign-in.js +++ b/back/methods/vn-user/sign-in.js @@ -49,8 +49,13 @@ module.exports = Self => { if (vnUser.twoFactor) throw new ForbiddenError(null, 'REQUIRES_2FA'); } - - return Self.validateLogin(user, password); + const validateLogin = await Self.validateLogin(user, password); + await Self.app.models.SignInLog.create({ + id: validateLogin.token, + userFk: vnUser.id, + ip: ctx.req.ip + }); + return validateLogin; }; Self.passExpired = async vnUser => { diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 3cc9a96278..da37d4005f 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -321,9 +321,10 @@ "Select a different client": "Seleccione un cliente distinto", "Fill all the fields": "Rellene todos los campos", "The response is not a PDF": "La respuesta no es un PDF", - "Ticket without Route": "Ticket sin ruta", "Booking completed": "Reserva completada", "The ticket is in preparation": "El ticket [{{ticketId}}]({{{ticketUrl}}}) del comercial {{salesPersonId}} está en preparación", "The amount cannot be less than the minimum": "La cantidad no puede ser menor que la cantidad mímina", - "quantityLessThanMin": "La cantidad no puede ser menor que la cantidad mímina" + "quantityLessThanMin": "La cantidad no puede ser menor que la cantidad mímina", + "The notification subscription of this worker cant be modified": "La subscripción a la notificación de este trabajador no puede ser modificada", + "User disabled": "Usuario desactivado" } From 4d677ccc899faec445f423339e937e71e4014d25 Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Wed, 15 Nov 2023 10:02:48 +0100 Subject: [PATCH 4/5] refs #6434 perf: rename folder db/changes version --- db/changes/{234801 => 234603}/00-createSignInLogTable.sql | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename db/changes/{234801 => 234603}/00-createSignInLogTable.sql (100%) diff --git a/db/changes/234801/00-createSignInLogTable.sql b/db/changes/234603/00-createSignInLogTable.sql similarity index 100% rename from db/changes/234801/00-createSignInLogTable.sql rename to db/changes/234603/00-createSignInLogTable.sql From f7b088297874d1a15aeb0175bb5cd1cf486da70e Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Wed, 15 Nov 2023 11:50:56 +0100 Subject: [PATCH 5/5] refs #6434 feat: remove forceId property --- modules/account/back/models/sign_in-log.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/account/back/models/sign_in-log.json b/modules/account/back/models/sign_in-log.json index df9ad8153e..44575b0137 100644 --- a/modules/account/back/models/sign_in-log.json +++ b/modules/account/back/models/sign_in-log.json @@ -9,8 +9,7 @@ "properties": { "id": { "id": true, - "type": "string", - "forceId": false + "type": "string" }, "creationDate": { "type": "date"