Add proxy log api

pull/530/head
ibuler 2016-10-18 19:28:36 +08:00
parent 7513474366
commit 17ade287ab
7 changed files with 47 additions and 16 deletions

View File

@ -7,16 +7,42 @@ from rest_framework import generics
import serializers import serializers
from .models import ProxyLog from .models import ProxyLog
from .hands import IsSuperUserOrTerminalUser, Terminal
class ProxyLogListCreateApi(generics.ListCreateAPIView): class ProxyLogListCreateApi(generics.ListCreateAPIView):
"""User proxy to backend server need call this api.
params: {
"username": "",
"name": "",
"hostname": "",
"ip": "",
"terminal", "",
"login_type": "",
"system_user": "",
"was_failed": "",
"date_start": ""
}
some params we need generate: {
"log_file", "", # No use now, may be think more about monitor and record
}
"""
queryset = ProxyLog.objects.all() queryset = ProxyLog.objects.all()
serializer_class = serializers.ProxyLogSerializer serializer_class = serializers.ProxyLogSerializer
permission_classes = (IsSuperUserOrTerminalUser,)
def perform_create(self, serializer):
# Todo: May be save log_file
super(ProxyLogListCreateApi, self).perform_create(serializer)
class ProxyLogDetailApi(generics.RetrieveUpdateDestroyAPIView): class ProxyLogDetailApi(generics.RetrieveUpdateDestroyAPIView):
queryset = ProxyLog.objects.all() queryset = ProxyLog.objects.all()
serializer_class = serializers.ProxyLogSerializer serializer_class = serializers.ProxyLogSerializer
permission_classes = (IsSuperUserOrTerminalUser,)
class CommandLogCreateApi(generics.CreateAPIView): class CommandLogCreateApi(generics.CreateAPIView):

5
apps/audits/hands.py Normal file
View File

@ -0,0 +1,5 @@
# ~*~ coding: utf-8 ~*~
#
from users.backends import IsSuperUserOrTerminalUser
from terminal.models import Terminal

View File

@ -17,6 +17,7 @@ class LoginLog(models.Model):
username = models.CharField(max_length=20, verbose_name=_('Username')) username = models.CharField(max_length=20, verbose_name=_('Username'))
name = models.CharField(max_length=20, blank=True, verbose_name=_('Name')) name = models.CharField(max_length=20, blank=True, verbose_name=_('Name'))
login_type = models.CharField(choices=LOGIN_TYPE_CHOICE, max_length=2, verbose_name=_('Login type')) login_type = models.CharField(choices=LOGIN_TYPE_CHOICE, max_length=2, verbose_name=_('Login type'))
terminal = models.CharField(max_length=32, verbose_name=_('Terminal'))
login_ip = models.GenericIPAddressField(verbose_name=_('Login ip')) login_ip = models.GenericIPAddressField(verbose_name=_('Login ip'))
login_city = models.CharField(max_length=100, blank=True, null=True, verbose_name=_('Login city')) login_city = models.CharField(max_length=100, blank=True, null=True, verbose_name=_('Login city'))
user_agent = models.CharField(max_length=100, blank=True, null=True, verbose_name=_('User agent')) user_agent = models.CharField(max_length=100, blank=True, null=True, verbose_name=_('User agent'))
@ -31,8 +32,8 @@ class LoginLog(models.Model):
class ProxyLog(models.Model): class ProxyLog(models.Model):
LOGIN_TYPE_CHOICE = ( LOGIN_TYPE_CHOICE = (
('S', 'ssh'), ('S', 'SSH Terminal'),
('W', 'web'), ('WT', 'Web Terminal'),
) )
username = models.CharField(max_length=20, verbose_name=_('Username')) username = models.CharField(max_length=20, verbose_name=_('Username'))
@ -40,11 +41,13 @@ class ProxyLog(models.Model):
hostname = models.CharField(max_length=128, blank=True, verbose_name=_('Hostname')) hostname = models.CharField(max_length=128, blank=True, verbose_name=_('Hostname'))
ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP')) ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP'))
system_user = models.CharField(max_length=20, verbose_name=_('System user')) system_user = models.CharField(max_length=20, verbose_name=_('System user'))
login_type = models.CharField(choices=LOGIN_TYPE_CHOICE, max_length=1, verbose_name=_('Login type')) login_type = models.CharField(choices=LOGIN_TYPE_CHOICE, max_length=2, blank=True,
null=True, verbose_name=_('Login type'))
terminal = models.CharField(max_length=32, blank=True, null=True, verbose_name=_('Terminal'))
log_file = models.CharField(max_length=1000, blank=True, null=True) log_file = models.CharField(max_length=1000, blank=True, null=True)
was_failed = models.BooleanField(default=False, verbose_name=_('Did connect failed')) was_failed = models.BooleanField(default=False, verbose_name=_('Did connect failed'))
is_finished = models.BooleanField(default=False, verbose_name=_('Is finished')) is_finished = models.BooleanField(default=False, verbose_name=_('Is finished'))
date_start = models.DateTimeField(auto_now_add=True, verbose_name=_('Date start')) date_start = models.DateTimeField(verbose_name=_('Date start'))
date_finished = models.DateTimeField(null=True, verbose_name=_('Date finished')) date_finished = models.DateTimeField(null=True, verbose_name=_('Date finished'))
def __unicode__(self): def __unicode__(self):

View File

@ -15,7 +15,6 @@ from django.core import signing
from django.utils import timezone from django.utils import timezone
SECRET_KEY = settings.SECRET_KEY SECRET_KEY = settings.SECRET_KEY
SIGNER = TimestampSigner(SECRET_KEY)
def reverse(view_name, urlconf=None, args=None, kwargs=None, current_app=None, external=False): def reverse(view_name, urlconf=None, args=None, kwargs=None, current_app=None, external=False):
@ -48,15 +47,17 @@ def decrypt(*args, **kwargs):
return '' return ''
def sign(value): def sign(value, secret_key=SECRET_KEY):
return SIGNER.sign(value) signer = TimestampSigner(secret_key)
return signer.sign(value)
def unsign(value, max_age=3600): def unsign(value, max_age=3600, secret_key=SECRET_KEY):
signer = TimestampSigner(secret_key)
try: try:
return SIGNER.unsign(value, max_age=max_age) return signer.unsign(value, max_age=max_age)
except (BadSignature, SignatureExpired): except (BadSignature, SignatureExpired):
return None return ''
def date_expired_default(): def date_expired_default():

View File

@ -33,7 +33,7 @@ except ImportError:
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/ # See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret! # SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = CONFIG.SECRET_KEY or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x' SECRET_KEY = CONFIG.SECRET_KEY
# SECURITY WARNING: don't run with debug turned on in production! # SECURITY WARNING: don't run with debug turned on in production!
DEBUG = CONFIG.DEBUG or False DEBUG = CONFIG.DEBUG or False

View File

@ -27,7 +27,7 @@ class TerminalApi(ListCreateAPIView):
else: else:
return Response(data={'data': {'name': name, 'ip': terminal.ip}, return Response(data={'data': {'name': name, 'ip': terminal.ip},
'msg': 'Need admin accept or active it'}, 'msg': 'Need admin accept or active it'},
status=204) status=203)
else: else:
ip = request.META.get('X-Real-IP') or request.META.get('REMOTE_ADDR') ip = request.META.get('X-Real-IP') or request.META.get('REMOTE_ADDR')

View File

@ -34,10 +34,6 @@ class Terminal(models.Model):
def is_terminal(self): def is_terminal(self):
return True return True
@property
def is_authenticated(self):
return False
class Meta: class Meta:
db_table = 'terminal' db_table = 'terminal'
ordering = ['name'] ordering = ['name']