mirror of https://github.com/jumpserver/jumpserver
Add proxy log api
parent
7513474366
commit
17ade287ab
|
@ -7,16 +7,42 @@ from rest_framework import generics
|
||||||
import serializers
|
import serializers
|
||||||
|
|
||||||
from .models import ProxyLog
|
from .models import ProxyLog
|
||||||
|
from .hands import IsSuperUserOrTerminalUser, Terminal
|
||||||
|
|
||||||
|
|
||||||
class ProxyLogListCreateApi(generics.ListCreateAPIView):
|
class ProxyLogListCreateApi(generics.ListCreateAPIView):
|
||||||
|
"""User proxy to backend server need call this api.
|
||||||
|
|
||||||
|
params: {
|
||||||
|
"username": "",
|
||||||
|
"name": "",
|
||||||
|
"hostname": "",
|
||||||
|
"ip": "",
|
||||||
|
"terminal", "",
|
||||||
|
"login_type": "",
|
||||||
|
"system_user": "",
|
||||||
|
"was_failed": "",
|
||||||
|
"date_start": ""
|
||||||
|
}
|
||||||
|
|
||||||
|
some params we need generate: {
|
||||||
|
"log_file", "", # No use now, may be think more about monitor and record
|
||||||
|
}
|
||||||
|
"""
|
||||||
|
|
||||||
queryset = ProxyLog.objects.all()
|
queryset = ProxyLog.objects.all()
|
||||||
serializer_class = serializers.ProxyLogSerializer
|
serializer_class = serializers.ProxyLogSerializer
|
||||||
|
permission_classes = (IsSuperUserOrTerminalUser,)
|
||||||
|
|
||||||
|
def perform_create(self, serializer):
|
||||||
|
# Todo: May be save log_file
|
||||||
|
super(ProxyLogListCreateApi, self).perform_create(serializer)
|
||||||
|
|
||||||
|
|
||||||
class ProxyLogDetailApi(generics.RetrieveUpdateDestroyAPIView):
|
class ProxyLogDetailApi(generics.RetrieveUpdateDestroyAPIView):
|
||||||
queryset = ProxyLog.objects.all()
|
queryset = ProxyLog.objects.all()
|
||||||
serializer_class = serializers.ProxyLogSerializer
|
serializer_class = serializers.ProxyLogSerializer
|
||||||
|
permission_classes = (IsSuperUserOrTerminalUser,)
|
||||||
|
|
||||||
|
|
||||||
class CommandLogCreateApi(generics.CreateAPIView):
|
class CommandLogCreateApi(generics.CreateAPIView):
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
# ~*~ coding: utf-8 ~*~
|
||||||
|
#
|
||||||
|
|
||||||
|
from users.backends import IsSuperUserOrTerminalUser
|
||||||
|
from terminal.models import Terminal
|
|
@ -17,6 +17,7 @@ class LoginLog(models.Model):
|
||||||
username = models.CharField(max_length=20, verbose_name=_('Username'))
|
username = models.CharField(max_length=20, verbose_name=_('Username'))
|
||||||
name = models.CharField(max_length=20, blank=True, verbose_name=_('Name'))
|
name = models.CharField(max_length=20, blank=True, verbose_name=_('Name'))
|
||||||
login_type = models.CharField(choices=LOGIN_TYPE_CHOICE, max_length=2, verbose_name=_('Login type'))
|
login_type = models.CharField(choices=LOGIN_TYPE_CHOICE, max_length=2, verbose_name=_('Login type'))
|
||||||
|
terminal = models.CharField(max_length=32, verbose_name=_('Terminal'))
|
||||||
login_ip = models.GenericIPAddressField(verbose_name=_('Login ip'))
|
login_ip = models.GenericIPAddressField(verbose_name=_('Login ip'))
|
||||||
login_city = models.CharField(max_length=100, blank=True, null=True, verbose_name=_('Login city'))
|
login_city = models.CharField(max_length=100, blank=True, null=True, verbose_name=_('Login city'))
|
||||||
user_agent = models.CharField(max_length=100, blank=True, null=True, verbose_name=_('User agent'))
|
user_agent = models.CharField(max_length=100, blank=True, null=True, verbose_name=_('User agent'))
|
||||||
|
@ -31,8 +32,8 @@ class LoginLog(models.Model):
|
||||||
|
|
||||||
class ProxyLog(models.Model):
|
class ProxyLog(models.Model):
|
||||||
LOGIN_TYPE_CHOICE = (
|
LOGIN_TYPE_CHOICE = (
|
||||||
('S', 'ssh'),
|
('S', 'SSH Terminal'),
|
||||||
('W', 'web'),
|
('WT', 'Web Terminal'),
|
||||||
)
|
)
|
||||||
|
|
||||||
username = models.CharField(max_length=20, verbose_name=_('Username'))
|
username = models.CharField(max_length=20, verbose_name=_('Username'))
|
||||||
|
@ -40,11 +41,13 @@ class ProxyLog(models.Model):
|
||||||
hostname = models.CharField(max_length=128, blank=True, verbose_name=_('Hostname'))
|
hostname = models.CharField(max_length=128, blank=True, verbose_name=_('Hostname'))
|
||||||
ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP'))
|
ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP'))
|
||||||
system_user = models.CharField(max_length=20, verbose_name=_('System user'))
|
system_user = models.CharField(max_length=20, verbose_name=_('System user'))
|
||||||
login_type = models.CharField(choices=LOGIN_TYPE_CHOICE, max_length=1, verbose_name=_('Login type'))
|
login_type = models.CharField(choices=LOGIN_TYPE_CHOICE, max_length=2, blank=True,
|
||||||
|
null=True, verbose_name=_('Login type'))
|
||||||
|
terminal = models.CharField(max_length=32, blank=True, null=True, verbose_name=_('Terminal'))
|
||||||
log_file = models.CharField(max_length=1000, blank=True, null=True)
|
log_file = models.CharField(max_length=1000, blank=True, null=True)
|
||||||
was_failed = models.BooleanField(default=False, verbose_name=_('Did connect failed'))
|
was_failed = models.BooleanField(default=False, verbose_name=_('Did connect failed'))
|
||||||
is_finished = models.BooleanField(default=False, verbose_name=_('Is finished'))
|
is_finished = models.BooleanField(default=False, verbose_name=_('Is finished'))
|
||||||
date_start = models.DateTimeField(auto_now_add=True, verbose_name=_('Date start'))
|
date_start = models.DateTimeField(verbose_name=_('Date start'))
|
||||||
date_finished = models.DateTimeField(null=True, verbose_name=_('Date finished'))
|
date_finished = models.DateTimeField(null=True, verbose_name=_('Date finished'))
|
||||||
|
|
||||||
def __unicode__(self):
|
def __unicode__(self):
|
||||||
|
|
|
@ -15,7 +15,6 @@ from django.core import signing
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
|
|
||||||
SECRET_KEY = settings.SECRET_KEY
|
SECRET_KEY = settings.SECRET_KEY
|
||||||
SIGNER = TimestampSigner(SECRET_KEY)
|
|
||||||
|
|
||||||
|
|
||||||
def reverse(view_name, urlconf=None, args=None, kwargs=None, current_app=None, external=False):
|
def reverse(view_name, urlconf=None, args=None, kwargs=None, current_app=None, external=False):
|
||||||
|
@ -48,15 +47,17 @@ def decrypt(*args, **kwargs):
|
||||||
return ''
|
return ''
|
||||||
|
|
||||||
|
|
||||||
def sign(value):
|
def sign(value, secret_key=SECRET_KEY):
|
||||||
return SIGNER.sign(value)
|
signer = TimestampSigner(secret_key)
|
||||||
|
return signer.sign(value)
|
||||||
|
|
||||||
|
|
||||||
def unsign(value, max_age=3600):
|
def unsign(value, max_age=3600, secret_key=SECRET_KEY):
|
||||||
|
signer = TimestampSigner(secret_key)
|
||||||
try:
|
try:
|
||||||
return SIGNER.unsign(value, max_age=max_age)
|
return signer.unsign(value, max_age=max_age)
|
||||||
except (BadSignature, SignatureExpired):
|
except (BadSignature, SignatureExpired):
|
||||||
return None
|
return ''
|
||||||
|
|
||||||
|
|
||||||
def date_expired_default():
|
def date_expired_default():
|
||||||
|
|
|
@ -33,7 +33,7 @@ except ImportError:
|
||||||
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
|
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
|
||||||
|
|
||||||
# SECURITY WARNING: keep the secret key used in production secret!
|
# SECURITY WARNING: keep the secret key used in production secret!
|
||||||
SECRET_KEY = CONFIG.SECRET_KEY or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x'
|
SECRET_KEY = CONFIG.SECRET_KEY
|
||||||
|
|
||||||
# SECURITY WARNING: don't run with debug turned on in production!
|
# SECURITY WARNING: don't run with debug turned on in production!
|
||||||
DEBUG = CONFIG.DEBUG or False
|
DEBUG = CONFIG.DEBUG or False
|
||||||
|
|
|
@ -27,7 +27,7 @@ class TerminalApi(ListCreateAPIView):
|
||||||
else:
|
else:
|
||||||
return Response(data={'data': {'name': name, 'ip': terminal.ip},
|
return Response(data={'data': {'name': name, 'ip': terminal.ip},
|
||||||
'msg': 'Need admin accept or active it'},
|
'msg': 'Need admin accept or active it'},
|
||||||
status=204)
|
status=203)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
ip = request.META.get('X-Real-IP') or request.META.get('REMOTE_ADDR')
|
ip = request.META.get('X-Real-IP') or request.META.get('REMOTE_ADDR')
|
||||||
|
|
|
@ -34,10 +34,6 @@ class Terminal(models.Model):
|
||||||
def is_terminal(self):
|
def is_terminal(self):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@property
|
|
||||||
def is_authenticated(self):
|
|
||||||
return False
|
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
db_table = 'terminal'
|
db_table = 'terminal'
|
||||||
ordering = ['name']
|
ordering = ['name']
|
||||||
|
|
Loading…
Reference in New Issue