~sircmpwn/meta.sr.ht

ref: 72548bd7545f78670878667674cc7645835a17bd meta.sr.ht/metasrht/audit.py -rw-r--r-- 1.2 KiB
72548bd7Drew DeVault API: Updates per core-go auth changes 11 months ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
from datetime import datetime, timedelta
from flask import request
from ipaddress import ip_address
from metasrht.email import send_email
from metasrht.types import AuditLogEntry
from srht.config import cfg
from srht.database import db
from srht.oauth import current_user

def audit_log(event_type, details=None, user=None,
        email=False, subject=None, email_details=None):
    if not user:
        user = current_user
    if not user:
        return
    addr = request.access_route[-1]
    event = AuditLogEntry(user.id, event_type, ip_address(addr), details)
    db.session.add(event)
    if email:
        if user.pgp_key:
            encrypt_key = user.pgp_key.key
        else:
            encrypt_key = None
        send_email("audit_event", user.email, subject, headers={
            "From": f"{cfg('mail', 'smtp-from')}",
            "To": f"{user.username} <{user.email}>",
            "Reply-To": f"{cfg('sr.ht', 'owner-name')} <{cfg('sr.ht', 'owner-email')}>",
        }, user=user, encrypt_key=encrypt_key, email_details=email_details)

def expire_audit_logs():
    cutoff = datetime.now() - timedelta(days=14)
    AuditLogEntry.query.filter(AuditLogEntry.created <= cutoff) .delete()
    db.session.commit()