From 96840ede56bd7802c5aac2f626aacdcaa59f0b33 Mon Sep 17 00:00:00 2001 From: Nick O'Leary Date: Mon, 22 Nov 2021 19:58:48 +0000 Subject: [PATCH] Include full user object on login audit events --- packages/node_modules/@node-red/editor-api/lib/auth/index.js | 2 +- .../node_modules/@node-red/editor-api/lib/auth/strategies.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/node_modules/@node-red/editor-api/lib/auth/index.js b/packages/node_modules/@node-red/editor-api/lib/auth/index.js index f32f6d0d6..41d96b3f6 100644 --- a/packages/node_modules/@node-red/editor-api/lib/auth/index.js +++ b/packages/node_modules/@node-red/editor-api/lib/auth/index.js @@ -141,7 +141,7 @@ function completeVerify(profile,done) { Users.authenticate(profile).then(function(user) { if (user) { Tokens.create(user.username,"node-red-editor",user.permissions).then(function(tokens) { - log.audit({event: "auth.login",username:user.username,scope:user.permissions}); + log.audit({event: "auth.login",user,username:user.username,scope:user.permissions}); user.tokens = tokens; done(null,user); }); diff --git a/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js b/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js index bae4df5c3..7a77354fa 100644 --- a/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js +++ b/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js @@ -93,7 +93,7 @@ var passwordTokenExchange = function(client, username, password, scope, done) { return logEntry.user !== username; }); Tokens.create(username,client.id,scope).then(function(tokens) { - log.audit({event: "auth.login",username:username,client:client.id,scope:scope}); + log.audit({event: "auth.login",user,username:username,client:client.id,scope:scope}); done(null,tokens.accessToken,null,{expires_in:tokens.expires_in}); }); } else {