From: Gergő Tisza Date: Tue, 21 Apr 2015 08:33:40 +0000 (+0000) Subject: Track key authentication metrics X-Git-Tag: 1.31.0-rc.0~10601^2 X-Git-Url: https://git.cyclocoop.org/%28%28?a=commitdiff_plain;h=e7020fdb22f37403a3ecf673f90cddf5e90f9593;p=lhc%2Fweb%2Fwiklou.git Track key authentication metrics Logs a 'login' event for logins via Special:UserLogin and API action=login. Does not log for implicit login after account creation and for autologin (e.g. based on an active CentralAuth global login). Logs an 'accountcreation' event for account creation via Special:UserLogin/signup and API action=createaccount. Does not log for autocreation. Both successful and unsuccessful attempts are logged, except for failures that throw exceptions (internal errors + some permission errors). Bug: T91701 Change-Id: I101b11d05400b073065da10f1e537412309d9102 --- diff --git a/includes/api/ApiCreateAccount.php b/includes/api/ApiCreateAccount.php index b3a543afd5..5443faca63 100644 --- a/includes/api/ApiCreateAccount.php +++ b/includes/api/ApiCreateAccount.php @@ -21,6 +21,7 @@ * * @file */ +use MediaWiki\Logger\LoggerFactory; /** * Unit to authenticate account registration attempts to the current wiki. @@ -95,6 +96,10 @@ class ApiCreateAccount extends ApiBase { $loginForm->load(); $status = $loginForm->addNewaccountInternal(); + LoggerFactory::getInstance( 'authmanager' )->info( 'Account creation attempt via API', array( + 'event' => 'accountcreation', + 'status' => $status, + ) ); $result = array(); if ( $status->isGood() ) { // Success! diff --git a/includes/api/ApiLogin.php b/includes/api/ApiLogin.php index c4e7022875..e3d9295c40 100644 --- a/includes/api/ApiLogin.php +++ b/includes/api/ApiLogin.php @@ -24,6 +24,7 @@ * * @file */ +use MediaWiki\Logger\LoggerFactory; /** * Unit to authenticate log-in attempts to the current wiki. @@ -174,6 +175,12 @@ class ApiLogin extends ApiBase { } $this->getResult()->addValue( null, 'login', $result ); + + LoggerFactory::getInstance( 'authmanager' )->info( 'Login attempt', array( + 'event' => 'login', + 'successful' => $authRes === LoginForm::SUCCESS, + 'status' => $authRes, + ) ); } public function mustBePosted() { diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index 8491f89e92..f446a98f8f 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -20,6 +20,7 @@ * @file * @ingroup SpecialPage */ +use MediaWiki\Logger\LoggerFactory; /** * Implements Special:UserLogin @@ -338,6 +339,10 @@ class LoginForm extends SpecialPage { } $status = $this->addNewAccountInternal(); + LoggerFactory::getInstance( 'authmanager' )->info( 'Account creation attempt with mailed password', array( + 'event' => 'accountcreation', + 'status' => $status, + ) ); if ( !$status->isGood() ) { $error = $status->getMessage(); $this->mainLoginForm( $error->toString() ); @@ -375,6 +380,11 @@ class LoginForm extends SpecialPage { # Create the account and abort if there's a problem doing so $status = $this->addNewAccountInternal(); + LoggerFactory::getInstance( 'authmanager' )->info( 'Account creation attempt', array( + 'event' => 'accountcreation', + 'status' => $status, + ) ); + if ( !$status->isGood() ) { $error = $status->getMessage(); $this->mainLoginForm( $error->toString() ); @@ -911,7 +921,8 @@ class LoginForm extends SpecialPage { global $wgMemc, $wgLang, $wgSecureLogin, $wgPasswordAttemptThrottle, $wgInvalidPasswordReset; - switch ( $this->authenticateUserData() ) { + $status = $this->authenticateUserData(); + switch ( $status ) { case self::SUCCESS: # We've verified now, update the real record $user = $this->getUser(); @@ -1034,6 +1045,12 @@ class LoginForm extends SpecialPage { default: throw new MWException( 'Unhandled case value' ); } + + LoggerFactory::getInstance( 'authmanager' )->info( 'Login attempt', array( + 'event' => 'login', + 'successful' => $status === self::SUCCESS, + 'status' => $status, + ) ); } /**