diff --git a/app/blueprints/users/account.py b/app/blueprints/users/account.py
index 6c9e478..0713d4e 100644
--- a/app/blueprints/users/account.py
+++ b/app/blueprints/users/account.py
@@ -24,7 +24,7 @@ from wtforms.validators import *
from app.models import *
from app.tasks.emails import sendVerifyEmail, sendEmailRaw
-from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash
+from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash, addAuditLog
from passlib.pwd import genphrase
from . import bp
@@ -112,6 +112,9 @@ def register():
user = User(form.username.data, False, form.email.data, make_flask_login_password(form.password.data))
db.session.add(user)
+ addAuditLog(AuditSeverity.USER, user, "Registered",
+ url_for("users.profile", username=user.username))
+
token = randomString(32)
ver = UserEmailVerification()
@@ -142,6 +145,9 @@ def forgot_password():
if user:
token = randomString(32)
+ addAuditLog(AuditSeverity.USER, user, "(Anonymous) requested a password reset",
+ url_for("users.profile", username=user.username), None)
+
ver = UserEmailVerification()
ver.user = user
ver.token = token
@@ -188,6 +194,8 @@ def handle_set_password(form):
flash("Passwords do not much", "danger")
return
+ addAuditLog(AuditSeverity.USER, current_user, "Changed their password", url_for("users.profile", username=current_user.username))
+
current_user.password = make_flask_login_password(form.password.data)
db.session.commit()
@@ -259,6 +267,9 @@ def verify_email():
flash("Unknown verification token!", "danger")
return redirect(url_for("homepage.home"))
+ addAuditLog(AuditSeverity.USER, ver.user, "Confirmed their email",
+ url_for("users.profile", username=ver.user.username))
+
was_activating = not ver.user.is_active
ver.user.is_active = True
ver.user.email = ver.email
diff --git a/app/models.py b/app/models.py
index 69d30d6..9e89b30 100644
--- a/app/models.py
+++ b/app/models.py
@@ -1366,8 +1366,9 @@ class PackageReview(db.Model):
class AuditSeverity(enum.Enum):
NORMAL = 0 # Normal user changes
- EDITOR = 1 # Editor changes
- MODERATION = 2 # Destructive / moderator changes
+ USER = 1 # Security user changes
+ EDITOR = 2 # Editor changes
+ MODERATION = 3 # Destructive / moderator changes
def __str__(self):
return self.name
diff --git a/app/templates/admin/audit.html b/app/templates/admin/audit.html
index c391548..483dc01 100644
--- a/app/templates/admin/audit.html
+++ b/app/templates/admin/audit.html
@@ -26,6 +26,8 @@ Audit Log
{% elif entry.severity == entry.severity.EDITOR %}
+ {% elif entry.severity == entry.severity.USER %}
+
{% endif %}
diff --git a/app/templates/base.html b/app/templates/base.html
index ef4ab51..2b7f408 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -7,7 +7,7 @@
{% block title %}title{% endblock %} - {{ config.USER_APP_NAME }}
-
+
diff --git a/migrations/versions/c154912eaa0c_.py b/migrations/versions/c154912eaa0c_.py
new file mode 100644
index 0000000..3263dea
--- /dev/null
+++ b/migrations/versions/c154912eaa0c_.py
@@ -0,0 +1,24 @@
+"""empty message
+
+Revision ID: c154912eaa0c
+Revises: 7f166b5218d7
+Create Date: 2020-12-05 02:29:16.706564
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'c154912eaa0c'
+down_revision = '7f166b5218d7'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+ op.execute("COMMIT")
+ op.execute("ALTER TYPE auditseverity ADD VALUE 'USER'")
+
+def downgrade():
+ pass