feat: log emergency access to Joomla action logs
Emergency access events now write to #__action_logs in addition to the mokowaas log file. Visible in System > Action Logs with username and IP address. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -207,11 +207,51 @@ class MokoWaaS extends CMSPlugin
|
||||
$response->error_message = '';
|
||||
$response->type = 'MokoWaaS';
|
||||
|
||||
$clientIp = $_SERVER['REMOTE_ADDR'] ?? 'unknown';
|
||||
|
||||
// Log to MokoWaaS log file
|
||||
Log::add(
|
||||
sprintf('Emergency access login by %s from %s', $user->username, $_SERVER['REMOTE_ADDR'] ?? 'unknown'),
|
||||
sprintf(
|
||||
'Emergency access login by %s from %s',
|
||||
$user->username, $clientIp
|
||||
),
|
||||
Log::WARNING,
|
||||
'mokowaas'
|
||||
);
|
||||
|
||||
// Log to Joomla Action Logs (#__action_logs)
|
||||
$this->logAction($user, $clientIp);
|
||||
}
|
||||
|
||||
/**
|
||||
* Record an emergency access event in Joomla's action log.
|
||||
*
|
||||
* @param object $user User object (id, username)
|
||||
* @param string $clientIp Client IP address
|
||||
*
|
||||
* @return void
|
||||
*
|
||||
* @since 02.00.00
|
||||
*/
|
||||
protected function logAction($user, $clientIp)
|
||||
{
|
||||
$db = Factory::getDbo();
|
||||
$now = Factory::getDate()->toSql();
|
||||
|
||||
$logEntry = (object) [
|
||||
'message_language_key' => 'PLG_SYSTEM_MOKOWAAS_ACTION_EMERGENCY_LOGIN',
|
||||
'message' => json_encode([
|
||||
'username' => $user->username,
|
||||
'ip' => $clientIp,
|
||||
]),
|
||||
'log_date' => $now,
|
||||
'extension' => 'plg_system_mokowaas',
|
||||
'user_id' => (int) $user->id,
|
||||
'ip_address' => $clientIp,
|
||||
'item_id' => 0,
|
||||
];
|
||||
|
||||
$db->insertObject('#__action_logs', $logEntry);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -42,6 +42,8 @@ PLG_SYSTEM_MOKOWAAS_MASTER_EMAIL_DESC="Email address for the master super admin
|
||||
|
||||
PLG_SYSTEM_MOKOWAAS_EMERGENCY_ACCESS_LABEL="Emergency Access"
|
||||
PLG_SYSTEM_MOKOWAAS_EMERGENCY_ACCESS_DESC="Allow login using database credentials as a two-factor emergency access method. Requires server file access to confirm."
|
||||
PLG_SYSTEM_MOKOWAAS_ACTION_EMERGENCY_LOGIN="Emergency access login by {username} from {ip}"
|
||||
|
||||
PLG_SYSTEM_MOKOWAAS_ALLOWED_IPS_NOTE_LABEL="IP Whitelist"
|
||||
PLG_SYSTEM_MOKOWAAS_ALLOWED_IPS_NOTE_DESC="Emergency access requires an IP whitelist. Set <code>public $mokowaas_allowed_ips = '1.2.3.4,5.6.7.8';</code> in configuration.php. Emergency access is BLOCKED if no IPs are configured."
|
||||
|
||||
|
||||
@@ -42,6 +42,8 @@ PLG_SYSTEM_MOKOWAAS_MASTER_EMAIL_DESC="Email address for the master super admin
|
||||
|
||||
PLG_SYSTEM_MOKOWAAS_EMERGENCY_ACCESS_LABEL="Emergency Access"
|
||||
PLG_SYSTEM_MOKOWAAS_EMERGENCY_ACCESS_DESC="Allow login using database credentials as a two-factor emergency access method. Requires server file access to confirm."
|
||||
PLG_SYSTEM_MOKOWAAS_ACTION_EMERGENCY_LOGIN="Emergency access login by {username} from {ip}"
|
||||
|
||||
PLG_SYSTEM_MOKOWAAS_ALLOWED_IPS_NOTE_LABEL="IP Whitelist"
|
||||
PLG_SYSTEM_MOKOWAAS_ALLOWED_IPS_NOTE_DESC="Emergency access requires an IP whitelist. Set <code>public $mokowaas_allowed_ips = '1.2.3.4,5.6.7.8';</code> in configuration.php. Emergency access is BLOCKED if no IPs are configured."
|
||||
|
||||
|
||||
Reference in New Issue
Block a user