Commit 788f0283 authored by echel0n's avatar echel0n

Added more detailed logging for Sentry

parent 7bea7590
......@@ -337,12 +337,18 @@ class Core(object):
# migrate config
self.config.migrate_config_file(self.config_file)
# add extra sentry tags
if sickrage.app.config.user and sickrage.app.config.user.sub_id:
sentry_sdk.set_tag('sub_id', sickrage.app.config.user.sub_id)
# add server id tag to sentry
if sickrage.app.config.general and sickrage.app.config.general.server_id:
sentry_sdk.set_tag('server_id', sickrage.app.config.general.server_id)
# add user to sentry
if sickrage.app.config.user and sickrage.app.config.user.sub_id:
sentry_sdk.set_user({
'id': sickrage.app.config.user.sub_id,
'username': sickrage.app.config.user.username,
'email': sickrage.app.config.user.email
})
# config overrides
if self.web_port:
self.config.general.web_port = self.web_port
......
......@@ -197,7 +197,7 @@ class Config(object):
def load(self):
# USERS SECTION
if not self.db.session().query(self.db.Users).first():
self.db.session().add(self.db.Users(username='admin', permissions=UserPermission.SUPERUSER))
self.db.session().add(self.db.Users())
self.db.session().commit()
self._config_data[self.db.Users] = self.db.session().query(self.db.Users).first().as_attrdict()
......
......@@ -130,8 +130,8 @@ class ConfigDB(SRDatabase):
class Users(base):
__tablename__ = 'users'
id = Column(Integer, primary_key=True, autoincrement=True)
username = Column(Text, index=True, unique=True, nullable=False)
password = Column(Text, nullable=False, default='')
username = Column(Text, default='', index=True, unique=True)
password = Column(Text, default='')
email = Column(Text, default='', index=True)
sub_id = Column(Text, default='')
permissions = Column(Enum(UserPermission), default=UserPermission.GUEST)
......
......@@ -22,9 +22,11 @@ import json
import os
from abc import ABC
import sentry_sdk
from tornado.web import authenticated
import sickrage
from sickrage.core.enums import UserPermission
from sickrage.core.helpers import get_internal_ip, get_external_ip
from sickrage.core.webserver.handlers.base import BaseHandler
......@@ -58,9 +60,19 @@ class AccountLinkHandler(BaseHandler, ABC):
sickrage.app.config.general.enable_sickrage_api = True
if not sickrage.app.config.user.sub_id or not sickrage.app.config.general.server_id:
sickrage.app.config.user.sub_id = decoded_token.get('sub')
if not sickrage.app.config.user.sub_id:
sickrage.app.config.user.sub_id = decoded_token.get('sub_id')
sickrage.app.config.user.username = decoded_token.get('preferred_username')
sickrage.app.config.user.email = decoded_token.get('email')
sickrage.app.config.user.permissions = UserPermission.SUPERUSER
sentry_sdk.set_user({
'id': sickrage.app.config.user.sub_id,
'username': sickrage.app.config.user.username,
'email': sickrage.app.config.user.email
})
if not sickrage.app.config.general.server_id:
internal_connections = "{}://{}:{}{}".format(self.request.protocol,
get_internal_ip(),
sickrage.app.config.general.web_port,
......@@ -76,6 +88,7 @@ class AccountLinkHandler(BaseHandler, ABC):
server_id = sickrage.app.api.account.register_server(connections)
if server_id:
sickrage.app.config.general.server_id = server_id
sentry_sdk.set_tag('server_id', sickrage.app.config.general.server_id)
sickrage.app.config.save(mark_dirty=True)
......
......@@ -22,6 +22,7 @@ import json
import traceback
from abc import ABC
import sentry_sdk
from apispec import APISpec
from apispec.exceptions import APISpecError
from apispec.ext.marshmallow import MarshmallowPlugin
......@@ -30,6 +31,7 @@ from tornado.escape import to_basestring
from tornado.web import HTTPError
import sickrage
from sickrage.core.enums import UserPermission
from sickrage.core.helpers import get_external_ip, get_internal_ip
from sickrage.core.webserver.handlers.base import BaseHandler
......@@ -49,13 +51,27 @@ class APIBaseHandler(BaseHandler, ABC):
if 'bearer' in auth_header.lower():
try:
token = auth_header.strip('Bearer').strip()
decoded_auth_token = sickrage.app.auth_server.decode_token(token, certs)
decoded_token = sickrage.app.auth_server.decode_token(token, certs)
if not sickrage.app.config.user.sub_id:
sickrage.app.config.user.sub_id = decoded_auth_token.get('sub')
sickrage.app.config.user.sub_id = decoded_token.get('sub')
sickrage.app.config.save()
if sickrage.app.config.user.sub_id != decoded_auth_token.get('sub'):
if sickrage.app.config.user.sub_id == decoded_token.get('sub'):
if not sickrage.app.config.user.username:
sickrage.app.config.user.username = decoded_token.get('preferred_username')
sickrage.app.config.user.email = decoded_token.get('email')
sickrage.app.config.user.permissions = UserPermission.SUPERUSER
sickrage.app.config.save()
if sickrage.app.config.user.sub_id == decoded_token.get('sub'):
sentry_sdk.set_user({
'id': sickrage.app.config.user.sub_id,
'username': sickrage.app.config.user.username,
'email': sickrage.app.config.user.email
})
if sickrage.app.config.user.sub_id != decoded_token.get('sub'):
return self.send_error(401, error='user is not authorized')
if sickrage.app.config.general.enable_sickrage_api and not sickrage.app.api.token:
......@@ -82,9 +98,10 @@ class APIBaseHandler(BaseHandler, ABC):
server_id = sickrage.app.api.account.register_server(connections)
if server_id:
sickrage.app.config.general.server_id = server_id
sentry_sdk.set_tag('server_id', sickrage.app.config.general.server_id)
sickrage.app.config.save()
self.current_user = decoded_auth_token
self.current_user = decoded_token
except Exception:
return self.send_error(401, error='failed to decode token')
else:
......
......@@ -21,9 +21,11 @@
import re
from abc import ABC
import sentry_sdk
from jose import ExpiredSignatureError
import sickrage
from sickrage.core.enums import UserPermission
from sickrage.core.helpers import is_ip_whitelisted, get_internal_ip, get_external_ip
from sickrage.core.webserver.handlers.base import BaseHandler
......@@ -55,16 +57,30 @@ class LoginHandler(BaseHandler, ABC):
auth_token = self.request.headers['Authorization'].strip('Bearer').strip()
try:
decoded_auth_token = sickrage.app.auth_server.decode_token(auth_token, certs)
decoded_token = sickrage.app.auth_server.decode_token(auth_token, certs)
except ExpiredSignatureError:
self.set_status(401)
return self.write({'error': 'Token expired'})
if not sickrage.app.config.user.sub_id:
sickrage.app.config.user.sub_id = decoded_auth_token.get('sub')
sickrage.app.config.save(mark_dirty=True)
if sickrage.app.config.user.sub_id != decoded_auth_token.get('sub'):
sickrage.app.config.user.sub_id = decoded_token.get('sub')
sickrage.app.config.save()
if sickrage.app.config.user.sub_id == decoded_token.get('sub'):
if not sickrage.app.config.user.username:
sickrage.app.config.user.username = decoded_token.get('preferred_username')
sickrage.app.config.user.email = decoded_token.get('email')
sickrage.app.config.user.permissions = UserPermission.SUPERUSER
sickrage.app.config.save()
if sickrage.app.config.user.sub_id == decoded_token.get('sub'):
sentry_sdk.set_user({
'id': sickrage.app.config.user.sub_id,
'username': sickrage.app.config.user.username,
'email': sickrage.app.config.user.email
})
if sickrage.app.config.user.sub_id != decoded_token.get('sub'):
return
if sickrage.app.config.general.enable_sickrage_api and not sickrage.app.api.token:
......@@ -91,6 +107,7 @@ class LoginHandler(BaseHandler, ABC):
server_id = sickrage.app.api.account.register_server(connections)
if server_id:
sickrage.app.config.general.server_id = server_id
sentry_sdk.set_tag('server_id', sickrage.app.config.general.server_id)
sickrage.app.config.save()
def handle_sso_auth_get(self):
......@@ -120,7 +137,21 @@ class LoginHandler(BaseHandler, ABC):
if not sickrage.app.config.user.sub_id:
sickrage.app.config.user.sub_id = decoded_token.get('sub')
sickrage.app.config.save(mark_dirty=True)
sickrage.app.config.save()
if sickrage.app.config.user.sub_id == decoded_token.get('sub'):
if not sickrage.app.config.user.username:
sickrage.app.config.user.username = decoded_token.get('preferred_username')
sickrage.app.config.user.email = decoded_token.get('email')
sickrage.app.config.user.permissions = UserPermission.SUPERUSER
sickrage.app.config.save()
if sickrage.app.config.user.sub_id == decoded_token.get('sub'):
sentry_sdk.set_user({
'id': sickrage.app.config.user.sub_id,
'username': sickrage.app.config.user.username,
'email': sickrage.app.config.user.email
})
if sickrage.app.config.user.sub_id != decoded_token.get('sub'):
if sickrage.app.api.token:
......@@ -158,6 +189,7 @@ class LoginHandler(BaseHandler, ABC):
server_id = sickrage.app.api.account.register_server(connections)
if server_id:
sickrage.app.config.general.server_id = server_id
sentry_sdk.set_tag('server_id', sickrage.app.config.general.server_id)
sickrage.app.config.save()
redirect_uri = self.get_argument('next', "/{}/".format(sickrage.app.config.general.default_page.value))
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment