diff options
Diffstat (limited to 'app/controllers/register.go')
-rw-r--r-- | app/controllers/register.go | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/app/controllers/register.go b/app/controllers/register.go index 7c1a0f3..312daae 100644 --- a/app/controllers/register.go +++ b/app/controllers/register.go | |||
@@ -15,6 +15,21 @@ import ( | |||
15 | "github.com/go-webauthn/webauthn/protocol" | 15 | "github.com/go-webauthn/webauthn/protocol" |
16 | "github.com/go-webauthn/webauthn/webauthn" | 16 | "github.com/go-webauthn/webauthn/webauthn" |
17 | "github.com/labstack/echo/v4" | 17 | "github.com/labstack/echo/v4" |
18 | "github.com/prometheus/client_golang/prometheus" | ||
19 | "github.com/prometheus/client_golang/prometheus/promauto" | ||
20 | ) | ||
21 | |||
22 | var ( | ||
23 | registerError = promauto.NewCounterVec(prometheus.CounterOpts{ | ||
24 | Namespace: "ssh_proxy", | ||
25 | Name: "register_error", | ||
26 | Help: "Total number of errors during registration", | ||
27 | }, []string{"type"}) | ||
28 | registerSuccess = promauto.NewCounter(prometheus.CounterOpts{ | ||
29 | Namespace: "ssh_proxy", | ||
30 | Name: "register_success", | ||
31 | Help: "Total number of successful registrations", | ||
32 | }) | ||
18 | ) | 33 | ) |
19 | 34 | ||
20 | type RegisterController[T app.AppSession] struct { | 35 | type RegisterController[T app.AppSession] struct { |
@@ -32,18 +47,22 @@ func (a *RegisterController[T]) validateRequest(ctx context.Context, u *models.U | |||
32 | 47 | ||
33 | authSession, err := a.AuthSessions.GetByUserCode(ctx, code) | 48 | authSession, err := a.AuthSessions.GetByUserCode(ctx, code) |
34 | if err != nil { | 49 | if err != nil { |
50 | registerError.With(prometheus.Labels{"type": "no_user_for_code"}).Inc() | ||
35 | return nil, fmt.Errorf("No auth session exists") | 51 | return nil, fmt.Errorf("No auth session exists") |
36 | } | 52 | } |
37 | 53 | ||
38 | if time.Now().After(authSession.Expires) { | 54 | if time.Now().After(authSession.Expires) { |
55 | registerError.With(prometheus.Labels{"type": "session_expired"}).Inc() | ||
39 | return nil, fmt.Errorf("Session is expired") | 56 | return nil, fmt.Errorf("Session is expired") |
40 | } | 57 | } |
41 | 58 | ||
42 | if !authSession.IsRegistration { | 59 | if !authSession.IsRegistration { |
60 | registerError.With(prometheus.Labels{"type": "incorrect_session_type"}).Inc() | ||
43 | return nil, fmt.Errorf("Session is not an invitation to register") | 61 | return nil, fmt.Errorf("Session is not an invitation to register") |
44 | } | 62 | } |
45 | 63 | ||
46 | if authSession.UserId != u.Username { | 64 | if authSession.UserId != u.Username { |
65 | registerError.With(prometheus.Labels{"type": "username_mismatch"}).Inc() | ||
47 | return nil, fmt.Errorf("Session not valid for this user") | 66 | return nil, fmt.Errorf("Session not valid for this user") |
48 | } | 67 | } |
49 | 68 | ||
@@ -56,6 +75,7 @@ func (a *RegisterController[T]) HandleStart(c echo.Context) error { | |||
56 | user, err := a.Users.Get(ctx, c.Param("username")) | 75 | user, err := a.Users.Get(ctx, c.Param("username")) |
57 | if err != nil { | 76 | if err != nil { |
58 | a.Logger.Errorf("Error getting user: %s", err) | 77 | a.Logger.Errorf("Error getting user: %s", err) |
78 | registerError.With(prometheus.Labels{"type": "no_user"}).Inc() | ||
59 | return c.NoContent(http.StatusNotFound) | 79 | return c.NoContent(http.StatusNotFound) |
60 | } | 80 | } |
61 | 81 | ||
@@ -111,6 +131,7 @@ func (a *RegisterController[T]) HandleFinish(c echo.Context) error { | |||
111 | // session in case of other errors | 131 | // session in case of other errors |
112 | if err := a.AuthSessions.Delete(ctx, authSession); err != nil { | 132 | if err := a.AuthSessions.Delete(ctx, authSession); err != nil { |
113 | a.Logger.Errorf("Error deleting auth session: %s", err) | 133 | a.Logger.Errorf("Error deleting auth session: %s", err) |
134 | registerError.With(prometheus.Labels{"type": "db_delete_session"}).Inc() | ||
114 | return c.NoContent(http.StatusInternalServerError) | 135 | return c.NoContent(http.StatusInternalServerError) |
115 | } | 136 | } |
116 | 137 | ||
@@ -141,5 +162,6 @@ func (a *RegisterController[T]) HandleFinish(c echo.Context) error { | |||
141 | return c.NoContent(http.StatusInternalServerError) | 162 | return c.NoContent(http.StatusInternalServerError) |
142 | } | 163 | } |
143 | 164 | ||
165 | registerSuccess.Inc() | ||
144 | return c.NoContent(http.StatusOK) | 166 | return c.NoContent(http.StatusOK) |
145 | } | 167 | } |