/**
* Enriches all of the passed audit logs to add the request
* info metadata.
*
* @param Event The AuditStash.beforeLog event
* @param array $logs The audit log event objects
* @return void
*/
public function beforeLog(Event $event, array $logs)
{
$meta = ['ip' => $this->request->clientIp(), 'url' => $this->request->here(), 'user' => $this->user];
foreach ($logs as $log) {
$log->setMetaInfo($log->getMetaInfo() + $meta);
}
}
public function beforeSave(Event $event, EntityInterface $entity)
{
if ($entity === null) {
return true;
}
$isNew = $entity->isNew();
$fields = $this->config('fields');
$ip = self::$_request->clientIp();
foreach ($fields as $field => $when) {
$when = strtolower($when);
if (!in_array($when, ['always', 'new'])) {
throw new UnexpectedValueException(sprintf('"When" should be one of "always", "new". The passed value "%s" is invalid', $when));
}
switch ($when) {
case 'always':
$entity->set($field, $ip);
continue;
break;
case 'new':
if ($isNew) {
$entity->set($field, $ip);
continue;
}
break;
}
}
return true;
}
/**
* Startup event to trace the user on the website.
*
* @param Event $event The event that was fired.
*
* @return void
*/
public function startup(Event $event)
{
if (empty($this->_session->id())) {
$this->_session->start();
return;
}
$sessions = TableRegistry::get('Sessions');
$prefix = isset($this->_request['prefix']) ? $this->_request['prefix'] . '/' : '';
$controller = $prefix . $this->_request['controller'];
$action = $this->_request['action'];
$params = serialize($this->_request->pass);
$expires = time() + ini_get('session.gc_maxlifetime');
//@codingStandardsIgnoreStart
$user_id = $this->_session->read('Auth.User.id');
$user_agent = $this->_request->env('HTTP_USER_AGENT');
$user_ip = $this->_request->clientIp();
$full_url = $this->_request->url;
//@codingStandardIgnoreEnd
$modified = new Time();
$record = compact('controller', 'action', 'params', 'expires', 'user_id', 'user_agent', 'user_ip', 'full_url', 'modified');
$record[$sessions->primaryKey()] = $this->_session->id();
$sessions->save(new Entity($record));
}
/**
* Test the clientIp method.
*
* @return void
*/
public function testclientIp()
{
$request = new Request(['environment' => ['HTTP_X_FORWARDED_FOR' => '192.168.1.5, 10.0.1.1, proxy.com', 'HTTP_CLIENT_IP' => '192.168.1.2', 'REMOTE_ADDR' => '192.168.1.3']]);
$request->trustProxy = true;
$this->assertEquals('192.168.1.5', $request->clientIp());
$request->trustProxy = false;
$this->assertEquals('192.168.1.2', $request->clientIp());
$request->env('HTTP_X_FORWARDED_FOR', '');
$this->assertEquals('192.168.1.2', $request->clientIp());
$request->env('HTTP_CLIENT_IP', '');
$this->assertEquals('192.168.1.3', $request->clientIp());
$request->env('HTTP_CLIENTADDRESS', '10.0.1.2, 10.0.1.1');
$this->assertEquals('10.0.1.2', $request->clientIp());
}
/**
* _resetBruteForceAttack
*
* @param \Cake\Network\Request $request The request that contains login information.
* @return void
*/
protected function _resetBruteForceAttack(Request $request)
{
$filePath = CONFIG . $this->_config['lockout']['file_path'] . DS . $request->clientIp();
if (file_exists($filePath)) {
unlink($filePath);
}
}
/**
* Get the request context for an error/exception trace.
*
* @param \Cake\Network\Request $request The request to read from.
* @return string
*/
protected function _requestContext($request)
{
$message = "\nRequest URL: " . $request->here();
$referer = $request->env('HTTP_REFERER');
if ($referer) {
$message .= "\nReferer URL: " . $referer;
}
$clientIp = $request->clientIp();
if ($clientIp && $clientIp !== '::1') {
$message .= "\nClient IP: " . $clientIp;
}
return $message;
}
