This commit is contained in:
@ -88,7 +88,7 @@ LOGGING = {
|
|||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
AUTH_VERIFY_URL = os.environ.get('AUTH_VERIFY_URL', 'NONE')
|
# AUTH_VERIFY_URL = os.environ.get('AUTH_VERIFY_URL', 'NONE')
|
||||||
|
|
||||||
ALLOWED_HOSTS = ["*"]
|
ALLOWED_HOSTS = ["*"]
|
||||||
|
|
||||||
|
@ -1,24 +1,29 @@
|
|||||||
# views.py
|
# views.py
|
||||||
import logging # ✅ 로그 추가
|
import logging
|
||||||
from rest_framework.views import APIView
|
from rest_framework.views import APIView
|
||||||
from rest_framework.response import Response
|
from rest_framework.response import Response
|
||||||
from rest_framework import status
|
from rest_framework import status
|
||||||
from rest_framework.permissions import IsAuthenticated
|
from rest_framework.permissions import IsAuthenticated
|
||||||
from rest_framework_simplejwt.views import TokenObtainPairView
|
from rest_framework_simplejwt.views import TokenObtainPairView
|
||||||
|
|
||||||
from .serializers import RegisterSerializer, CustomTokenObtainPairSerializer
|
from .serializers import RegisterSerializer, CustomTokenObtainPairSerializer
|
||||||
|
|
||||||
logger = logging.getLogger(__name__) # ✅ 로그 추가
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
def get_request_info(request):
|
||||||
|
ip = request.META.get("REMOTE_ADDR", "unknown")
|
||||||
|
ua = request.META.get("HTTP_USER_AGENT", "unknown")
|
||||||
|
email = getattr(request.user, "email", "anonymous")
|
||||||
|
return email, ip, ua
|
||||||
|
|
||||||
class RegisterView(APIView):
|
class RegisterView(APIView):
|
||||||
def post(self, request):
|
def post(self, request):
|
||||||
logger.info("RegisterView POST called. data=%s", request.data) # ✅ 로그 추가
|
email, ip, ua = get_request_info(request)
|
||||||
serializer = RegisterSerializer(data=request.data)
|
serializer = RegisterSerializer(data=request.data)
|
||||||
if serializer.is_valid():
|
if serializer.is_valid():
|
||||||
user = serializer.save()
|
user = serializer.save()
|
||||||
logger.info("User registered: %s", user.email if hasattr(user, "email") else str(user)) # ✅ 로그 추가
|
logger.info(f"[REGISTER] user={user.email} | status=success | IP={ip} | UA={ua}")
|
||||||
return Response({"message": "User registered successfully."}, status=status.HTTP_201_CREATED)
|
return Response({"message": "User registered successfully."}, status=status.HTTP_201_CREATED)
|
||||||
logger.warning("Registration failed: %s", serializer.errors) # ✅ 로그 추가
|
logger.warning(f"[REGISTER] user={email} | status=fail | IP={ip} | UA={ua} | detail={serializer.errors}")
|
||||||
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||||
|
|
||||||
|
|
||||||
@ -26,20 +31,19 @@ class MeView(APIView):
|
|||||||
permission_classes = [IsAuthenticated]
|
permission_classes = [IsAuthenticated]
|
||||||
|
|
||||||
def get(self, request):
|
def get(self, request):
|
||||||
logger.debug("MeView GET called by user: %s", request.user) # ✅ 로그 추가
|
email, ip, ua = get_request_info(request)
|
||||||
user = request.user
|
logger.debug(f"[ME GET] user={email} | IP={ip} | UA={ua}")
|
||||||
serializer = RegisterSerializer(user)
|
serializer = RegisterSerializer(request.user)
|
||||||
return Response(serializer.data)
|
return Response(serializer.data)
|
||||||
|
|
||||||
def put(self, request):
|
def put(self, request):
|
||||||
logger.info("MeView PUT called by user: %s", request.user) # ✅ 로그 추가
|
email, ip, ua = get_request_info(request)
|
||||||
user = request.user
|
serializer = RegisterSerializer(request.user, data=request.data, partial=True)
|
||||||
serializer = RegisterSerializer(user, data=request.data, partial=True)
|
|
||||||
if serializer.is_valid():
|
if serializer.is_valid():
|
||||||
serializer.save()
|
serializer.save()
|
||||||
logger.info("User profile updated: %s", request.user) # ✅ 로그 추가
|
logger.info(f"[ME UPDATE] user={email} | status=success | IP={ip} | UA={ua}")
|
||||||
return Response(serializer.data)
|
return Response(serializer.data)
|
||||||
logger.warning("Profile update failed: %s", serializer.errors) # ✅ 로그 추가
|
logger.warning(f"[ME UPDATE] user={email} | status=fail | IP={ip} | UA={ua} | detail={serializer.errors}")
|
||||||
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
|
||||||
|
|
||||||
|
|
||||||
@ -47,44 +51,54 @@ class CustomTokenObtainPairView(TokenObtainPairView):
|
|||||||
serializer_class = CustomTokenObtainPairSerializer
|
serializer_class = CustomTokenObtainPairSerializer
|
||||||
|
|
||||||
def post(self, request, *args, **kwargs):
|
def post(self, request, *args, **kwargs):
|
||||||
logger.info("Login attempt: %s", request.data.get("email")) # ✅ 로그 추가 (비밀번호 제외)
|
ip = request.META.get("REMOTE_ADDR", "unknown")
|
||||||
return super().post(request, *args, **kwargs)
|
ua = request.META.get("HTTP_USER_AGENT", "unknown")
|
||||||
|
email = request.data.get("email", "unknown")
|
||||||
|
logger.info(f"[LOGIN] user={email} | status=attempt | IP={ip} | UA={ua}")
|
||||||
|
response = super().post(request, *args, **kwargs)
|
||||||
|
|
||||||
|
# 성공 실패 판단
|
||||||
|
if response.status_code == 200:
|
||||||
|
logger.info(f"[LOGIN] user={email} | status=success | IP={ip} | UA={ua}")
|
||||||
|
else:
|
||||||
|
logger.warning(f"[LOGIN] user={email} | status=fail | IP={ip} | UA={ua} | detail={response.data}")
|
||||||
|
return response
|
||||||
|
|
||||||
|
|
||||||
class SSHKeyUploadView(APIView):
|
class SSHKeyUploadView(APIView):
|
||||||
permission_classes = [IsAuthenticated]
|
permission_classes = [IsAuthenticated]
|
||||||
|
|
||||||
def post(self, request):
|
def post(self, request):
|
||||||
logger.info("SSHKeyUploadView POST called by user: %s", request.user) # ✅ 로그 추가
|
email, ip, ua = get_request_info(request)
|
||||||
private_key = request.data.get("private_key")
|
private_key = request.data.get("private_key")
|
||||||
key_name = request.data.get("key_name")
|
key_name = request.data.get("key_name")
|
||||||
|
|
||||||
if not private_key or not key_name:
|
if not private_key or not key_name:
|
||||||
logger.warning("Missing SSH key or key name in request") # ✅ 로그 추가
|
logger.warning(f"[SSH UPLOAD] user={email} | status=fail | reason=missing_key_or_name | IP={ip} | UA={ua}")
|
||||||
return Response(
|
return Response(
|
||||||
{"error": "private_key와 key_name 모두 필요합니다."},
|
{"error": "private_key와 key_name 모두 필요합니다."},
|
||||||
status=status.HTTP_400_BAD_REQUEST
|
status=status.HTTP_400_BAD_REQUEST
|
||||||
)
|
)
|
||||||
|
|
||||||
user = request.user
|
|
||||||
try:
|
try:
|
||||||
|
user = request.user
|
||||||
user.save_private_key(private_key)
|
user.save_private_key(private_key)
|
||||||
user.encrypted_private_key_name = key_name
|
user.encrypted_private_key_name = key_name
|
||||||
user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name"])
|
user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name"])
|
||||||
logger.info("SSH key saved for user: %s", user) # ✅ 로그 추가
|
logger.info(f"[SSH UPLOAD] user={email} | status=success | key_name={key_name} | IP={ip} | UA={ua}")
|
||||||
return Response({"message": "SSH key 저장 완료."}, status=201)
|
return Response({"message": "SSH key 저장 완료."}, status=201)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
logger.exception("SSH key 저장 중 오류 발생") # ✅ 로그 추가
|
logger.exception(f"[SSH UPLOAD] user={email} | status=fail | reason=exception | IP={ip} | UA={ua}")
|
||||||
return Response({"error": f"암호화 또는 저장 실패: {str(e)}"}, status=500)
|
return Response({"error": f"암호화 또는 저장 실패: {str(e)}"}, status=500)
|
||||||
|
|
||||||
def delete(self, request):
|
def delete(self, request):
|
||||||
logger.info("SSHKeyUploadView DELETE called by user: %s", request.user) # ✅ 로그 추가
|
email, ip, ua = get_request_info(request)
|
||||||
user = request.user
|
user = request.user
|
||||||
user.encrypted_private_key = None
|
user.encrypted_private_key = None
|
||||||
user.encrypted_private_key_name = None
|
user.encrypted_private_key_name = None
|
||||||
user.last_used_at = None
|
user.last_used_at = None
|
||||||
user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name", "last_used_at"])
|
user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name", "last_used_at"])
|
||||||
logger.info("SSH key deleted for user: %s", user) # ✅ 로그 추가
|
logger.info(f"[SSH DELETE] user={email} | status=success | IP={ip} | UA={ua}")
|
||||||
return Response({"message": "SSH key deleted."}, status=200)
|
return Response({"message": "SSH key deleted."}, status=200)
|
||||||
|
|
||||||
|
|
||||||
@ -92,7 +106,8 @@ class SSHKeyInfoView(APIView):
|
|||||||
permission_classes = [IsAuthenticated]
|
permission_classes = [IsAuthenticated]
|
||||||
|
|
||||||
def get(self, request):
|
def get(self, request):
|
||||||
logger.debug("SSHKeyInfoView GET called by user: %s", request.user) # ✅ 로그 추가
|
email, ip, ua = get_request_info(request)
|
||||||
|
logger.debug(f"[SSH INFO] user={email} | IP={ip} | UA={ua}")
|
||||||
user = request.user
|
user = request.user
|
||||||
return Response({
|
return Response({
|
||||||
"has_key": bool(user.encrypted_private_key),
|
"has_key": bool(user.encrypted_private_key),
|
||||||
@ -105,16 +120,16 @@ class SSHKeyRetrieveView(APIView):
|
|||||||
permission_classes = [IsAuthenticated]
|
permission_classes = [IsAuthenticated]
|
||||||
|
|
||||||
def get(self, request):
|
def get(self, request):
|
||||||
logger.info("SSHKeyRetrieveView GET called by user: %s", request.user) # ✅ 로그 추가
|
email, ip, ua = get_request_info(request)
|
||||||
user = request.user
|
user = request.user
|
||||||
if not user.encrypted_private_key:
|
if not user.encrypted_private_key:
|
||||||
logger.warning("User tried to retrieve non-existent SSH key: %s", user) # ✅ 로그 추가
|
logger.warning(f"[SSH RETRIEVE] user={email} | status=fail | reason=not_found | IP={ip} | UA={ua}")
|
||||||
return Response({"error": "SSH 키가 등록되어 있지 않습니다."}, status=404)
|
return Response({"error": "SSH 키가 등록되어 있지 않습니다."}, status=404)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
decrypted_key = user.decrypt_private_key()
|
decrypted_key = user.decrypt_private_key()
|
||||||
logger.info("SSH key successfully decrypted for user: %s", user) # ✅ 로그 추가
|
logger.info(f"[SSH RETRIEVE] user={email} | status=success | IP={ip} | UA={ua}")
|
||||||
return Response({"ssh_key": decrypted_key})
|
return Response({"ssh_key": decrypted_key})
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
logger.exception("SSH key 복호화 실패") # ✅ 로그 추가
|
logger.exception(f"[SSH RETRIEVE] user={email} | status=fail | reason=exception | IP={ip} | UA={ua}")
|
||||||
return Response({"error": f"복호화 실패: {str(e)}"}, status=500)
|
return Response({"error": f"복호화 실패: {str(e)}"}, status=500)
|
||||||
|
Reference in New Issue
Block a user