Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow admins to view user IP addresses in the admin panel users table and users page #1009

Draft
wants to merge 20 commits into
base: main
Choose a base branch
from
Draft

Allow admins to view user IP addresses in the admin panel users table and users page #1009

wants to merge 20 commits into from

Conversation

ghost
Copy link

@ghost ghost commented Aug 9, 2024
edited by ghost
Loading

Introduces admin ability to view local users IP addresses as resolved from src/Service/IpResolver.php:

image

A user's IP address is updated on:

  • successful authentication
  • entry creation
  • entry edit
  • entry comment creation
  • entry comment edit
  • post creation
  • post edit
  • post comment creation
  • post comment edit

I also added local user email and IP to the user's page for admins:

image

Other things:
I noticed the GitHub authenticator was missing the IP being set in the user dto which will cause the registration limiter to be ineffective, so I added it in to be consistent with the other authentication mechanisms.

Closes: #833

@ghost ghost added the enhancement New feature or request label Aug 9, 2024
@ghost ghost added this to the v1.8.0 milestone Aug 9, 2024
@ghost ghost self-assigned this Aug 9, 2024
@ghost ghost marked this pull request as ready for review August 9, 2024 14:36
@ghost ghost requested a review from BentiGorlich August 9, 2024 14:36
@BentiGorlich
Copy link
Member

I thought that we fixed the trusted proxy problem a long time ago :O

@ghost
Copy link
Author

ghost commented Aug 9, 2024

I thought that we fixed the trusted proxy problem a long time ago :O

not sure how since it was never configured, lol

@ghost ghost changed the title Allow admins to view user IP addresses in the admin panel users table Allow admins to view user IP addresses in the admin panel users table and users page Aug 9, 2024
BentiGorlich
BentiGorlich requested changes Aug 10, 2024
View reviewed changes
Copy link
Member

@BentiGorlich BentiGorlich left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have a few things that I would like to see changed:

  1. I would prefer if you'd move the trusted proxy stuff in its own PR
  2. Since we are already changing the db schema to have the IP-addresses of users we should create a new table for IP addresses and one that makes the references between users and IPs. That would have a few benefits:
    • accounts for multiple devices
    • The most important IP imo is the one used to register an account. At least that is the one I would be interested in for spam detection.
    • since this is personal information I think we should create a scheduled job to look for IP addresses that have been used over a year ago and deleting them
    • we can use the same table for IP-blocks in the future
    • easier to lookup all users with a specific IP

I think this would be a really good addition for admins to prevent spam right upon account creation

templates/admin/users.html.twig Outdated Show resolved Hide resolved
templates/admin/users.html.twig Outdated Show resolved Hide resolved
@ghost ghost marked this pull request as draft August 10, 2024 14:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
MBin Kanban Board
Status: In Progress
Milestone
v1.8.0
Development

Successfully merging this pull request may close these issues.

Add local user IP ban/visibility for instance admins
1 participant
@BentiGorlich