Adding dashboard login activity (#1092)

For better auditing this PR adds a dashboard login event to the management service. For that the user object was extended with a field for last login that is not actively saved to the database but kept in memory until next write. The information about the last login can be extracted from the JWT claims nb_last_login. This timestamp will be stored and compared on each API request. If the value changes we generate an event to inform about a login.
2026-04-18 08:16:39 +00:00 · 2023-08-18 19:23:11 +02:00
parent 3ac32fd78a
commit da75a76d41
13 changed files with 110 additions and 13 deletions
--- a/management/server/http/api/openapi.yml
+++ b/management/server/http/api/openapi.yml
@@ -100,6 +100,11 @@ components:
          type: string
          enum: [ "active","invited","blocked" ]
          example: active
+        last_login:
+          description: Last time this user performed a login to the dashboard
+          type: string
+          format: date-time
+          example: 2023-05-05T09:00:35.477782Z
        auto_groups:
          description: Groups to auto-assign to peers registered by this user
          type: array
--- a/management/server/http/api/types.gen.go
+++ b/management/server/http/api/types.gen.go
@@ -767,6 +767,9 @@ type User struct {
 	// IsServiceUser Is true if this user is a service user
 	IsServiceUser *bool `json:"is_service_user,omitempty"`

+	// LastLogin Last time this user performed a login to the dashboard
+	LastLogin *time.Time `json:"last_login,omitempty"`
+
 	// Name User's name from idp provider
 	Name string `json:"name"`