Auditing User Logins

Hi everyone,

Although one of our implementations can’t use Google Analytics, they’d like to know when any given user last accessed the system. It looks as though we can somewhat glean this info from NGINX’s access.log. The degree to which the results would be complete depend on how much log history we retain, though, and the approach generally seems convoluted. Being able to access something like a “lastLogin” field within referencedata.users or auth.auth_users seems much better.

Does OpenLMIS already have a clean way of determining when each user last logged in? If not, will someone on the core team please describe an approach which would be acceptable for an implementation to contribute?

Thank you,

Hi @Ben_Leibert1, try looking in the Auth service, not Reference Data. That should have a pretty straightforward solution using standard Spring Security for OAuth2 - though you’ll need to dive in to find the version it’s using.

Thank you @joshzamor - I had wondered about the auth service. If we were to take a standard approach offered by OAuth, would the Core team likely accept the contribution?

Hi @Ben_Leibert1, if it’s a simple and standard sort of approach I don’t see why not. Have you checked what’s in the Auth database already? For clarity Spring Security is what we use for OAuth2, you’ll want to look there and in the Auth service. Otherwise OAuth has no real relevance here.