From 2e22eabe046a77aa1eee128b9c518e2850fcdd51 Mon Sep 17 00:00:00 2001
From: Andrew Walker <awalker@ixsystems.com>
Date: Wed, 15 Jan 2025 13:33:14 -0600
Subject: [PATCH] Generate audit trail for when middleware session changes cred
 (#15357)

We were not generating an audit log entry when an authenticated
middleware session calls auth.login* endpoints to change its
effective credential.
---
 src/middlewared/middlewared/plugins/auth.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/middlewared/middlewared/plugins/auth.py b/src/middlewared/middlewared/plugins/auth.py
index 8874baf00403f..6ada6c2da4b30 100644
--- a/src/middlewared/middlewared/plugins/auth.py
+++ b/src/middlewared/middlewared/plugins/auth.py
@@ -118,6 +118,10 @@ async def login(self, app, credentials):
         if app.authenticated:
             self.sessions[app.session_id].credentials = credentials
             app.authenticated_credentials = credentials
+            await self.middleware.log_audit_message(app, "AUTHENTICATION", {
+                "credentials": dump_credentials(credentials),
+                "error": None,
+            }, True)
             return
 
         session = Session(self, credentials, app)