Mirrors/audiobookshelf
Mirrors/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2025-01-03 00:06:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update:Add client ip address in server log for failed auth attempts #1172

Browse Source
This commit is contained in:
advplyr 2022-11-17 18:04:11 -06:00
parent 7008267e42
commit 892fb6410c
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
server/Auth.js
View File

@ -1,5 +1,6 @@
const bcrypt = require('./libs/bcryptjs') const bcrypt = require('./libs/bcryptjs')
const jwt = require('./libs/jsonwebtoken') const jwt = require('./libs/jsonwebtoken')
const requestIp = require('./libs/requestIp')
const Logger = require('./Logger') const Logger = require('./Logger')
class Auth { class Auth {
@ -125,14 +126,16 @@ class Auth {
} }
async login(req, res, feeds) { async login(req, res, feeds) {
const ipAddress = requestIp.getClientIp(req)
var username = (req.body.username || '').toLowerCase() var username = (req.body.username || '').toLowerCase()
var password = req.body.password || '' var password = req.body.password || ''
var user = this.users.find(u => u.username.toLowerCase() === username) var user = this.users.find(u => u.username.toLowerCase() === username)
if (!user || !user.isActive) { if (!user || !user.isActive) {
Logger.debug(`[Auth] Failed login attempt ${req.rateLimit.current} of ${req.rateLimit.limit}`) Logger.warn(`[Auth] Failed login attempt ${req.rateLimit.current} of ${req.rateLimit.limit} from ${ipAddress}`)
if (req.rateLimit.remaining <= 2) { if (req.rateLimit.remaining <= 2) {
Logger.error(`[Auth] Failed login attempt for username ${username} from ip ${ipAddress}. Attempts: ${req.rateLimit.current}`)
return res.status(401).send(`Invalid user or password (${req.rateLimit.remaining === 0 ? '1 attempt remaining' : `${req.rateLimit.remaining + 1} attempts remaining`})`) return res.status(401).send(`Invalid user or password (${req.rateLimit.remaining === 0 ? '1 attempt remaining' : `${req.rateLimit.remaining + 1} attempts remaining`})`)
} }
return res.status(401).send('Invalid user or password') return res.status(401).send('Invalid user or password')
@ -152,9 +155,9 @@ class Auth {
if (compare) { if (compare) {
res.json(this.getUserLoginResponsePayload(user, feeds)) res.json(this.getUserLoginResponsePayload(user, feeds))
} else { } else {
Logger.debug(`[Auth] Failed login attempt ${req.rateLimit.current} of ${req.rateLimit.limit}`) Logger.warn(`[Auth] Failed login attempt ${req.rateLimit.current} of ${req.rateLimit.limit} from ${ipAddress}`)
if (req.rateLimit.remaining <= 2) { if (req.rateLimit.remaining <= 2) {
Logger.error(`[Auth] Failed login attempt for user ${user.username}. Attempts: ${req.rateLimit.current}`) Logger.error(`[Auth] Failed login attempt for user ${user.username} from ip ${ipAddress}. Attempts: ${req.rateLimit.current}`)
return res.status(401).send(`Invalid user or password (${req.rateLimit.remaining === 0 ? '1 attempt remaining' : `${req.rateLimit.remaining + 1} attempts remaining`})`) return res.status(401).send(`Invalid user or password (${req.rateLimit.remaining === 0 ? '1 attempt remaining' : `${req.rateLimit.remaining + 1} attempts remaining`})`)
} }
return res.status(401).send('Invalid user or password') return res.status(401).send('Invalid user or password')