AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add IP address to authentication error logs

This commit is contained in:
ThreeCO 2020-12-31 05:45:56 +01:00 committed by GitHub
parent dcb3e59548
commit 89e96d8333
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/Subscriber/AuthSubscriber.php
View File

@ -95,10 +95,11 @@ class AuthSubscriber extends BaseSubscriber implements EventSubscriberInterface
{
$this->logger->debug('Subscriber executed: '.__METHOD__);
$username = $event->getUsername();
$ipAddress = $this->request->getIpAddress();
if (! empty($username)) {
// log login failure in web server log to allow fail2ban usage
error_log('Kanboard: user '.$username.' authentication failure');
error_log('Kanboard: user '.$username.' authentication failure with IP address: '.$ipAddress);
$this->userLockingModel->incrementFailedLogin($username);
if ($this->userLockingModel->getFailedLogin($username) > BRUTEFORCE_LOCKDOWN) {
@ -107,7 +108,7 @@ class AuthSubscriber extends BaseSubscriber implements EventSubscriberInterface
}
else {
// log login failure in web server log to allow fail2ban usage
error_log('Kanboard: user Unknown authentication failure');
error_log('Kanboard: user Unknown authentication failure with IP address: '.$ipAddress);
}
}
}