octoleo/syncthing
1
0
Fork 0
mirror of https://github.com/octoleo/syncthing.git synced 2025-01-03 15:17:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

lib/api: Log the remote address on login attempts (#7560)

Browse Source 
This enables usage of the audit log to e.g. automatically block remote
addresses from connecting after repeated login failures.
This commit is contained in:
André Colomb 2021-04-13 10:14:44 +02:00 committed by GitHub
parent f71fcd440a
commit f6df1a760d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/api/api_auth.go
View File

@ -29,10 +29,11 @@ var (
sessionsMut = sync.NewMutex() sessionsMut = sync.NewMutex()
) )
func emitLoginAttempt(success bool, username string, evLogger events.Logger) { func emitLoginAttempt(success bool, username, address string, evLogger events.Logger) {
evLogger.Log(events.LoginAttempt, map[string]interface{}{ evLogger.Log(events.LoginAttempt, map[string]interface{}{
"success": success, "success": success,
"username": username, "username": username,
"remoteAddress": address,
}) })
} }
@ -95,7 +96,7 @@ func basicAuthAndSessionMiddleware(cookieName string, guiCfg config.GUIConfigura
} }
if !authOk { if !authOk {
emitLoginAttempt(false, username, evLogger) emitLoginAttempt(false, username, r.RemoteAddr, evLogger)
error() error()
return return
} }
@ -110,7 +111,7 @@ func basicAuthAndSessionMiddleware(cookieName string, guiCfg config.GUIConfigura
MaxAge: 0, MaxAge: 0,
}) })
emitLoginAttempt(true, username, evLogger) emitLoginAttempt(true, username, r.RemoteAddr, evLogger)
next.ServeHTTP(w, r) next.ServeHTTP(w, r)
}) })
} }