rdelaage
/
miniflux-v2
mirror of https://github.com/miniflux/v2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added remote client IP to API login failure error message. 

Addresses #205

Changed error level reporting on API login failure to Error from Info to match the web login reporting.
This commit is contained in:
dzaikos 2018-08-25 16:59:17 -04:00 committed by Frédéric Guillot
parent 62ec185154
commit aae62aae08
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
middleware/basic_auth.go
View File

@ -8,6 +8,7 @@ import (
"context"
"net/http"
"miniflux.app/http/request"
"miniflux.app/http/response/json"
"miniflux.app/logger"
)
@ -17,6 +18,8 @@ func (m *Middleware) BasicAuth(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
remoteAddr := request.RealIP(r)
username, password, authOK := r.BasicAuth()
if !authOK {
logger.Debug("[Middleware:BasicAuth] No authentication headers sent")
@ -25,7 +28,7 @@ func (m *Middleware) BasicAuth(next http.Handler) http.Handler {
}
if err := m.store.CheckPassword(username, password); err != nil {
logger.Info("[Middleware:BasicAuth] Invalid username or password: %s", username)
logger.Error("[Middleware:BasicAuth] [Remote=%v] Invalid username or password: %s", remoteAddr, username)
json.Unauthorized(w)
return
}
@ -38,7 +41,7 @@ func (m *Middleware) BasicAuth(next http.Handler) http.Handler {
}
if user == nil {
logger.Info("[Middleware:BasicAuth] User not found: %s", username)
logger.Error("[Middleware:BasicAuth] [Remote=%v] User not found: %s", remoteAddr, username)
json.Unauthorized(w)
return
}