Log failed accesses option

This commit is contained in:
benrubson 2020-05-03 16:20:02 +02:00
parent 12a9a45747
commit 58df3ad956
2 changed files with 20 additions and 9 deletions

View File

@ -266,4 +266,10 @@ API_DEFAULT_ITEM_COUNT=100
API_MAX_ITEM_COUNT=500
# The number of API requests that can be made per minute by a single user.
API_REQUESTS_PER_MIN=180
API_REQUESTS_PER_MIN=180
# Failed access
# message to log into webserver logs in case of failed access, for further processing by tools like Fail2Ban
# Apache users should use : user "%u" authentication failure for "BookStack"
# Nginx users should use : user "%u" was not found in "BookStack"
FAILED_ACCESS_MESSAGE=''

View File

@ -169,15 +169,20 @@ class LoginController extends Controller
}
/**
* Log failed accesses, matching the default fail2ban nginx/apache auth rules.
*/
protected function logFailedAccess(Request $request)
* Log failed accesses, for further processing by tools like Fail2Ban
*
* @param \Illuminate\Http\Request $request
* @return void
*/
protected function logFailedAccess($request)
{
if (isset($_SERVER['SERVER_SOFTWARE']) && preg_match('/nginx/i', $_SERVER['SERVER_SOFTWARE'])) {
error_log('user "' . $request->get($this->username()) . '" was not found in "BookStack"', 4);
} else {
error_log('user "' . $request->get($this->username()) . '" authentication failure for "BookStack"', 4);
}
$log_msg = env('FAILED_ACCESS_MESSAGE', '');
if (!is_string($request->get($this->username())) || !is_string($log_msg) || strlen($log_msg)<1)
return;
$log_msg = str_replace("%u", $request->get($this->username()), $log_msg);
error_log($log_msg, 4);
}
}