From cc94609423b3ffc4d8c65667f2a1693dcbc1f40a Mon Sep 17 00:00:00 2001 From: Nelson Chan Date: Mon, 26 Jun 2023 04:49:49 +0800 Subject: [PATCH] Chore: Add logging for failed auth --- server/auth.js | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/server/auth.js b/server/auth.js index c42a74c40..1ea8b45f9 100644 --- a/server/auth.js +++ b/server/auth.js @@ -2,6 +2,7 @@ const basicAuth = require("express-basic-auth"); const passwordHash = require("./password-hash"); const { R } = require("redbean-node"); const { setting } = require("./util-server"); +const { log } = require("../src/util"); const { loginRateLimiter, apiRateLimiter } = require("./rate-limiter"); const { Settings } = require("./settings"); const dayjs = require("dayjs"); @@ -81,12 +82,16 @@ function apiAuthorizer(username, password, callback) { apiRateLimiter.pass(null, 0).then((pass) => { if (pass) { verifyAPIKey(password).then((valid) => { + if (!valid) { + log.warn("api-auth", "Failed API auth attempt: invalid API Key"); + } callback(null, valid); // Only allow a set number of api requests per minute // (currently set to 60) apiRateLimiter.removeTokens(1); }); } else { + log.warn("api-auth", "Failed API auth attempt: rate limit exceeded"); callback(null, false); } }); @@ -106,10 +111,12 @@ function userAuthorizer(username, password, callback) { callback(null, user != null); if (user == null) { + log.warn("basic-auth", "Failed basic auth attempt: invalid username/password"); loginRateLimiter.removeTokens(1); } }); } else { + log.warn("basic-auth", "Failed basic auth attempt: rate limit exceeded"); callback(null, false); } });