diff options
| author | Mohamed Bassem <me@mbassem.com> | 2025-07-13 01:11:14 +0000 |
|---|---|---|
| committer | Mohamed Bassem <me@mbassem.com> | 2025-07-13 01:11:14 +0000 |
| commit | f8ae986692f82efe8c1f3940907aab553e4f5a49 (patch) | |
| tree | 5180fb18a644c743bc26a3c78620b59489f4e209 | |
| parent | 360ef9dbbe68f2b87fcb59ff0100de7527cc88ba (diff) | |
| download | karakeep-f8ae986692f82efe8c1f3940907aab553e4f5a49.tar.zst | |
fix: Drop auth failure logger
| -rw-r--r-- | apps/web/server/auth.ts | 13 | ||||
| -rw-r--r-- | packages/shared/logger.ts | 19 | ||||
| -rw-r--r-- | packages/trpc/auth.ts | 11 | ||||
| -rw-r--r-- | packages/trpc/routers/apiKeys.ts | 29 |
4 files changed, 11 insertions, 61 deletions
diff --git a/apps/web/server/auth.ts b/apps/web/server/auth.ts index e7b5e1cb..3abc682f 100644 --- a/apps/web/server/auth.ts +++ b/apps/web/server/auth.ts @@ -9,7 +9,6 @@ import NextAuth, { import { Adapter as NextAuthAdapater } from "next-auth/adapters"; import CredentialsProvider from "next-auth/providers/credentials"; import { Provider } from "next-auth/providers/index"; -import requestIp from "request-ip"; import { db } from "@karakeep/db"; import { @@ -19,7 +18,7 @@ import { verificationTokens, } from "@karakeep/db/schema"; import serverConfig from "@karakeep/shared/config"; -import { logAuthenticationError, validatePassword } from "@karakeep/trpc/auth"; +import { validatePassword } from "@karakeep/trpc/auth"; import { createUserRaw } from "@karakeep/trpc/routers/users"; type UserRole = "admin" | "user"; @@ -100,7 +99,7 @@ const providers: Provider[] = [ email: { label: "Email", type: "email", placeholder: "Email" }, password: { label: "Password", type: "password" }, }, - async authorize(credentials, req) { + async authorize(credentials) { if (!credentials) { return null; } @@ -110,13 +109,7 @@ const providers: Provider[] = [ credentials?.email, credentials?.password, ); - } catch (e) { - const error = e as Error; - logAuthenticationError( - credentials?.email, - error.message, - requestIp.getClientIp({ headers: req.headers }), - ); + } catch { return null; } }, diff --git a/packages/shared/logger.ts b/packages/shared/logger.ts index f3aa3cb9..f406b447 100644 --- a/packages/shared/logger.ts +++ b/packages/shared/logger.ts @@ -15,22 +15,3 @@ const logger = winston.createLogger({ }); export default logger; - -export const authFailureLogger = winston.createLogger({ - level: "debug", - format: winston.format.combine( - winston.format.timestamp(), - winston.format.printf( - (info) => `${info.timestamp} ${info.level}: ${info.message}`, - ), - ), - transports: [ - new winston.transports.Console(), - new winston.transports.File({ - filename: "auth_failures.log", - dirname: serverConfig.dataDir, - maxFiles: 2, - maxsize: 1024 * 1024, - }), - ], -}); diff --git a/packages/trpc/auth.ts b/packages/trpc/auth.ts index caf8e182..a01288d8 100644 --- a/packages/trpc/auth.ts +++ b/packages/trpc/auth.ts @@ -4,7 +4,6 @@ import * as bcrypt from "bcryptjs"; import { db } from "@karakeep/db"; import { apiKeys } from "@karakeep/db/schema"; import serverConfig from "@karakeep/shared/config"; -import { authFailureLogger } from "@karakeep/shared/logger"; // API Keys @@ -116,13 +115,3 @@ export async function validatePassword(email: string, password: string) { return user; } - -export function logAuthenticationError( - user: string, - message: string, - ip: string | null, -): void { - authFailureLogger.error( - `Authentication error. User: "${user}", Message: "${message}", IP-Address: "${ip}"`, - ); -} diff --git a/packages/trpc/routers/apiKeys.ts b/packages/trpc/routers/apiKeys.ts index d4e01aa5..a7a7ad09 100644 --- a/packages/trpc/routers/apiKeys.ts +++ b/packages/trpc/routers/apiKeys.ts @@ -5,12 +5,7 @@ import { z } from "zod"; import { apiKeys } from "@karakeep/db/schema"; import serverConfig from "@karakeep/shared/config"; -import { - authenticateApiKey, - generateApiKey, - logAuthenticationError, - validatePassword, -} from "../auth"; +import { authenticateApiKey, generateApiKey, validatePassword } from "../auth"; import { authedProcedure, createRateLimitMiddleware, @@ -90,7 +85,7 @@ export const apiKeysAppRouter = router({ }), ) .output(zApiKeySchema) - .mutation(async ({ input, ctx }) => { + .mutation(async ({ input }) => { let user; // Special handling as otherwise the extension would show "username or password is wrong" if (serverConfig.auth.disablePasswordAuth) { @@ -101,9 +96,7 @@ export const apiKeysAppRouter = router({ } try { user = await validatePassword(input.email, input.password); - } catch (e) { - const error = e as Error; - logAuthenticationError(input.email, error.message, ctx.req.ip); + } catch { throw new TRPCError({ code: "UNAUTHORIZED" }); } return await generateApiKey(input.keyName, user.id); @@ -118,16 +111,10 @@ export const apiKeysAppRouter = router({ ) // 30 requests per minute .input(z.object({ apiKey: z.string() })) .output(z.object({ success: z.boolean() })) - .mutation(async ({ input, ctx }) => { - try { - await authenticateApiKey(input.apiKey); // Throws if the key is invalid - return { - success: true, - }; - } catch (e) { - const error = e as Error; - logAuthenticationError("<unknown>", error.message, ctx.req.ip); - throw e; - } + .mutation(async ({ input }) => { + await authenticateApiKey(input.apiKey); // Throws if the key is invalid + return { + success: true, + }; }), }); |