From 0debc6b415baa466245901fb52c009d09ef3ba15 Mon Sep 17 00:00:00 2001 From: kamtschatka Date: Sat, 19 Oct 2024 22:24:26 +0200 Subject: feature: Log authentication failures to support fail2ban. Fixes #477 (#569) * How do I set the variable "user" or "system" for AI inference #262 changed from system to user * [Feature Request] Log failed login attempts for fail2ban implementation #477 added logging of failed logins * [Feature Request] Log failed login attempts for fail2ban implementation #477 added more logging for extension related logins * Propagte IP to trpc --------- Co-authored-by: Your Name --- apps/web/server/auth.ts | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'apps/web/server/auth.ts') diff --git a/apps/web/server/auth.ts b/apps/web/server/auth.ts index 042be1ae..ee226743 100644 --- a/apps/web/server/auth.ts +++ b/apps/web/server/auth.ts @@ -8,6 +8,7 @@ import NextAuth, { } from "next-auth"; import CredentialsProvider from "next-auth/providers/credentials"; import { Provider } from "next-auth/providers/index"; +import requestIp from "request-ip"; import { db } from "@hoarder/db"; import { @@ -17,7 +18,7 @@ import { verificationTokens, } from "@hoarder/db/schema"; import serverConfig from "@hoarder/shared/config"; -import { validatePassword } from "@hoarder/trpc/auth"; +import { logAuthenticationError, validatePassword } from "@hoarder/trpc/auth"; type UserRole = "admin" | "user"; @@ -77,7 +78,7 @@ const providers: Provider[] = [ email: { label: "Email", type: "email", placeholder: "Email" }, password: { label: "Password", type: "password" }, }, - async authorize(credentials) { + async authorize(credentials, req) { if (!credentials) { return null; } @@ -88,6 +89,12 @@ const providers: Provider[] = [ credentials?.password, ); } catch (e) { + const error = e as Error; + logAuthenticationError( + credentials?.email, + error.message, + requestIp.getClientIp({ headers: req.headers }), + ); return null; } }, -- cgit v1.2.3-70-g09d2