Merge pull request #9009 from Chocobo1/login

Add logging messages in WebUI login action
2025-01-11 07:18:08 +00:00 · 2018-06-03 19:47:05 +08:00 · 2018-06-03 19:47:05 +08:00 · c4e4e7432d
commit c4e4e7432d
parent 658702dcbb 5c72a52ea2
1 changed files with 22 additions and 9 deletions
--- a/src/webui/api/authcontroller.cpp
+++ b/src/webui/api/authcontroller.cpp
@ -30,6 +30,7 @@

 #include <QCryptographicHash>

+#include "base/logger.h"
 #include "base/preferences.h"
 #include "base/utils/string.h"
 #include "apierror.h"
@ -45,29 +46,41 @@ void AuthController::loginAction()
        return;
    }

-    if (isBanned())
+    const QString clientAddr {sessionManager()->clientId()};
+    const QString usernameFromWeb {params()["username"]};
+    const QString passwordFromWeb {params()["password"]};
+
+    if (isBanned()) {
+        LogMsg(tr("WebAPI login failure. Reason: IP has been banned, IP: %1, username: %2")
+                .arg(clientAddr, usernameFromWeb)
+            , Log::WARNING);
        throw APIError(APIErrorType::AccessDenied
                       , tr("Your IP address has been banned after too many failed authentication attempts."));
-
-    QCryptographicHash md5(QCryptographicHash::Md5);
-    md5.addData(params()["password"].toLocal8Bit());
-    QString pass = md5.result().toHex();
+    }

    const QString username {Preferences::instance()->getWebUiUsername()};
    const QString password {Preferences::instance()->getWebUiPassword()};

-    const bool equalUser = Utils::String::slowEquals(params()["username"].toUtf8(), username.toUtf8());
-    const bool equalPass = Utils::String::slowEquals(pass.toUtf8(), password.toUtf8());
+    QCryptographicHash md5(QCryptographicHash::Md5);
+    md5.addData(passwordFromWeb.toLocal8Bit());
+    const QString passwordFromWebHashed = md5.result().toHex();
+
+    const bool equalUser = Utils::String::slowEquals(usernameFromWeb.toUtf8(), username.toUtf8());
+    const bool equalPass = Utils::String::slowEquals(passwordFromWebHashed.toUtf8(), password.toUtf8());

    if (equalUser && equalPass) {
+        m_clientFailedLogins.remove(clientAddr);
+
        sessionManager()->sessionStart();
        setResult(QLatin1String("Ok."));
+        LogMsg(tr("WebAPI login success. IP: %1").arg(clientAddr));
    }
    else {
-        QString addr = sessionManager()->clientId();
        increaseFailedAttempts();
-        qDebug("client IP: %s (%d failed attempts)", qUtf8Printable(addr), failedAttemptsCount());
        setResult(QLatin1String("Fails."));
+        LogMsg(tr("WebAPI login failure. Reason: invalid credentials, attempt count: %1, IP: %2, username: %3")
+                .arg(QString::number(failedAttemptsCount()), clientAddr, usernameFromWeb)
+            , Log::WARNING);
    }
 }