diff options
author | dzaikos <you@example.com> | 2018-08-25 16:59:17 -0400 |
---|---|---|
committer | Frédéric Guillot <fred@miniflux.net> | 2018-08-26 09:46:00 -0700 |
commit | aae62aae08c7581822db0318dba21782d613b4bb (patch) | |
tree | e604b3688471092daf2f5f23a90a065050bf49f5 | |
parent | 62ec185154385a178bf5525ed83682e5828942b0 (diff) |
Added remote client IP to API login failure error message.
Addresses #205
Changed error level reporting on API login failure to Error from Info to match the web login reporting.
-rw-r--r-- | middleware/basic_auth.go | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/middleware/basic_auth.go b/middleware/basic_auth.go index c02913f..9c3d8da 100644 --- a/middleware/basic_auth.go +++ b/middleware/basic_auth.go @@ -8,6 +8,7 @@ import ( "context" "net/http" + "miniflux.app/http/request" "miniflux.app/http/response/json" "miniflux.app/logger" ) @@ -17,6 +18,8 @@ func (m *Middleware) BasicAuth(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) + remoteAddr := request.RealIP(r) + username, password, authOK := r.BasicAuth() if !authOK { logger.Debug("[Middleware:BasicAuth] No authentication headers sent") @@ -25,7 +28,7 @@ func (m *Middleware) BasicAuth(next http.Handler) http.Handler { } if err := m.store.CheckPassword(username, password); err != nil { - logger.Info("[Middleware:BasicAuth] Invalid username or password: %s", username) + logger.Error("[Middleware:BasicAuth] [Remote=%v] Invalid username or password: %s", remoteAddr, username) json.Unauthorized(w) return } @@ -38,7 +41,7 @@ func (m *Middleware) BasicAuth(next http.Handler) http.Handler { } if user == nil { - logger.Info("[Middleware:BasicAuth] User not found: %s", username) + logger.Error("[Middleware:BasicAuth] [Remote=%v] User not found: %s", remoteAddr, username) json.Unauthorized(w) return } |