mirror of
https://github.com/BookStackApp/BookStack.git
synced 2025-05-03 07:49:57 +00:00
Merge branch 'auth' of git://github.com/benrubson/BookStack into benrubson-auth
This commit is contained in:
commit
2f6ff07347
4 changed files with 36 additions and 1 deletions
|
@ -270,4 +270,10 @@ API_DEFAULT_ITEM_COUNT=100
|
||||||
API_MAX_ITEM_COUNT=500
|
API_MAX_ITEM_COUNT=500
|
||||||
|
|
||||||
# The number of API requests that can be made per minute by a single user.
|
# The number of API requests that can be made per minute by a single user.
|
||||||
API_REQUESTS_PER_MIN=180
|
API_REQUESTS_PER_MIN=180
|
||||||
|
|
||||||
|
# Failed access
|
||||||
|
# message to log into webserver logs in case of failed access, for further processing by tools like Fail2Ban
|
||||||
|
# Apache users should use : user "%u" authentication failure for "BookStack"
|
||||||
|
# Nginx users should use : user "%u" was not found in "BookStack"
|
||||||
|
FAILED_ACCESS_MESSAGE=''
|
||||||
|
|
|
@ -159,4 +159,21 @@ class ActivityService
|
||||||
session()->flash('success', $message);
|
session()->flash('success', $message);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Log failed accesses, for further processing by tools like Fail2Ban
|
||||||
|
*
|
||||||
|
* @param username
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function logFailedAccess($username)
|
||||||
|
{
|
||||||
|
$log_msg = config('logging.failed_access_message');
|
||||||
|
|
||||||
|
if (!is_string($username) || !is_string($log_msg) || strlen($log_msg)<1)
|
||||||
|
return;
|
||||||
|
|
||||||
|
$log_msg = str_replace("%u", $username, $log_msg);
|
||||||
|
error_log($log_msg, 4);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -86,4 +86,9 @@ return [
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
|
|
||||||
|
// Failed Access Message
|
||||||
|
// Defines the message to log into webserver logs in case of failed access,
|
||||||
|
// for further processing by tools like Fail2Ban.
|
||||||
|
'failed_access_message' => env('FAILED_ACCESS_MESSAGE', ''),
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
namespace BookStack\Http\Controllers\Auth;
|
namespace BookStack\Http\Controllers\Auth;
|
||||||
|
|
||||||
|
use Activity;
|
||||||
use BookStack\Auth\Access\SocialAuthService;
|
use BookStack\Auth\Access\SocialAuthService;
|
||||||
use BookStack\Exceptions\LoginAttemptEmailNeededException;
|
use BookStack\Exceptions\LoginAttemptEmailNeededException;
|
||||||
use BookStack\Exceptions\LoginAttemptException;
|
use BookStack\Exceptions\LoginAttemptException;
|
||||||
|
@ -106,6 +107,9 @@ class LoginController extends Controller
|
||||||
$this->hasTooManyLoginAttempts($request)) {
|
$this->hasTooManyLoginAttempts($request)) {
|
||||||
$this->fireLockoutEvent($request);
|
$this->fireLockoutEvent($request);
|
||||||
|
|
||||||
|
// Also log some error message
|
||||||
|
Activity::logFailedAccess($request->get($this->username()));
|
||||||
|
|
||||||
return $this->sendLockoutResponse($request);
|
return $this->sendLockoutResponse($request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -122,6 +126,9 @@ class LoginController extends Controller
|
||||||
// user surpasses their maximum number of attempts they will get locked out.
|
// user surpasses their maximum number of attempts they will get locked out.
|
||||||
$this->incrementLoginAttempts($request);
|
$this->incrementLoginAttempts($request);
|
||||||
|
|
||||||
|
// Also log some error message
|
||||||
|
Activity::logFailedAccess($request->get($this->username()));
|
||||||
|
|
||||||
return $this->sendFailedLoginResponse($request);
|
return $this->sendFailedLoginResponse($request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue