From 96a9c12300e8f11fc0e2bbc9d862487d34addbe9 Mon Sep 17 00:00:00 2001 From: Khanh Ngo Date: Thu, 5 Jul 2018 14:25:05 +0700 Subject: [PATCH] Log user's ip address when they login --- app/models.py | 16 +++++++++------- app/views.py | 4 ++-- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/app/models.py b/app/models.py index 6282262..108448c 100644 --- a/app/models.py +++ b/app/models.py @@ -188,7 +188,7 @@ class User(db.Model): logging.error(e) raise - def is_validate(self, method): + def is_validate(self, method, src_ip=''): """ Validate user credential """ @@ -197,12 +197,12 @@ class User(db.Model): if user_info: if user_info.password and self.check_password(user_info.password): - logging.info('User "{0}" logged in successfully'.format(self.username)) + logging.info('User "{0}" logged in successfully. Authentication request from {1}'.format(self.username, src_ip)) return True - logging.error('User "{0}" input a wrong password'.format(self.username)) + logging.error('User "{0}" inputted a wrong password. Authentication request from {1}'.format(self.username, src_ip)) return False - logging.warning('User "{0}" does not exist'.format(self.username)) + logging.warning('User "{0}" does not exist. Authentication request from {1}'.format(self.username, src_ip)) return False if method == 'LDAP': @@ -220,7 +220,7 @@ class User(db.Model): result = self.ldap_search(searchFilter, LDAP_SEARCH_BASE) if not result: - logging.warning('LDAP User "{0}" does not exist'.format(self.username)) + logging.warning('LDAP User "{0}" does not exist. Authentication request from {1}'.format(self.username, src_ip)) return False try: @@ -242,11 +242,13 @@ class User(db.Model): logging.error('User {0} is not part of the "{1}" or "{2}" groups that allow access to PowerDNS-Admin'.format(self.username,LDAP_ADMIN_GROUP,LDAP_USER_GROUP)) return False except Exception as e: - logging.error('LDAP group lookup for user "{0}" has failed'.format(e)) + logging.error('LDAP group lookup for user "{0}" has failed. Authentication request from {1}'.format(self.username, src_ip)) + logging.debug(e) return False logging.info('User "{0}" logged in successfully'.format(self.username)) except Exception as e: - logging.error('User "{0}" input a wrong LDAP password'.format(e)) + logging.error('User "{0}" input a wrong LDAP password. Authentication request from {1}'.format(self.username, src_ip)) + logging.debug(e) return False # create user if not exist in the db diff --git a/app/views.py b/app/views.py index b5a4427..d011a5d 100644 --- a/app/views.py +++ b/app/views.py @@ -120,7 +120,7 @@ def login_via_authorization_header(request): return None user = User(username=username, password=password, plain_text_password=password) try: - auth = user.is_validate(method='LOCAL') + auth = user.is_validate(method='LOCAL', src_ip=request.remote_addr) if auth == False: return None else: @@ -340,7 +340,7 @@ def login(): user = User(username=username, password=password, plain_text_password=password) try: - auth = user.is_validate(method=auth_method) + auth = user.is_validate(method=auth_method, src_ip=request.remote_addr) if auth == False: return render_template('login.html', error='Invalid credentials', github_enabled=GITHUB_ENABLE,