Log user's ip address when they login

This commit is contained in:
Khanh Ngo 2018-07-05 14:25:05 +07:00
parent 178e25f8f7
commit 96a9c12300
2 changed files with 11 additions and 9 deletions

View File

@ -188,7 +188,7 @@ class User(db.Model):
logging.error(e)
raise
def is_validate(self, method):
def is_validate(self, method, src_ip=''):
"""
Validate user credential
"""
@ -197,12 +197,12 @@ class User(db.Model):
if user_info:
if user_info.password and self.check_password(user_info.password):
logging.info('User "{0}" logged in successfully'.format(self.username))
logging.info('User "{0}" logged in successfully. Authentication request from {1}'.format(self.username, src_ip))
return True
logging.error('User "{0}" input a wrong password'.format(self.username))
logging.error('User "{0}" inputted a wrong password. Authentication request from {1}'.format(self.username, src_ip))
return False
logging.warning('User "{0}" does not exist'.format(self.username))
logging.warning('User "{0}" does not exist. Authentication request from {1}'.format(self.username, src_ip))
return False
if method == 'LDAP':
@ -220,7 +220,7 @@ class User(db.Model):
result = self.ldap_search(searchFilter, LDAP_SEARCH_BASE)
if not result:
logging.warning('LDAP User "{0}" does not exist'.format(self.username))
logging.warning('LDAP User "{0}" does not exist. Authentication request from {1}'.format(self.username, src_ip))
return False
try:
@ -242,11 +242,13 @@ class User(db.Model):
logging.error('User {0} is not part of the "{1}" or "{2}" groups that allow access to PowerDNS-Admin'.format(self.username,LDAP_ADMIN_GROUP,LDAP_USER_GROUP))
return False
except Exception as e:
logging.error('LDAP group lookup for user "{0}" has failed'.format(e))
logging.error('LDAP group lookup for user "{0}" has failed. Authentication request from {1}'.format(self.username, src_ip))
logging.debug(e)
return False
logging.info('User "{0}" logged in successfully'.format(self.username))
except Exception as e:
logging.error('User "{0}" input a wrong LDAP password'.format(e))
logging.error('User "{0}" input a wrong LDAP password. Authentication request from {1}'.format(self.username, src_ip))
logging.debug(e)
return False
# create user if not exist in the db

View File

@ -120,7 +120,7 @@ def login_via_authorization_header(request):
return None
user = User(username=username, password=password, plain_text_password=password)
try:
auth = user.is_validate(method='LOCAL')
auth = user.is_validate(method='LOCAL', src_ip=request.remote_addr)
if auth == False:
return None
else:
@ -340,7 +340,7 @@ def login():
user = User(username=username, password=password, plain_text_password=password)
try:
auth = user.is_validate(method=auth_method)
auth = user.is_validate(method=auth_method, src_ip=request.remote_addr)
if auth == False:
return render_template('login.html', error='Invalid credentials',
github_enabled=GITHUB_ENABLE,