mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-11-09 23:20:27 +00:00
Log user's ip address when they login
This commit is contained in:
parent
178e25f8f7
commit
96a9c12300
@ -188,7 +188,7 @@ class User(db.Model):
|
||||
logging.error(e)
|
||||
raise
|
||||
|
||||
def is_validate(self, method):
|
||||
def is_validate(self, method, src_ip=''):
|
||||
"""
|
||||
Validate user credential
|
||||
"""
|
||||
@ -197,12 +197,12 @@ class User(db.Model):
|
||||
|
||||
if user_info:
|
||||
if user_info.password and self.check_password(user_info.password):
|
||||
logging.info('User "{0}" logged in successfully'.format(self.username))
|
||||
logging.info('User "{0}" logged in successfully. Authentication request from {1}'.format(self.username, src_ip))
|
||||
return True
|
||||
logging.error('User "{0}" input a wrong password'.format(self.username))
|
||||
logging.error('User "{0}" inputted a wrong password. Authentication request from {1}'.format(self.username, src_ip))
|
||||
return False
|
||||
|
||||
logging.warning('User "{0}" does not exist'.format(self.username))
|
||||
logging.warning('User "{0}" does not exist. Authentication request from {1}'.format(self.username, src_ip))
|
||||
return False
|
||||
|
||||
if method == 'LDAP':
|
||||
@ -220,7 +220,7 @@ class User(db.Model):
|
||||
|
||||
result = self.ldap_search(searchFilter, LDAP_SEARCH_BASE)
|
||||
if not result:
|
||||
logging.warning('LDAP User "{0}" does not exist'.format(self.username))
|
||||
logging.warning('LDAP User "{0}" does not exist. Authentication request from {1}'.format(self.username, src_ip))
|
||||
return False
|
||||
|
||||
try:
|
||||
@ -242,11 +242,13 @@ class User(db.Model):
|
||||
logging.error('User {0} is not part of the "{1}" or "{2}" groups that allow access to PowerDNS-Admin'.format(self.username,LDAP_ADMIN_GROUP,LDAP_USER_GROUP))
|
||||
return False
|
||||
except Exception as e:
|
||||
logging.error('LDAP group lookup for user "{0}" has failed'.format(e))
|
||||
logging.error('LDAP group lookup for user "{0}" has failed. Authentication request from {1}'.format(self.username, src_ip))
|
||||
logging.debug(e)
|
||||
return False
|
||||
logging.info('User "{0}" logged in successfully'.format(self.username))
|
||||
except Exception as e:
|
||||
logging.error('User "{0}" input a wrong LDAP password'.format(e))
|
||||
logging.error('User "{0}" input a wrong LDAP password. Authentication request from {1}'.format(self.username, src_ip))
|
||||
logging.debug(e)
|
||||
return False
|
||||
|
||||
# create user if not exist in the db
|
||||
|
@ -120,7 +120,7 @@ def login_via_authorization_header(request):
|
||||
return None
|
||||
user = User(username=username, password=password, plain_text_password=password)
|
||||
try:
|
||||
auth = user.is_validate(method='LOCAL')
|
||||
auth = user.is_validate(method='LOCAL', src_ip=request.remote_addr)
|
||||
if auth == False:
|
||||
return None
|
||||
else:
|
||||
@ -340,7 +340,7 @@ def login():
|
||||
user = User(username=username, password=password, plain_text_password=password)
|
||||
|
||||
try:
|
||||
auth = user.is_validate(method=auth_method)
|
||||
auth = user.is_validate(method=auth_method, src_ip=request.remote_addr)
|
||||
if auth == False:
|
||||
return render_template('login.html', error='Invalid credentials',
|
||||
github_enabled=GITHUB_ENABLE,
|
||||
|
Loading…
Reference in New Issue
Block a user