pierre/wallabag
1
0
Fork 0
forked from wallabag/wallabag
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Log an error level message when user auth fail

Browse Source 
When a user login using the form we know log an error level information with information about the user:
- username used
- IP
- User agent

For example:

> Authentication failure for user "eza", from IP "127.0.0.1", with UA: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36".

It’ll allows server admin using fail2ban to configure it to block these people if they generate too much failure authentication.
This commit is contained in:
Jeremy Benoist
2017-06-08 22:24:49 +02:00
parent 3f474025d8
commit 63f9f22fa3
3 changed files with 71 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/config/security.yml
View File

@ -41,6 +41,7 @@ security:
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
failure_handler: wallabag_user.security.custom_auth_failure_handler
anonymous: true
remember_me: