mirror of
https://github.com/immich-app/immich.git
synced 2025-01-07 20:36:48 +01:00
feat(server)Log username and IP address on failed login attempt
This commit is contained in:
parent
1ec7122381
commit
95d8f60389
2 changed files with 5 additions and 3 deletions
|
@ -1,4 +1,4 @@
|
||||||
import { Body, Controller, Post, Res, UseGuards, ValidationPipe } from '@nestjs/common';
|
import { Body, Controller, Post, Res, UseGuards, ValidationPipe, Ip } from '@nestjs/common';
|
||||||
import { ApiBadRequestResponse, ApiBearerAuth, ApiTags } from '@nestjs/swagger';
|
import { ApiBadRequestResponse, ApiBearerAuth, ApiTags } from '@nestjs/swagger';
|
||||||
import { AuthUserDto, GetAuthUser } from '../../decorators/auth-user.decorator';
|
import { AuthUserDto, GetAuthUser } from '../../decorators/auth-user.decorator';
|
||||||
import { JwtAuthGuard } from '../../modules/immich-jwt/guards/jwt-auth.guard';
|
import { JwtAuthGuard } from '../../modules/immich-jwt/guards/jwt-auth.guard';
|
||||||
|
@ -19,9 +19,10 @@ export class AuthController {
|
||||||
@Post('/login')
|
@Post('/login')
|
||||||
async login(
|
async login(
|
||||||
@Body(new ValidationPipe({ transform: true })) loginCredential: LoginCredentialDto,
|
@Body(new ValidationPipe({ transform: true })) loginCredential: LoginCredentialDto,
|
||||||
|
@Ip() clientIp: string,
|
||||||
@Res() response: Response,
|
@Res() response: Response,
|
||||||
): Promise<LoginResponseDto> {
|
): Promise<LoginResponseDto> {
|
||||||
const loginResponse = await this.authService.login(loginCredential);
|
const loginResponse = await this.authService.login(loginCredential, clientIp);
|
||||||
|
|
||||||
// Set Cookies
|
// Set Cookies
|
||||||
const accessTokenCookie = this.authService.getCookieWithJwtToken(loginResponse);
|
const accessTokenCookie = this.authService.getCookieWithJwtToken(loginResponse);
|
||||||
|
|
|
@ -50,10 +50,11 @@ export class AuthService {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public async login(loginCredential: LoginCredentialDto): Promise<LoginResponseDto> {
|
public async login(loginCredential: LoginCredentialDto, clientIp: string): Promise<LoginResponseDto> {
|
||||||
const validatedUser = await this.validateUser(loginCredential);
|
const validatedUser = await this.validateUser(loginCredential);
|
||||||
|
|
||||||
if (!validatedUser) {
|
if (!validatedUser) {
|
||||||
|
Logger.warn(`Failed login attempt for user ${loginCredential.email} from ip address ${clientIp}`)
|
||||||
throw new BadRequestException('Incorrect email or password');
|
throw new BadRequestException('Incorrect email or password');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue