lgladsden/jellyfin-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1499 from crobibero/log-password-ip

Browse Source 
Log IP address on failed login attempt
This commit is contained in:
Joshua M. Boniface 2019-08-23 23:40:45 -04:00 committed by GitHub
commit 1dfd5000ff
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
MediaBrowser.Api/UserService.cs
View File

@ -13,6 +13,7 @@ using MediaBrowser.Model.Configuration;
using MediaBrowser.Model.Dto; using MediaBrowser.Model.Dto;
using MediaBrowser.Model.Services; using MediaBrowser.Model.Services;
using MediaBrowser.Model.Users; using MediaBrowser.Model.Users;
using Microsoft.Extensions.Logging;
namespace MediaBrowser.Api namespace MediaBrowser.Api
{ {
@ -247,8 +248,9 @@ namespace MediaBrowser.Api
private readonly INetworkManager _networkManager; private readonly INetworkManager _networkManager;
private readonly IDeviceManager _deviceManager; private readonly IDeviceManager _deviceManager;
private readonly IAuthorizationContext _authContext; private readonly IAuthorizationContext _authContext;
private readonly ILogger _logger;
public UserService(IUserManager userManager, ISessionManager sessionMananger, IServerConfigurationManager config, INetworkManager networkManager, IDeviceManager deviceManager, IAuthorizationContext authContext) public UserService(IUserManager userManager, ISessionManager sessionMananger, IServerConfigurationManager config, INetworkManager networkManager, IDeviceManager deviceManager, IAuthorizationContext authContext, ILoggerFactory loggerFactory)
{ {
_userManager = userManager; _userManager = userManager;
_sessionMananger = sessionMananger; _sessionMananger = sessionMananger;
@ -256,6 +258,7 @@ namespace MediaBrowser.Api
_networkManager = networkManager; _networkManager = networkManager;
_deviceManager = deviceManager; _deviceManager = deviceManager;
_authContext = authContext; _authContext = authContext;
_logger = loggerFactory.CreateLogger(nameof(UserService));
} }
public object Get(GetPublicUsers request) public object Get(GetPublicUsers request)
@ -399,19 +402,27 @@ namespace MediaBrowser.Api
{ {
var auth = _authContext.GetAuthorizationInfo(Request); var auth = _authContext.GetAuthorizationInfo(Request);
var result = await _sessionMananger.AuthenticateNewSession(new AuthenticationRequest try
{ {
App = auth.Client, var result = await _sessionMananger.AuthenticateNewSession(new AuthenticationRequest
AppVersion = auth.Version, {
DeviceId = auth.DeviceId, App = auth.Client,
DeviceName = auth.Device, AppVersion = auth.Version,
Password = request.Pw, DeviceId = auth.DeviceId,
PasswordSha1 = request.Password, DeviceName = auth.Device,
RemoteEndPoint = Request.RemoteIp, Password = request.Pw,
Username = request.Username PasswordSha1 = request.Password,
}).ConfigureAwait(false); RemoteEndPoint = Request.RemoteIp,
Username = request.Username
}).ConfigureAwait(false);
return ToOptimizedResult(result); return ToOptimizedResult(result);
}
catch(SecurityException e)
{
// rethrow adding IP address to message
throw new SecurityException($"[{Request.RemoteIp}] {e.Message}");
}
} }
/// <summary> /// <summary>