Merge 7d690d3d6b into c442589593

Implement logging of failed login attempts
2025-07-12 15:33:14 +00:00 · 2025-07-10 08:06:40 +00:00 · 2025-02-07 18:52:22 +01:00
1 changed files with 11 additions and 0 deletions
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@ -21,6 +21,11 @@ class Auth::SessionsController < Devise::SessionsController
  end

  def create
+    user = warden.authenticate(scope: :user)
+    unless user
+      log_failed_authentication(email)
+    end
+    
    super do |resource|
      # We only need to call this if this hasn't already been
      # called from one of the two-factor or sign-in token
@ -182,6 +187,12 @@ class Auth::SessionsController < Devise::SessionsController
    UserMailer.failed_2fa(user, request.remote_ip, request.user_agent, Time.now.utc).deliver_later!
  end

+  def log_failed_authentication(user)
+    ip_address = request.remote_ip
+    auth_logger = Logger.new(Rails.root.join('log', 'authentication.log'))
+    auth_logger.warn("Failed login attempt for user: #{user || 'Unknown'}, IP: #{ip_address}")
+  end
+  
  def second_factor_attempts_key(user)
    "2fa_auth_attempts:#{user.id}:#{Time.now.utc.hour}"
  end
Author	SHA1	Message	Date
Tobias	1cfe1b793d	Merge `7d690d3d6b` into `c442589593`	2025-07-10 08:06:40 +00:00
Toastyyy3	7d690d3d6b	Implement logging of failed login attempts	2025-02-07 18:52:22 +01:00