mirror of
https://github.com/hrfee/jfa-go.git
synced 2024-12-22 17:10:10 +00:00
Log IPs
This commit is contained in:
parent
6e205760c3
commit
04c94ba55a
11
auth.go
11
auth.go
@ -134,6 +134,7 @@ type getTokenDTO struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (app *appContext) decodeValidateLoginHeader(gc *gin.Context) (username, password string, ok bool) {
|
func (app *appContext) decodeValidateLoginHeader(gc *gin.Context) (username, password string, ok bool) {
|
||||||
|
ip := strings.TrimSpace(gc.Request.Header.Get("X-Real-IP"))
|
||||||
header := strings.SplitN(gc.Request.Header.Get("Authorization"), " ", 2)
|
header := strings.SplitN(gc.Request.Header.Get("Authorization"), " ", 2)
|
||||||
auth, _ := base64.StdEncoding.DecodeString(header[1])
|
auth, _ := base64.StdEncoding.DecodeString(header[1])
|
||||||
creds := strings.SplitN(string(auth), ":", 2)
|
creds := strings.SplitN(string(auth), ":", 2)
|
||||||
@ -141,7 +142,7 @@ func (app *appContext) decodeValidateLoginHeader(gc *gin.Context) (username, pas
|
|||||||
password = creds[1]
|
password = creds[1]
|
||||||
ok = false
|
ok = false
|
||||||
if username == "" || password == "" {
|
if username == "" || password == "" {
|
||||||
app.debug.Println("Auth denied: blank username/password")
|
app.debug.Print("Auth denied: blank username/password ip=", ip, "\n")
|
||||||
respond(401, "Unauthorized", gc)
|
respond(401, "Unauthorized", gc)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -150,16 +151,17 @@ func (app *appContext) decodeValidateLoginHeader(gc *gin.Context) (username, pas
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (app *appContext) validateJellyfinCredentials(username, password string, gc *gin.Context) (user mediabrowser.User, ok bool) {
|
func (app *appContext) validateJellyfinCredentials(username, password string, gc *gin.Context) (user mediabrowser.User, ok bool) {
|
||||||
|
ip := strings.TrimSpace(gc.Request.Header.Get("X-Real-IP"))
|
||||||
ok = false
|
ok = false
|
||||||
user, status, err := app.authJf.Authenticate(username, password)
|
user, status, err := app.authJf.Authenticate(username, password)
|
||||||
if status != 200 || err != nil {
|
if status != 200 || err != nil {
|
||||||
if status == 401 || status == 400 {
|
if status == 401 || status == 400 {
|
||||||
app.info.Println("Auth denied: Invalid username/password (Jellyfin)")
|
app.info.Print("Auth denied: Invalid username/password (Jellyfin) ip=", ip, "\n")
|
||||||
respond(401, "Unauthorized", gc)
|
respond(401, "Unauthorized", gc)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if status == 403 {
|
if status == 403 {
|
||||||
app.info.Println("Auth denied: Jellyfin account disabled")
|
app.info.Print("Auth denied: Jellyfin account disabled ip=", ip, "\n")
|
||||||
respond(403, "yourAccountWasDisabled", gc)
|
respond(403, "yourAccountWasDisabled", gc)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -180,6 +182,7 @@ func (app *appContext) validateJellyfinCredentials(username, password string, gc
|
|||||||
// @tags Auth
|
// @tags Auth
|
||||||
// @Security getTokenAuth
|
// @Security getTokenAuth
|
||||||
func (app *appContext) getTokenLogin(gc *gin.Context) {
|
func (app *appContext) getTokenLogin(gc *gin.Context) {
|
||||||
|
ip := strings.TrimSpace(gc.Request.Header.Get("X-Real-IP"))
|
||||||
app.info.Println("Token requested (login attempt)")
|
app.info.Println("Token requested (login attempt)")
|
||||||
username, password, ok := app.decodeValidateLoginHeader(gc)
|
username, password, ok := app.decodeValidateLoginHeader(gc)
|
||||||
if !ok {
|
if !ok {
|
||||||
@ -196,7 +199,7 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if !app.jellyfinLogin && !match {
|
if !app.jellyfinLogin && !match {
|
||||||
app.info.Println("Auth denied: Invalid username/password")
|
app.info.Print("Auth denied: Invalid username/password ip=", ip, "\n")
|
||||||
respond(401, "Unauthorized", gc)
|
respond(401, "Unauthorized", gc)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user