hrfee
/
jfa-go
mirror of https://github.com/hrfee/jfa-go.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Log IPs

This commit is contained in:
kimboslice99 2023-12-23 13:09:49 -05:00
parent 6e205760c3
commit 04c94ba55a
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
auth.go
View File

@ -134,6 +134,7 @@ type getTokenDTO struct {
} }
func (app *appContext) decodeValidateLoginHeader(gc *gin.Context) (username, password string, ok bool) { func (app *appContext) decodeValidateLoginHeader(gc *gin.Context) (username, password string, ok bool) {
ip := strings.TrimSpace(gc.Request.Header.Get("X-Real-IP"))
header := strings.SplitN(gc.Request.Header.Get("Authorization"), " ", 2) header := strings.SplitN(gc.Request.Header.Get("Authorization"), " ", 2)
auth, _ := base64.StdEncoding.DecodeString(header[1]) auth, _ := base64.StdEncoding.DecodeString(header[1])
creds := strings.SplitN(string(auth), ":", 2) creds := strings.SplitN(string(auth), ":", 2)
@ -141,7 +142,7 @@ func (app *appContext) decodeValidateLoginHeader(gc *gin.Context) (username, pas
password = creds[1] password = creds[1]
ok = false ok = false
if username == "" || password == "" { if username == "" || password == "" {
app.debug.Println("Auth denied: blank username/password") app.debug.Print("Auth denied: blank username/password ip=", ip, "\n")
respond(401, "Unauthorized", gc) respond(401, "Unauthorized", gc)
return return
} }
@ -150,16 +151,17 @@ func (app *appContext) decodeValidateLoginHeader(gc *gin.Context) (username, pas
} }
func (app *appContext) validateJellyfinCredentials(username, password string, gc *gin.Context) (user mediabrowser.User, ok bool) { func (app *appContext) validateJellyfinCredentials(username, password string, gc *gin.Context) (user mediabrowser.User, ok bool) {
ip := strings.TrimSpace(gc.Request.Header.Get("X-Real-IP"))
ok = false ok = false
user, status, err := app.authJf.Authenticate(username, password) user, status, err := app.authJf.Authenticate(username, password)
if status != 200 || err != nil { if status != 200 || err != nil {
if status == 401 || status == 400 { if status == 401 || status == 400 {
app.info.Println("Auth denied: Invalid username/password (Jellyfin)") app.info.Print("Auth denied: Invalid username/password (Jellyfin) ip=", ip, "\n")
respond(401, "Unauthorized", gc) respond(401, "Unauthorized", gc)
return return
} }
if status == 403 { if status == 403 {
app.info.Println("Auth denied: Jellyfin account disabled") app.info.Print("Auth denied: Jellyfin account disabled ip=", ip, "\n")
respond(403, "yourAccountWasDisabled", gc) respond(403, "yourAccountWasDisabled", gc)
return return
} }
@ -180,6 +182,7 @@ func (app *appContext) validateJellyfinCredentials(username, password string, gc
// @tags Auth // @tags Auth
// @Security getTokenAuth // @Security getTokenAuth
func (app *appContext) getTokenLogin(gc *gin.Context) { func (app *appContext) getTokenLogin(gc *gin.Context) {
ip := strings.TrimSpace(gc.Request.Header.Get("X-Real-IP"))
app.info.Println("Token requested (login attempt)") app.info.Println("Token requested (login attempt)")
username, password, ok := app.decodeValidateLoginHeader(gc) username, password, ok := app.decodeValidateLoginHeader(gc)
if !ok { if !ok {
@ -196,7 +199,7 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
} }
} }
if !app.jellyfinLogin && !match { if !app.jellyfinLogin && !match {
app.info.Println("Auth denied: Invalid username/password") app.info.Print("Auth denied: Invalid username/password ip=", ip, "\n")
respond(401, "Unauthorized", gc) respond(401, "Unauthorized", gc)
return return
} }