couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rnew...@apache.org
Subject couch commit: updated refs/heads/master to f02f5f9
Date Mon, 17 Aug 2015 19:51:32 GMT
Repository: couchdb-couch
Updated Branches:
  refs/heads/master bda4957ad -> f02f5f94a


Log when password is wrong but user is valid

COUCHDB-2777


Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch/commit/f02f5f94
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch/tree/f02f5f94
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch/diff/f02f5f94

Branch: refs/heads/master
Commit: f02f5f94a727fc2b2d080afae49c9392581090aa
Parents: bda4957
Author: Robert Newson <rnewson@apache.org>
Authored: Mon Aug 17 20:29:45 2015 +0100
Committer: Robert Newson <rnewson@apache.org>
Committed: Mon Aug 17 20:29:45 2015 +0100

----------------------------------------------------------------------
 src/couch_httpd_auth.erl | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/f02f5f94/src/couch_httpd_auth.erl
----------------------------------------------------------------------
diff --git a/src/couch_httpd_auth.erl b/src/couch_httpd_auth.erl
index 6e09c62..0035719 100644
--- a/src/couch_httpd_auth.erl
+++ b/src/couch_httpd_auth.erl
@@ -104,7 +104,8 @@ default_authentication_handler(Req, AuthModule) ->
                             name=UserName,
                             roles=couch_util:get_value(<<"roles">>, UserProps2,
[])
                         }};
-                    _Else ->
+                    false ->
+                        authentication_warning(Req, UserName),
                         throw({unauthorized, <<"Name or password is incorrect.">>})
                 end
         end;
@@ -327,7 +328,8 @@ handle_session_req(#httpd{method='POST', mochi_req=MochiReq}=Req, AuthModule)
->
                     {name, UserName},
                     {roles, couch_util:get_value(<<"roles">>, UserProps2, [])}
                 ]});
-        _Else ->
+        false ->
+            authentication_warning(Req, UserName),
             % clear the session
             Cookie = mochiweb_cookies:cookie("AuthSession", "", [{path, "/"}] ++ cookie_scheme(Req)),
             {Code, Headers} = case couch_httpd:qs_value(Req, "fail", nil) of
@@ -514,3 +516,8 @@ integer_to_binary(Int, Len) when is_integer(Int), is_integer(Len) ->
     Padding = binary:copy(<<"0">>, Len),
     Padded = <<Padding/binary, Unpadded/binary>>,
     binary:part(Padded, byte_size(Padded), -Len).
+
+authentication_warning(#httpd{mochi_req = Req}, User) ->
+    Peer = Req:get(peer),
+    couch_log:warning("~p: Authentication failed for user ~s from ~s",
+        [?MODULE, User, Peer]).


Mime
View raw message