mirror of
https://github.com/wallabag/wallabag.git
synced 2024-12-16 20:56:28 +00:00
Merge pull request #3195 from wallabag/authentication-error
Log an error level message when user auth fail
This commit is contained in:
Jérémy Benoist
GitHub
commit
5c762616c3
3 changed files with 114 additions and 0 deletions
|
|
@ -0,0 +1,40 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Wallabag\UserBundle\EventListener;
|
||||||
|
|
||||||
|
use Psr\Log\LoggerInterface;
|
||||||
|
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
||||||
|
use Symfony\Component\HttpFoundation\RequestStack;
|
||||||
|
use Symfony\Component\Security\Core\AuthenticationEvents;
|
||||||
|
|
||||||
|
class AuthenticationFailureListener implements EventSubscriberInterface
|
||||||
|
{
|
||||||
|
private $requestStack;
|
||||||
|
private $logger;
|
||||||
|
|
||||||
|
public function __construct(RequestStack $requestStack, LoggerInterface $logger)
|
||||||
|
{
|
||||||
|
$this->requestStack = $requestStack;
|
||||||
|
$this->logger = $logger;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public static function getSubscribedEvents()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
AuthenticationEvents::AUTHENTICATION_FAILURE => 'onAuthenticationFailure',
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* On failure, add a custom error in log so server admin can configure fail2ban to block IP from people who try to login too much.
|
||||||
|
*/
|
||||||
|
public function onAuthenticationFailure()
|
||||||
|
{
|
||||||
|
$request = $this->requestStack->getMasterRequest();
|
||||||
|
|
||||||
|
$this->logger->error('Authentication failure for user "'.$request->request->get('_username').'", from IP "'.$request->getClientIp().'", with UA: "'.$request->server->get('HTTP_USER_AGENT').'".');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -35,3 +35,11 @@ services:
|
||||||
- "%wallabag_core.list_mode%"
|
- "%wallabag_core.list_mode%"
|
||||||
tags:
|
tags:
|
||||||
- { name: kernel.event_subscriber }
|
- { name: kernel.event_subscriber }
|
||||||
|
|
||||||
|
wallabag_user.listener.authentication_failure_event_listener:
|
||||||
|
class: Wallabag\UserBundle\EventListener\AuthenticationFailureListener
|
||||||
|
arguments:
|
||||||
|
- "@request_stack"
|
||||||
|
- "@logger"
|
||||||
|
tags:
|
||||||
|
- { name: kernel.event_listener, event: security.authentication.failure, method: onAuthenticationFailure }
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,66 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Tests\Wallabag\UserBundle\EventListener;
|
||||||
|
|
||||||
|
use Symfony\Component\EventDispatcher\EventDispatcher;
|
||||||
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
|
use Wallabag\UserBundle\EventListener\AuthenticationFailureListener;
|
||||||
|
use Monolog\Logger;
|
||||||
|
use Monolog\Handler\TestHandler;
|
||||||
|
use Symfony\Component\HttpFoundation\RequestStack;
|
||||||
|
use Symfony\Component\Security\Core\AuthenticationEvents;
|
||||||
|
use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
|
||||||
|
|
||||||
|
class AuthenticationFailureListenerTest extends \PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
private $requestStack;
|
||||||
|
private $logHandler;
|
||||||
|
private $listener;
|
||||||
|
private $dispatcher;
|
||||||
|
|
||||||
|
protected function setUp()
|
||||||
|
{
|
||||||
|
$request = Request::create('/');
|
||||||
|
$request->request->set('_username', 'admin');
|
||||||
|
|
||||||
|
$this->requestStack = new RequestStack();
|
||||||
|
$this->requestStack->push($request);
|
||||||
|
|
||||||
|
$this->logHandler = new TestHandler();
|
||||||
|
$logger = new Logger('test', [$this->logHandler]);
|
||||||
|
|
||||||
|
$this->listener = new AuthenticationFailureListener(
|
||||||
|
$this->requestStack,
|
||||||
|
$logger
|
||||||
|
);
|
||||||
|
|
||||||
|
$this->dispatcher = new EventDispatcher();
|
||||||
|
$this->dispatcher->addSubscriber($this->listener);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testOnAuthenticationFailure()
|
||||||
|
{
|
||||||
|
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')
|
||||||
|
->disableOriginalConstructor()
|
||||||
|
->getMock();
|
||||||
|
|
||||||
|
$exception = $this->getMockBuilder('Symfony\Component\Security\Core\Exception\AuthenticationException')
|
||||||
|
->disableOriginalConstructor()
|
||||||
|
->getMock();
|
||||||
|
|
||||||
|
$event = new AuthenticationFailureEvent(
|
||||||
|
$token,
|
||||||
|
$exception
|
||||||
|
);
|
||||||
|
|
||||||
|
$this->dispatcher->dispatch(
|
||||||
|
AuthenticationEvents::AUTHENTICATION_FAILURE,
|
||||||
|
$event
|
||||||
|
);
|
||||||
|
|
||||||
|
$records = $this->logHandler->getRecords();
|
||||||
|
|
||||||
|
$this->assertCount(1, $records);
|
||||||
|
$this->assertSame('Authentication failure for user "admin", from IP "127.0.0.1", with UA: "Symfony/3.X".', $records[0]['message']);
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue