mirror of
https://github.com/wallabag/wallabag.git
synced 2024-12-16 20:56:28 +00:00
Merge pull request #3195 from wallabag/authentication-error
Log an error level message when user auth fail
This commit is contained in:
commit
5c762616c3
3 changed files with 114 additions and 0 deletions
|
@ -0,0 +1,40 @@
|
|||
<?php
|
||||
|
||||
namespace Wallabag\UserBundle\EventListener;
|
||||
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
||||
use Symfony\Component\HttpFoundation\RequestStack;
|
||||
use Symfony\Component\Security\Core\AuthenticationEvents;
|
||||
|
||||
class AuthenticationFailureListener implements EventSubscriberInterface
|
||||
{
|
||||
private $requestStack;
|
||||
private $logger;
|
||||
|
||||
public function __construct(RequestStack $requestStack, LoggerInterface $logger)
|
||||
{
|
||||
$this->requestStack = $requestStack;
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public static function getSubscribedEvents()
|
||||
{
|
||||
return [
|
||||
AuthenticationEvents::AUTHENTICATION_FAILURE => 'onAuthenticationFailure',
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* On failure, add a custom error in log so server admin can configure fail2ban to block IP from people who try to login too much.
|
||||
*/
|
||||
public function onAuthenticationFailure()
|
||||
{
|
||||
$request = $this->requestStack->getMasterRequest();
|
||||
|
||||
$this->logger->error('Authentication failure for user "'.$request->request->get('_username').'", from IP "'.$request->getClientIp().'", with UA: "'.$request->server->get('HTTP_USER_AGENT').'".');
|
||||
}
|
||||
}
|
|
@ -35,3 +35,11 @@ services:
|
|||
- "%wallabag_core.list_mode%"
|
||||
tags:
|
||||
- { name: kernel.event_subscriber }
|
||||
|
||||
wallabag_user.listener.authentication_failure_event_listener:
|
||||
class: Wallabag\UserBundle\EventListener\AuthenticationFailureListener
|
||||
arguments:
|
||||
- "@request_stack"
|
||||
- "@logger"
|
||||
tags:
|
||||
- { name: kernel.event_listener, event: security.authentication.failure, method: onAuthenticationFailure }
|
||||
|
|
|
@ -0,0 +1,66 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Wallabag\UserBundle\EventListener;
|
||||
|
||||
use Symfony\Component\EventDispatcher\EventDispatcher;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Wallabag\UserBundle\EventListener\AuthenticationFailureListener;
|
||||
use Monolog\Logger;
|
||||
use Monolog\Handler\TestHandler;
|
||||
use Symfony\Component\HttpFoundation\RequestStack;
|
||||
use Symfony\Component\Security\Core\AuthenticationEvents;
|
||||
use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
|
||||
|
||||
class AuthenticationFailureListenerTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
private $requestStack;
|
||||
private $logHandler;
|
||||
private $listener;
|
||||
private $dispatcher;
|
||||
|
||||
protected function setUp()
|
||||
{
|
||||
$request = Request::create('/');
|
||||
$request->request->set('_username', 'admin');
|
||||
|
||||
$this->requestStack = new RequestStack();
|
||||
$this->requestStack->push($request);
|
||||
|
||||
$this->logHandler = new TestHandler();
|
||||
$logger = new Logger('test', [$this->logHandler]);
|
||||
|
||||
$this->listener = new AuthenticationFailureListener(
|
||||
$this->requestStack,
|
||||
$logger
|
||||
);
|
||||
|
||||
$this->dispatcher = new EventDispatcher();
|
||||
$this->dispatcher->addSubscriber($this->listener);
|
||||
}
|
||||
|
||||
public function testOnAuthenticationFailure()
|
||||
{
|
||||
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
|
||||
$exception = $this->getMockBuilder('Symfony\Component\Security\Core\Exception\AuthenticationException')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
|
||||
$event = new AuthenticationFailureEvent(
|
||||
$token,
|
||||
$exception
|
||||
);
|
||||
|
||||
$this->dispatcher->dispatch(
|
||||
AuthenticationEvents::AUTHENTICATION_FAILURE,
|
||||
$event
|
||||
);
|
||||
|
||||
$records = $this->logHandler->getRecords();
|
||||
|
||||
$this->assertCount(1, $records);
|
||||
$this->assertSame('Authentication failure for user "admin", from IP "127.0.0.1", with UA: "Symfony/3.X".', $records[0]['message']);
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue