diff options
| author | Jeremy Benoist <jeremy.benoist@gmail.com> | 2017-06-08 22:24:49 +0200 |
|---|---|---|
| committer | Jeremy Benoist <jeremy.benoist@gmail.com> | 2017-06-08 22:24:49 +0200 |
| commit | 63f9f22fa37b14171c6f92d24f99ccf01ae7af00 (patch) | |
| tree | ddefd381025de91686995c883bb7122dd986898b /app/config/security.yml | |
| parent | 3f474025d889c3eff20b481f005f4d292f1ef29d (diff) | |
| download | wallabag-63f9f22fa37b14171c6f92d24f99ccf01ae7af00.tar.gz wallabag-63f9f22fa37b14171c6f92d24f99ccf01ae7af00.tar.zst wallabag-63f9f22fa37b14171c6f92d24f99ccf01ae7af00.zip | |
Log an error level message when user auth fail
When a user login using the form we know log an error level information with information about the user:
- username used
- IP
- User agent
For example:
> Authentication failure for user "eza", from IP "127.0.0.1", with UA: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36".
It’ll allows server admin using fail2ban to configure it to block these people if they generate too much failure authentication.
Diffstat (limited to 'app/config/security.yml')
| -rw-r--r-- | app/config/security.yml | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/app/config/security.yml b/app/config/security.yml index ffb1d356..171a69e2 100644 --- a/app/config/security.yml +++ b/app/config/security.yml | |||
| @@ -41,6 +41,7 @@ security: | |||
| 41 | form_login: | 41 | form_login: |
| 42 | provider: fos_userbundle | 42 | provider: fos_userbundle |
| 43 | csrf_token_generator: security.csrf.token_manager | 43 | csrf_token_generator: security.csrf.token_manager |
| 44 | failure_handler: wallabag_user.security.custom_auth_failure_handler | ||
| 44 | 45 | ||
| 45 | anonymous: true | 46 | anonymous: true |
| 46 | remember_me: | 47 | remember_me: |