Add auth logging

2024-08-30 18:23:09 +00:00 · 2024-02-01 00:08:34 -05:00 · 2024-02-01 00:08:34 -05:00 · 5c37b0e0fd
commit 5c37b0e0fd
parent d53404285c
2 changed files with 42 additions and 5 deletions
--- a/app/classes/shared/main_controller.py
+++ b/app/classes/shared/main_controller.py
@ -90,18 +90,51 @@ class Controller:

    def log_attempt(self, remote_ip, username):
        remote = self.auth_tracker.get(str(remote_ip), None)
-        if remote:
-            remote["names"].append(username)
-            remote["attempts"] += 1
-            remote["times"].append(datetime.now().strftime("%d/%m/%Y %H:%M:%S"))
+        if not remote:
+            self.auth_tracker[str(remote_ip)] = {
+                "login": {
+                    "names": [username],
+                    "attempts": 1,
+                    "times": [datetime.now().strftime("%d/%m/%Y %H:%M:%S")],
+                }
+            }
+            return
+        if remote.get("login", None):
+            remote["login"]["names"].append(username)
+            remote["login"]["attempts"] += 1
+            remote["login"]["times"].append(
+                datetime.now().strftime("%d/%m/%Y %H:%M:%S")
+            )
            self.auth_tracker[str(remote_ip)] = remote
        else:
-            self.auth_tracker[str(remote_ip)] = {
+            self.auth_tracker[str(remote_ip)]["login"] = {
                "names": [username],
                "attempts": 1,
                "times": [datetime.now().strftime("%d/%m/%Y %H:%M:%S")],
            }

+    def log_antilockout(self, remote_ip):
+        remote = self.auth_tracker.get(str(remote_ip), None)
+        if not remote:
+            self.auth_tracker[str(remote_ip)] = {
+                "anti-lockout": {
+                    "attempts": 1,
+                    "times": [datetime.now().strftime("%d/%m/%Y %H:%M:%S")],
+                }
+            }
+            return
+        if remote.get("anti-lockout", None):
+            remote["anti-lockout"]["attempts"] += 1
+            remote["anti-lockout"]["times"].append(
+                datetime.now().strftime("%d/%m/%Y %H:%M:%S")
+            )
+            self.auth_tracker[str(remote_ip)] = remote
+        else:
+            self.auth_tracker[str(remote_ip)]["anti-lockout"] = {
+                "attempts": 1,
+                "times": [datetime.now().strftime("%d/%m/%Y %H:%M:%S")],
+            }
+
    def write_auth_tracker(self):
        with open(
            os.path.join(os.path.curdir, "logs", "auth_tracker.log"),
--- a/app/classes/web/routes/api/crafty/antilockout/index.py
+++ b/app/classes/web/routes/api/crafty/antilockout/index.py
@ -2,10 +2,14 @@ import logging
 from app.classes.web.base_api_handler import BaseApiHandler

 logger = logging.getLogger(__name__)
+auth_log = logging.getLogger("auth")


 class ApiCraftyLockoutHandler(BaseApiHandler):
    def get(self):
+        auth_log.warning(f"Anti-Lockout request from {self.get_remote_ip()}")
+        self.controller.log_antilockout(self.get_remote_ip())
+
        if self.controller.users.get_id_by_name("anti-lockout-user"):
            return self.finish_json(
                425, {"status": "error", "data": "Lockout recovery already in progress"}