Add logs to API

2024-08-30 18:23:09 +00:00 · 2023-11-05 13:33:30 -05:00 · 2023-11-05 13:33:30 -05:00 · bfbb130db9
commit bfbb130db9
parent e9105ffbe4
1 changed files with 25 additions and 1 deletions
--- a/app/classes/web/routes/api/auth/login.py
+++ b/app/classes/web/routes/api/auth/login.py
@ -7,7 +7,7 @@ from app.classes.shared.helpers import Helpers
 from app.classes.web.base_api_handler import BaseApiHandler

 logger = logging.getLogger(__name__)
-
+auth_log = logging.getLogger("auth")
 login_schema = {
    "type": "object",
    "properties": {
@ -29,6 +29,10 @@ class ApiAuthLoginHandler(BaseApiHandler):
        try:
            data = json.loads(self.request.body)
        except json.decoder.JSONDecodeError as e:
+            logger.error(
+                "Invalid JSON schema for API"
+                f" login attempt from {self.get_remote_ip()}"
+            )
            return self.finish_json(
                400, {"status": "error", "error": "INVALID_JSON", "error_data": str(e)}
            )
@ -36,6 +40,10 @@ class ApiAuthLoginHandler(BaseApiHandler):
        try:
            validate(data, login_schema)
        except ValidationError as e:
+            logger.error(
+                "Invalid JSON schema for API"
+                f" login attempt from {self.get_remote_ip()}"
+            )
            return self.finish_json(
                400,
                {
@ -52,12 +60,23 @@ class ApiAuthLoginHandler(BaseApiHandler):
        user_data = Users.get_or_none(Users.username == username)

        if user_data is None:
+            self.controller.log_attempt(self.get_remote_ip(), username)
+            auth_log.error(
+                f"User attempted to log into {username}."
+                " Authentication failed from remote IP"
+                f" {self.get_remote_ip()}. User not found"
+            )
            return self.finish_json(
                401,
                {"status": "error", "error": "INCORRECT_CREDENTIALS", "token": None},
            )

        if not user_data.enabled:
+            auth_log.error(
+                f"User attempted to log into {username}."
+                " Authentication failed from remote"
+                f" IP {self.get_remote_ip()} account disabled"
+            )
            self.finish_json(
                403, {"status": "error", "error": "ACCOUNT_DISABLED", "token": None}
            )
@ -67,6 +86,11 @@ class ApiAuthLoginHandler(BaseApiHandler):

        # Valid Login
        if login_result:
+            auth_log.info(
+                f"{username} successfully"
+                " authenticated and logged"
+                f" into panel from remote IP {self.get_remote_ip()}"
+            )
            logger.info(f"User: {user_data} Logged in from IP: {self.get_remote_ip()}")

            # record this login