Skip to content

Commit feb0e07

Browse files
jaapmarcusjaapmarcus
committed
Log failed login attempts
1 parent f98668d commit feb0e07

File tree

7 files changed

+40
-25
lines changed

7 files changed

+40
-25
lines changed

bin/v-list-user-auth-log

Lines changed: 23 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -25,15 +25,17 @@ json_list() {
2525
for str in $logs; do
2626
IP=$(echo "$str" |cut -f 2 -d \')
2727
FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
28-
DATE=$(echo "$str" |cut -f 6 -d \')
29-
TIME=$(echo "$str" |cut -f 8 -d \')
30-
ACTIVE=$(echo "$str" |cut -f 10 -d \')
28+
STATUS=$(echo "$str" |cut -f 6 -d \')
29+
DATE=$(echo "$str" |cut -f 8 -d \')
30+
TIME=$(echo "$str" |cut -f 10 -d \')
31+
ACTIVE=$(echo "$str" |cut -f 12 -d \')
3132
echo -n ' "'$i'": {
3233
"IP": "'$IP'",
3334
"FINGERPRINT": "'$FINGERPRINT'",
3435
"TIME": "'$TIME'",
3536
"DATE": "'$DATE'",
36-
"ACTIVE": "'$ACTIVE'"
37+
"ACTIVE": "'$ACTIVE'",
38+
"STATUS": "'$STATUS'"
3739
}'
3840
if [ "$i" -lt "$objects" ]; then
3941
echo ','
@@ -47,15 +49,16 @@ json_list() {
4749

4850
shell_list() {
4951
IFS=$'\n'
50-
echo "DATE~TIME~IP~FINGERPRINT~ACTIVE"
52+
echo "DATE~TIME~IP~FINGERPRINT~ACTIVE~STATUS"
5153
echo "----~----~--~-----------~------"
5254
for str in $logs; do
5355
IP=$(echo "$str" |cut -f 2 -d \')
5456
FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
55-
DATE=$(echo "$str" |cut -f 6 -d \')
56-
TIME=$(echo "$str" |cut -f 8 -d \')
57-
ACTIVE=$(echo "$str" |cut -f 10 -d \')
58-
echo "$DATE~$TIME~$IP~$FINGERPRINT~$ACTIVE"
57+
STATUS=$(echo "$str" |cut -f 6 -d \')
58+
DATE=$(echo "$str" |cut -f 8 -d \')
59+
TIME=$(echo "$str" |cut -f 10 -d \')
60+
ACTIVE=$(echo "$str" |cut -f 12 -d \')
61+
echo "$DATE~$TIME~$IP~$FINGERPRINT~$ACTIVE~$STATUS"
5962
done
6063
}
6164

@@ -65,24 +68,26 @@ plain_list() {
6568
for str in $logs; do
6669
IP=$(echo "$str" |cut -f 2 -d \')
6770
FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
68-
DATE=$(echo "$str" |cut -f 6 -d \')
69-
TIME=$(echo "$str" |cut -f 8 -d \')
70-
ACTIVE=$(echo "$str" |cut -f 10 -d \')
71-
echo -e "$DATE\t$TIME\t$IP\t$FINGERPRINT\t$ACTIVE"
71+
STATUS=$(echo "$str" |cut -f 6 -d \')
72+
DATE=$(echo "$str" |cut -f 8 -d \')
73+
TIME=$(echo "$str" |cut -f 10 -d \')
74+
ACTIVE=$(echo "$str" |cut -f 12 -d \')
75+
echo -e "$DATE\t$TIME\t$IP\t$FINGERPRINT\t$ACTIVE\t$STATUS"
7276
done
7377
}
7478

7579
# CSV list function
7680
csv_list() {
7781
IFS=$'\n'
78-
echo "ID,CMD,UNDO,TIME,DATE"
82+
echo "DATE,TIME,IP,FINGERPRINT,ACTIVE,STATUS"
7983
for str in $logs; do
8084
IP=$(echo "$str" |cut -f 2 -d \')
8185
FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
82-
DATE=$(echo "$str" |cut -f 6 -d \')
83-
TIME=$(echo "$str" |cut -f 8 -d \')
84-
ACTIVE=$(echo "$str" |cut -f 10 -d \')
85-
echo "$DATE,$TIME,$IP,$FINGERPRINT,$ACTIVE"
86+
STATUS=$(echo "$str" |cut -f 6 -d \')
87+
DATE=$(echo "$str" |cut -f 8 -d \')
88+
TIME=$(echo "$str" |cut -f 10 -d \')
89+
ACTIVE=$(echo "$str" |cut -f 12 -d \')
90+
echo "$DATE,$TIME,$IP,$FINGERPRINT,$ACTIVE,$STATUS"
8691

8792
done
8893
}

bin/v-log-user-login

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,13 @@
11
#!/bin/bash
22
# info: add user login
3-
# options: USER IP [FINGERPRINT]
3+
# options: USER IP STATUS [FINGERPRINT]
44

55
# Argument definition
66
user=$1
77
ip=$2
8-
fingerprint=${3}
8+
status=$3
9+
fingerprint=${4}
10+
911

1012
# Includes
1113
source $HESTIA/func/main.sh
@@ -34,9 +36,9 @@ fi
3436
# Action #
3537
#----------------------------------------------------------#
3638

37-
awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $USER_DATA/auth.log
39+
awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="ACTIVE='no'" '$2 == TIME {$5=ACTIVE}1' $USER_DATA/auth.log
3840

39-
echo "IP='$ip' FINGERPRINT='$fingerprint' DATE='$date' TIME='$time' active='yes'" >> $USER_DATA/auth.log
41+
echo "IP='$ip' FINGERPRINT='$fingerprint' STATUS='$status' DATE='$date' TIME='$time' ACTIVE='yes'" >> $USER_DATA/auth.log
4042

4143
#----------------------------------------------------------#
4244
# Hestia #

bin/v-log-user-logout

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ fi
2626
# Action #
2727
#----------------------------------------------------------#
2828

29-
awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $USER_DATA/auth.log
29+
awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="ACTIVE='no'" '$2 == TIME {$5=active}1' $USER_DATA/auth.log
3030

3131
#----------------------------------------------------------#
3232
# Hestia #

web/delete/user/log/index.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@
2626
$v_ip = escapeshellarg($ip);
2727

2828
$v_murmur = escapeshellarg($_SESSION['MURMUR']);
29-
exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." ".$v_murmur, $output, $return_var);
29+
exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." sucess ".$v_murmur, $output, $return_var);
3030

3131
// Render page
3232
//render_page($user, $TAB, 'list_auth');

web/login/index.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,6 +89,9 @@ function authenticate_user($user, $password, $twofa = ''){
8989
if ( $return_var > 0 ) {
9090
sleep(2);
9191
$error = "<a class=\"error\">"._('Invalid username or password')."</a>";
92+
$v_murmur = escapeshellarg($_POST['murmur']);
93+
exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_murmur, $output, $return_var);
94+
9295
return $error;
9396
} else {
9497

@@ -108,6 +111,7 @@ function authenticate_user($user, $password, $twofa = ''){
108111
$error = "<a class=\"error\">"._('Invalid or missing 2FA token')."</a>";
109112
$_SESSION['login']['username'] = $user;
110113
$_SESSION['login']['password'] = $password;
114+
exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_murmur, $output, $return_var);
111115
return $error;
112116
unset($_POST['twofa']);
113117
}
@@ -124,7 +128,7 @@ function authenticate_user($user, $password, $twofa = ''){
124128
$v_user = $_SESSION['user'];
125129
//log successfull login attempt
126130
$v_murmur = escapeshellarg($_POST['murmur']);
127-
exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." ".$v_murmur, $output, $return_var);
131+
exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." succes ".$v_murmur, $output, $return_var);
128132

129133
$_SESSION['LAST_ACTIVITY'] = time();
130134
$_SESSION['MURMUR'] = $_POST['murmur'];

web/templates/admin/list_auth.html

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,7 @@
3030
<div class="clearfix l-unit__stat-col--left small"><b><?php print _('Date');?></b></div>
3131
<div class="clearfix l-unit__stat-col--left compact"><b><?php print _('Time');?></b></div>
3232
<div class="clearfix l-unit__stat-col--left "><b><?php print _('IP address');?></b></div>
33+
<div class="clearfix l-unit__stat-col--left "><b><?php print _('Status');?></b></div>
3334
<div class="clearfix l-unit__stat-col--left "><b><?php print _('Active');?></b></div>
3435
<div class="clearfix l-unit__stat-col--left wide-4"><b><?php print _('Browser Fingerprint');?></b></div>
3536
</div>
@@ -46,6 +47,7 @@
4647
<div class="clearfix l-unit__stat-col--left small"><b><?=translate_date($data[$key]['DATE'])?></b></div>
4748
<div class="clearfix l-unit__stat-col--left compact"><b><?=$data[$key]['TIME']?></b></div>
4849
<div class="clearfix l-unit__stat-col--left "><?=$data[$key]['IP']?></div>
50+
<div class="clearfix l-unit__stat-col--left "><?=$data[$key]['STATUS']?></div>
4951
<div class="clearfix l-unit__stat-col--left "><?=$data[$key]['ACTIVE']?></div>
5052
<div class="clearfix l-unit__stat-col--left "><?=$data[$key]['FINGERPRINT']?></div>
5153

web/templates/user/list_auth.html

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@
2020
<div class="clearfix l-unit__stat-col--left small"><b><?php print _('Date');?></b></div>
2121
<div class="clearfix l-unit__stat-col--left compact"><b><?php print _('Time');?></b></div>
2222
<div class="clearfix l-unit__stat-col--left "><b><?php print _('IP address');?></b></div>
23+
<div class="clearfix l-unit__stat-col--left "><b><?php print _('Status');?></b></div>
2324
<div class="clearfix l-unit__stat-col--left "><b><?php print _('Active');?></b></div>
2425
<div class="clearfix l-unit__stat-col--left wide-4"><b><?php print _('Browser Fingerprint');?></b></div>
2526
</div>
@@ -36,6 +37,7 @@
3637
<div class="clearfix l-unit__stat-col--left small"><b><?=translate_date($data[$key]['DATE'])?></b></div>
3738
<div class="clearfix l-unit__stat-col--left compact"><b><?=$data[$key]['TIME']?></b></div>
3839
<div class="clearfix l-unit__stat-col--left "><?=$data[$key]['IP']?></div>
40+
<div class="clearfix l-unit__stat-col--left "><?=$data[$key]['STATUS']?></div>
3941
<div class="clearfix l-unit__stat-col--left "><?=$data[$key]['ACTIVE']?></div>
4042
<div class="clearfix l-unit__stat-col--left "><?=$data[$key]['FINGERPRINT']?></div>
4143

0 commit comments

Comments
 (0)