From 4f974122f8ed9699466d98cbd49339b15230fa6e Mon Sep 17 00:00:00 2001 From: crobibero Date: Fri, 28 Jun 2019 11:13:08 -0600 Subject: [PATCH] log password on failed login attempt --- MediaBrowser.Api/UserService.cs | 37 +++++++++++++++++++++------------ 1 file changed, 24 insertions(+), 13 deletions(-) diff --git a/MediaBrowser.Api/UserService.cs b/MediaBrowser.Api/UserService.cs index 21a94a4e08..f08d070ca6 100644 --- a/MediaBrowser.Api/UserService.cs +++ b/MediaBrowser.Api/UserService.cs @@ -13,6 +13,7 @@ using MediaBrowser.Model.Configuration; using MediaBrowser.Model.Dto; using MediaBrowser.Model.Services; using MediaBrowser.Model.Users; +using Microsoft.Extensions.Logging; namespace MediaBrowser.Api { @@ -247,8 +248,9 @@ namespace MediaBrowser.Api private readonly INetworkManager _networkManager; private readonly IDeviceManager _deviceManager; private readonly IAuthorizationContext _authContext; + private readonly ILogger _logger; - public UserService(IUserManager userManager, ISessionManager sessionMananger, IServerConfigurationManager config, INetworkManager networkManager, IDeviceManager deviceManager, IAuthorizationContext authContext) + public UserService(IUserManager userManager, ISessionManager sessionMananger, IServerConfigurationManager config, INetworkManager networkManager, IDeviceManager deviceManager, IAuthorizationContext authContext, ILoggerFactory loggerFactory) { _userManager = userManager; _sessionMananger = sessionMananger; @@ -256,6 +258,7 @@ namespace MediaBrowser.Api _networkManager = networkManager; _deviceManager = deviceManager; _authContext = authContext; + _logger = loggerFactory.CreateLogger(nameof(UserService)); } public object Get(GetPublicUsers request) @@ -399,19 +402,27 @@ namespace MediaBrowser.Api { var auth = _authContext.GetAuthorizationInfo(Request); - var result = await _sessionMananger.AuthenticateNewSession(new AuthenticationRequest + try { - App = auth.Client, - AppVersion = auth.Version, - DeviceId = auth.DeviceId, - DeviceName = auth.Device, - Password = request.Pw, - PasswordSha1 = request.Password, - RemoteEndPoint = Request.RemoteIp, - Username = request.Username - }).ConfigureAwait(false); - - return ToOptimizedResult(result); + var result = await _sessionMananger.AuthenticateNewSession(new AuthenticationRequest + { + App = auth.Client, + AppVersion = auth.Version, + DeviceId = auth.DeviceId, + DeviceName = auth.Device, + Password = request.Pw, + PasswordSha1 = request.Password, + RemoteEndPoint = Request.RemoteIp, + Username = request.Username + }).ConfigureAwait(false); + + return ToOptimizedResult(result); + } + catch(SecurityException e) + { + // rethrow adding IP address to message + throw new SecurityException($"[{Request.RemoteIp}] {e.Message}"); + } } ///