comparison MoinMoin/auth/__init__.py @ 6045:f029e42ecdec

add logging for login to detect potential abuse
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Fri, 06 Jun 2014 13:33:16 +0200
parents 105451cabedb
children a9bfc8e99775
comparison
equal deleted inserted replaced
6044:c30de53bd126 6045:f029e42ecdec
138 logging = log.getLogger(__name__) 138 logging = log.getLogger(__name__)
139 139
140 from werkzeug import redirect, abort, url_quote, url_quote_plus 140 from werkzeug import redirect, abort, url_quote, url_quote_plus
141 141
142 from MoinMoin import user, wikiutil 142 from MoinMoin import user, wikiutil
143 from MoinMoin.util.abuse import log_attempt
143 144
144 145
145 def get_multistage_continuation_url(request, auth_name, extra_fields={}): 146 def get_multistage_continuation_url(request, auth_name, extra_fields={}):
146 """get_continuation_url - return a multistage continuation URL 147 """get_continuation_url - return a multistage continuation URL
147 148
243 return ContinueLogin(user_obj, _('Missing password. Please enter user name and password.')) 244 return ContinueLogin(user_obj, _('Missing password. Please enter user name and password.'))
244 245
245 u = user.User(request, name=username, password=password, auth_method=self.name) 246 u = user.User(request, name=username, password=password, auth_method=self.name)
246 if u.valid: 247 if u.valid:
247 logging.debug("%s: successfully authenticated user %r (valid)" % (self.name, u.name)) 248 logging.debug("%s: successfully authenticated user %r (valid)" % (self.name, u.name))
249 log_attempt("auth: login (moin)", True, request, username)
248 return ContinueLogin(u) 250 return ContinueLogin(u)
249 else: 251 else:
250 logging.debug("%s: could not authenticate user %r (not valid)" % (self.name, username)) 252 logging.debug("%s: could not authenticate user %r (not valid)" % (self.name, username))
253 log_attempt("auth: login (moin)", False, request, username)
251 return ContinueLogin(user_obj, _("Invalid username or password.")) 254 return ContinueLogin(user_obj, _("Invalid username or password."))
252 255
253 def login_hint(self, request): 256 def login_hint(self, request):
254 _ = request.getText 257 _ = request.getText
255 #if request.cfg.openidrp_registration_url: 258 #if request.cfg.openidrp_registration_url:
368 if u and self.autocreate: 371 if u and self.autocreate:
369 logging.debug("autocreating user") 372 logging.debug("autocreating user")
370 u.create_or_update() 373 u.create_or_update()
371 if u and u.valid: 374 if u and u.valid:
372 logging.debug("returning valid user %r" % u) 375 logging.debug("returning valid user %r" % u)
376 log_attempt("auth: request (given)", True, request, auth_username)
373 return u, True # True to get other methods called, too 377 return u, True # True to get other methods called, too
374 else: 378 else:
375 logging.debug("returning %r" % user_obj) 379 logging.debug("returning %r" % user_obj)
380 if u and not u.valid:
381 log_attempt("auth: request (given)", False, request, auth_username)
376 return user_obj, True 382 return user_obj, True
377 383
378 384
379 def handle_login(request, userobj=None, username=None, password=None, 385 def handle_login(request, userobj=None, username=None, password=None,
380 attended=True, openid_identifier=None, stage=None): 386 attended=True, openid_identifier=None, stage=None):