Browse Source
feat: add ip address in logs when email 2fa token is invalid or not available (#5779 )
* Update email.rs
Add ip_src on logs when email 2fa token is invalid or not available
Changes for fail2ban purposes
* Update email.rs
removed current_time
* fix: compile error
---------
Co-authored-by: setsecurity <set.ghost@gmail.com>
Helmut K. C. Tessarek
2 months ago
GitHub
GPG Key ID:
2 changed files with
10 additions and
4 deletions
src/api/core/two_factor/email.rs
src/api/identity.rs
@ -197,14 +197,20 @@ async fn email(data: Json<EmailData>, headers: Headers, mut conn: DbConn) -> Jso
}
/// Validate the email code when used as TwoFactor token mechanism
pub async fn validate_email_code_str ( user_id : & UserId , token : & str , data : & str , conn : & mut DbConn ) -> EmptyResult {
pub async fn validate_email_code_str (
user_id : & UserId ,
token : & str ,
data : & str ,
ip : & std ::net ::IpAddr ,
conn : & mut DbConn ,
) -> EmptyResult {
let mut email_data = EmailTokenData ::from_json ( data ) ? ;
let mut twofactor = TwoFactor ::find_by_user_and_type ( user_id , TwoFactorType ::Email as i32 , conn )
. await
. map_res ( "Two factor not found" ) ? ;
let Some ( issued_token ) = & email_data . last_token else {
err ! (
"No token available" ,
format ! ( "No token available! IP: {} " , ip ) ,
ErrorEvent {
event : EventType ::UserFailedLogIn2fa
}
@ -220,7 +226,7 @@ pub async fn validate_email_code_str(user_id: &UserId, token: &str, data: &str,
twofactor . save ( conn ) . await ? ;
err ! (
"Token is invalid" ,
format ! ( "Token is invalid! IP: {} " , ip ) ,
ErrorEvent {
event : EventType ::UserFailedLogIn2fa
}
@ -575,7 +575,7 @@ async fn twofactor_auth(
}
}
Some ( TwoFactorType ::Email ) = > {
email ::validate_email_code_str ( & user . uuid , twofactor_code , & selected_data ? , conn ) . await ?
email ::validate_email_code_str ( & user . uuid , twofactor_code , & selected_data ? , & ip . ip , conn ) . await ?
}
Some ( TwoFactorType ::Remember ) = > {
Helmut K. C. Tessarek
2 months ago
GitHub