Log failed logins - Githubissues

datastorm-open / shinymanager

Simple and secure authentification mechanism for single shiny applications.

https://datastorm-open.github.io/shinymanager/

386 stars 79 forks source link

Log failed logins #177

Closed panuffel closed 11 months ago

panuffel commented 1 year ago

Hi. With shinymanager, I can log users that successfully logged into my application, but I need to track failed logins to cover possible hacks. What I found in the manuals is the possibility to limit the number of password failures via:

options("shinymanager.pwd_failure_limit" = 5)

However, this did not work for me (maybe I placed it wrong...). Could you please provide a working example with limited failures or a way to log failures?

panuffel commented 1 year ago

I found a 'solution' now by adding print commands into function credentials_df and overwriting it via assignInNamespace("check_credentials_df", my_check_credentials_df, ns = "shinymanager")

marcusyoung commented 11 months ago

options("shinymanager.pwd_failure_limit" = 5) should be placed in secure_app(), not secure_server(). It works for me. The number of failed attempts are recorded in the pwd_mngt table in the database:

conn <- DBI::dbConnect(RSQLite::SQLite(), dbname = "dbase/location/name.sqlite")

read_db_decrypt(
  conn,
  name = "pwd_mngt",
  passphrase = "yourpassphrase"
)