[Enhancement]: Logging to show login attempts

gotify / server

A simple server for sending and receiving messages in real-time per WebSocket. (Includes a sleek web-ui)

https://gotify.net

Other

10.43k stars 593 forks source link

[Enhancement]: Logging to show login attempts #656

Closed talkingseedling closed 1 month ago

talkingseedling commented 1 month ago

Type of Enhancement: Server Backend

Describe the Feature/Enhancement: Currently there is no log output for successful or unsuccessful login attempts. Ideally they'd be present, and include timestamp, username, ip address, X-Forwarded-For.

Why would this be helpful?: Use case is parsing logs in elastic/logstash/kibana/beats to generate notifications for login attempts.

Future Implementation: {timestamp} WARN: [AuthService] Failed login attempt for user {username} from ip address {ip address} (Reason: wrong password)

jmattheis commented 1 month ago

There is. You can filter the access log by the 401 status code. Gotify logs this to stdout.

2024-05-20T18:13:17+02:00 | 401 |     300.313µs |       127.0.0.1 | POST     "/client"
Error #01: you need to provide a valid access token or user credentials to access this api
2024-05-20T18:14:17+02:00 | 401 |     168.481µs |             ::1 | POST     "/message"
Error #01: you need to provide a valid access token or user credentials to access this api

In most cases there isn't a username, so logging it doesn't really make sense.