login attempts are now logged

rbCAS / CASino

CASino is a Ruby-based Single Sign-On solution supporting the CAS standard

MIT License

329 stars 189 forks source link

login attempts are now logged #159

Closed philippks closed 8 years ago

philippks commented 8 years ago

Logs attempts to login and displays them on the main view:

Plus Index for Login Attempts:

pencil commented 8 years ago

Thanks, this looks awesome!

There is one minor problem: Usernames in CASino are not unique. Technically the same username can be used by different authentication backends. I see two possible solutions for this:

a) No longer allow duplicated usernames and make them unique. This would require a new major release since it's not backward compatible. b) Log failed login attempts to all existing user account. Log successful attempts to the actual account that logged in.

philippks commented 8 years ago

Hey @pencil, thank you for your feedback!

After discussing with @calmyournerves, we think it is not in scope of CASino to care about the uniqueness of the usernames over multiple authenticators. So your secondly proposed solution is more pragmatically. I will make the corresponding changes.

calmyournerves commented 8 years ago

@pencil did you already have a chance to look at this again? Thanks!

pencil commented 8 years ago

Awesome, thanks.