From 64298dcb9e72a5a87a4680563d91fae5b90e0160 Mon Sep 17 00:00:00 2001 From: Daniel <39636934+itzonban@users.noreply.github.com> Date: Wed, 11 Sep 2024 19:58:45 +0200 Subject: [PATCH] Failed authentications are logged to level Warning (#32016) PR for issue #31968 Replaces PR #31983 to comply with gitea's error definition Failed authentications are now logged to level `Warning` instead of `Info`. --- routers/web/auth/auth.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/routers/web/auth/auth.go b/routers/web/auth/auth.go index b86c1ff1c23..5cbe2f5388c 100644 --- a/routers/web/auth/auth.go +++ b/routers/web/auth/auth.go @@ -228,12 +228,12 @@ func SignInPost(ctx *context.Context) { if err != nil { if errors.Is(err, util.ErrNotExist) || errors.Is(err, util.ErrInvalidArgument) { ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), tplSignIn, &form) - log.Info("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err) + log.Warn("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err) } else if user_model.IsErrEmailAlreadyUsed(err) { ctx.RenderWithErr(ctx.Tr("form.email_been_used"), tplSignIn, &form) - log.Info("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err) + log.Warn("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err) } else if user_model.IsErrUserProhibitLogin(err) { - log.Info("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err) + log.Warn("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err) ctx.Data["Title"] = ctx.Tr("auth.prohibit_login") ctx.HTML(http.StatusOK, "user/auth/prohibit_login") } else if user_model.IsErrUserInactive(err) { @@ -241,7 +241,7 @@ func SignInPost(ctx *context.Context) { ctx.Data["Title"] = ctx.Tr("auth.active_your_account") ctx.HTML(http.StatusOK, TplActivate) } else { - log.Info("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err) + log.Warn("Failed authentication attempt for %s from %s: %v", form.UserName, ctx.RemoteAddr(), err) ctx.Data["Title"] = ctx.Tr("auth.prohibit_login") ctx.HTML(http.StatusOK, "user/auth/prohibit_login") }