diff --git a/auth_brute_force/README.rst b/auth_brute_force/README.rst
index 60b0a73aa..3fb779986 100644
--- a/auth_brute_force/README.rst
+++ b/auth_brute_force/README.rst
@@ -37,6 +37,11 @@ Once installed, you can change the ir.config_parameter value for the key
'auth_brute_force.max_attempt_qty' (10 by default) that define the max number
of attempts allowed before the user was banned.
+You can also add a ir.config_parameter value for the key
+'auth_brute_force.environ_log' which allow to log also specific request
+environment variables. The format comma-delimited list of varible names
+example: REMOTE_ADDR,REMOTE_PORT
+
Usage
-----
@@ -97,6 +102,7 @@ Contributors
------------
* Sylvain LE GAL (https://twitter.com/legalsylvain)
+* Sylvain CALADOR (https://akretion.com)
Maintainer
----------
diff --git a/auth_brute_force/controllers/controllers.py b/auth_brute_force/controllers/controllers.py
index f752eee95..14fa09e0f 100644
--- a/auth_brute_force/controllers/controllers.py
+++ b/auth_brute_force/controllers/controllers.py
@@ -49,6 +49,11 @@ class LoginController(Home):
[('key', '=', 'auth_brute_force.max_attempt_qty')],
['value'])[0]['value'])
+ environ_log = config_obj.search_read(
+ cursor, SUPERUSER_ID,
+ [('key', '=', 'auth_brute_force.environ_log')],
+ ['value'])
+
# Test if remote user is banned
banned = banned_remote_obj.search(cursor, SUPERUSER_ID, [
('remote', '=', remote)])
@@ -68,10 +73,20 @@ class LoginController(Home):
# Log attempt
cursor.commit()
+
+ environ = ''
+ if environ_log:
+ value = environ_log[0]['value']
+ log_keys = [k.strip() for k in value.split(',')]
+ for key, value in request.httprequest.environ.items():
+ if key in log_keys:
+ environ += '%s=%s\n' % (key, value)
+
attempt_obj.create(cursor, SUPERUSER_ID, {
'attempt_date': fields.Datetime.now(),
'login': request.params['login'],
'remote': remote,
+ 'environ': environ,
'result': banned and 'banned' or (
result and 'successfull' or 'failed'),
})
diff --git a/auth_brute_force/models/res_authentication_attempt.py b/auth_brute_force/models/res_authentication_attempt.py
index 84e735bd3..ad5a90018 100644
--- a/auth_brute_force/models/res_authentication_attempt.py
+++ b/auth_brute_force/models/res_authentication_attempt.py
@@ -41,6 +41,8 @@ class ResAuthenticationAttempt(models.Model):
remote = fields.Char(string='Remote ID')
+ environ = fields.Text(string='Environment')
+
result = fields.Selection(
selection=_ATTEMPT_RESULT, string='Authentication Result')
diff --git a/auth_brute_force/views/view.xml b/auth_brute_force/views/view.xml
index 7b7de28c3..c6267b9cf 100644
--- a/auth_brute_force/views/view.xml
+++ b/auth_brute_force/views/view.xml
@@ -29,6 +29,7 @@
+
@@ -48,6 +49,7 @@
+