Browse Source

Merge pull request #1183 from akretion/8.0-auth-brute-force-log-request-environment

8.0 auth brute force log request environment
pull/1213/head
beau sebastien 7 years ago
committed by GitHub
parent
commit
6f0acfd6de
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 11
      auth_brute_force/README.rst
  2. 15
      auth_brute_force/controllers/controllers.py
  3. 2
      auth_brute_force/models/res_authentication_attempt.py
  4. 2
      auth_brute_force/views/view.xml

11
auth_brute_force/README.rst

@ -37,6 +37,16 @@ Once installed, you can change the ir.config_parameter value for the key
'auth_brute_force.max_attempt_qty' (10 by default) that define the max number 'auth_brute_force.max_attempt_qty' (10 by default) that define the max number
of attempts allowed before the user was banned. of attempts allowed before the user was banned.
You can also add a ir.config_parameter value for the key
'auth_brute_force.environ_log' which allows to log also specific request
environment variables.
The format is a comma-delimited list of variable names
example: REMOTE_ADDR,REMOTE_PORT
or you can just use the jocker '*' for log or discover all variables,
most variable names depends of WSGI specification and reverse-proxy configuration.
Usage Usage
----- -----
@ -97,6 +107,7 @@ Contributors
------------ ------------
* Sylvain LE GAL (https://twitter.com/legalsylvain) * Sylvain LE GAL (https://twitter.com/legalsylvain)
* Sylvain CALADOR (https://akretion.com)
Maintainer Maintainer
---------- ----------

15
auth_brute_force/controllers/controllers.py

@ -49,6 +49,11 @@ class LoginController(Home):
[('key', '=', 'auth_brute_force.max_attempt_qty')], [('key', '=', 'auth_brute_force.max_attempt_qty')],
['value'])[0]['value']) ['value'])[0]['value'])
environ_log = config_obj.search_read(
cursor, SUPERUSER_ID,
[('key', '=', 'auth_brute_force.environ_log')],
['value'])
# Test if remote user is banned # Test if remote user is banned
banned = banned_remote_obj.search(cursor, SUPERUSER_ID, [ banned = banned_remote_obj.search(cursor, SUPERUSER_ID, [
('remote', '=', remote)]) ('remote', '=', remote)])
@ -68,10 +73,20 @@ class LoginController(Home):
# Log attempt # Log attempt
cursor.commit() cursor.commit()
environ = ''
if environ_log:
filter_value = environ_log[0]['value']
filter_keys = [k.strip() for k in filter_value.split(',')]
for key, value in request.httprequest.environ.items():
if key in filter_keys or filter_value == '*':
environ += '%s=%s\n' % (key, value)
attempt_obj.create(cursor, SUPERUSER_ID, { attempt_obj.create(cursor, SUPERUSER_ID, {
'attempt_date': fields.Datetime.now(), 'attempt_date': fields.Datetime.now(),
'login': request.params['login'], 'login': request.params['login'],
'remote': remote, 'remote': remote,
'environ': environ,
'result': banned and 'banned' or ( 'result': banned and 'banned' or (
result and 'successfull' or 'failed'), result and 'successfull' or 'failed'),
}) })

2
auth_brute_force/models/res_authentication_attempt.py

@ -41,6 +41,8 @@ class ResAuthenticationAttempt(models.Model):
remote = fields.Char(string='Remote ID') remote = fields.Char(string='Remote ID')
environ = fields.Text(string='Environment')
result = fields.Selection( result = fields.Selection(
selection=_ATTEMPT_RESULT, string='Authentication Result') selection=_ATTEMPT_RESULT, string='Authentication Result')

2
auth_brute_force/views/view.xml

@ -29,6 +29,7 @@
<field name="remote" /> <field name="remote" />
<field name="login" /> <field name="login" />
<field name="result" /> <field name="result" />
<field name="environ" />
</tree> </tree>
</field> </field>
</record> </record>
@ -48,6 +49,7 @@
<field name="arch" type="xml"> <field name="arch" type="xml">
<search> <search>
<field name="login"/> <field name="login"/>
<field name="environ"/>
<filter name="filter_no_success" string="Without Success" domain="[('result','!=', 'successfull')]"/> <filter name="filter_no_success" string="Without Success" domain="[('result','!=', 'successfull')]"/>
<filter name="filter_banned" string="Banned" domain="[('result','=', 'banned')]"/> <filter name="filter_banned" string="Banned" domain="[('result','=', 'banned')]"/>
<filter name="filter_failed" string="Failed" domain="[('result','=', 'failed')]"/> <filter name="filter_failed" string="Failed" domain="[('result','=', 'failed')]"/>

Loading…
Cancel
Save