Show HTTP auth username and IP address in logs, not the password (EJAB-1231)

2010-05-12 10:27:47 +02:00 · 2010-05-12 10:27:47 +02:00 · c32332898b
parent 4bbf6684b4
commit c32332898b
1 changed files with 10 additions and 4 deletions
--- a/src/web/ejabberd_web_admin.erl
+++ b/src/web/ejabberd_web_admin.erl
@ -188,8 +188,11 @@ process(["server", SHost | RPath] = Path, #request{auth = Auth, lang = Lang, hos
 		     [{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
 		     ejabberd_web:make_xhtml([?XCT("h1", "Unauthorized")])};
 		{unauthorized, Error} ->
-		    ?WARNING_MSG("Access ~p failed with error: ~p",
-				 [Auth, Error]),
+		    {BadUser, _BadPass} = Auth,
+		    {IPT, _Port} = Request#request.ip,
+		    IPS = inet_parse:ntoa(IPT),
+		    ?WARNING_MSG("Access of ~p from ~p failed with error: ~p",
+				 [BadUser, IPS, Error]),
 		    {401,
 		     [{"WWW-Authenticate",
 		       "basic realm=\"auth error, retry login to ejabberd\""}],
@ -211,8 +214,11 @@ process(RPath, #request{auth = Auth, lang = Lang, host = HostHTTP, method = Meth
 	     [{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
 	     ejabberd_web:make_xhtml([?XCT("h1", "Unauthorized")])};
 	{unauthorized, Error} ->
-	    ?WARNING_MSG("Access ~p failed with error: ~p",
-			 [Auth, Error]),
+	    {BadUser, _BadPass} = Auth,
+	    {IPT, _Port} = Request#request.ip,
+	    IPS = inet_parse:ntoa(IPT),
+	    ?WARNING_MSG("Access of ~p from ~p failed with error: ~p",
+			 [BadUser, IPS, Error]),
 	    {401,
 	     [{"WWW-Authenticate",
 	       "basic realm=\"auth error, retry login to ejabberd\""}],