Extra debug for failed login attempts

2024-04-18 21:10:37 +01:00 · 2024-04-18 21:10:37 +01:00 · 295983eea3
parent 36c3070245
commit 295983eea3
2 changed files with 9 additions and 4 deletions
--- a/daemon_post_login.py
+++ b/daemon_post_login.py
@ -85,7 +85,8 @@ def post_login_screen(self, calling_domain: str, cookie: str,
    login_nickname, login_password, register = \
        html_get_login_credentials(login_params,
                                   self.server.last_login_time,
-                                   registrations_open)
+                                   registrations_open,
+                                   calling_domain, ua_str)
    if login_nickname and login_password:
        if is_system_account(login_nickname):
            print('Invalid username login: ' + login_nickname +
--- a/webapp_login.py
+++ b/webapp_login.py
@ -25,17 +25,21 @@ from theme import get_text_mode_logo

 def html_get_login_credentials(login_params: str,
                               last_login_time: int,
-                               registrations_open: bool) -> (str, str, bool):
+                               registrations_open: bool,
+                               calling_domain: str,
+                               ua_str: str) -> (str, str, bool):
    """Receives login credentials via HTTPServer POST
    """
    if not login_params.startswith('username='):
        if '&username=' not in login_params:
-            print('WARN: invalid login parameters ' + login_params)
+            print('WARN: invalid login parameters ' + calling_domain + ', ' +
+                  ua_str + ', ' + login_params)
            return None, None, None
    # minimum time between login attempts
    curr_time = int(time.time())
    if curr_time < last_login_time + 10:
-        print('WARN: login attempt too frequent')
+        print('WARN: login attempt too frequent ' + calling_domain + ', ' +
+              ua_str)
        return None, None, None
    if '&' not in login_params:
        return None, None, None