From 36c30702451b2ab65d5f51ff5676924b10a1e0d5 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@libreserver.org>
Date: Thu, 18 Apr 2024 15:52:17 +0100
Subject: [PATCH] Logging for bad logins

---
 scripts/logins  | 2 +-
 webapp_login.py | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/scripts/logins b/scripts/logins
index 81275fa88..6ff259e9c 100755
--- a/scripts/logins
+++ b/scripts/logins
@@ -1,2 +1,2 @@
 #!/bin/bash
-journalctl -u epicyon -r | grep "Login "
\ No newline at end of file
+journalctl -u epicyon -r | grep "Login \|login attempt\|login param"
diff --git a/webapp_login.py b/webapp_login.py
index d3544d37f..4de3dc52c 100644
--- a/webapp_login.py
+++ b/webapp_login.py
@@ -30,10 +30,12 @@ def html_get_login_credentials(login_params: str,
     """
     if not login_params.startswith('username='):
         if '&username=' not in login_params:
+            print('WARN: invalid login parameters ' + login_params)
             return None, None, None
     # minimum time between login attempts
     curr_time = int(time.time())
     if curr_time < last_login_time + 10:
+        print('WARN: login attempt too frequent')
         return None, None, None
     if '&' not in login_params:
         return None, None, None