1
0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-07-30 04:23:11 +03:00

Updated functionality for logging failed access

- Added testing to cover.
- Linked logging into Laravel's monolog logging system and made log
channel configurable.
- Updated env var names to be specific to login access.
- Added extra locations as to where failed logins would be captured.

Related to #1881 and #728
This commit is contained in:
Dan Brown
2020-07-28 12:59:43 +01:00
parent 2f6ff07347
commit 2ed0317129
8 changed files with 98 additions and 30 deletions

View File

@ -272,8 +272,10 @@ API_MAX_ITEM_COUNT=500
# The number of API requests that can be made per minute by a single user.
API_REQUESTS_PER_MIN=180
# Failed access
# message to log into webserver logs in case of failed access, for further processing by tools like Fail2Ban
# Apache users should use : user "%u" authentication failure for "BookStack"
# Nginx users should use : user "%u" was not found in "BookStack"
FAILED_ACCESS_MESSAGE=''
# Enable the logging of failed email+password logins with the given message
# The defaul log channel below uses the php 'error_log' function which commonly
# results in messages being output to the webserver error logs.
# The message can contain a %u parameter which will be replaced with the login
# user identifier (Username or email).
LOG_FAILED_LOGIN_MESSAGE=false
LOG_FAILED_LOGIN_CHANNEL=errorlog_plain_webserver