Also log invalid login attemps via WebDAV.

pydio · May 21, 2014 · 74c36f7 · 74c36f7
1 parent 6ee64fa
commit 74c36f7
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 4 deletions.
diff --git a/core/src/core/classes/sabredav/ajaxplorer/class.AJXP_Sabre_AuthBackendBasic.php b/core/src/core/classes/sabredav/ajaxplorer/class.AJXP_Sabre_AuthBackendBasic.php
@@ -70,6 +70,7 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
         $userObject = $confDriver->createUserObject($userpass[0]);
         $webdavData = $userObject->getPref("AJXP_WEBDAV_DATA");
         if (empty($webdavData) || !isset($webdavData["ACTIVE"]) || $webdavData["ACTIVE"] !== true) {
+            AJXP_Logger::warning(__CLASS__, "Login failed", array("user" => $userpass[0], "error" => "WebDAV user not found or disabled"));
             throw new Sabre\DAV\Exception\NotAuthenticated();
         }
         // check if there are cached credentials. prevents excessive authentication calls to external
@@ -84,6 +85,7 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
 
 
         if (!$cachedPasswordValid && (!$this->validateUserPass($userpass[0],$userpass[1]))) {
+            AJXP_Logger::warning(__CLASS__, "Login failed", array("user" => $userpass[0], "error" => "Invalid WebDAV user or password"));
             $auth->requireLogin();
             throw new Sabre\DAV\Exception\NotAuthenticated('Username or password does not match');
         }

diff --git a/core/src/core/classes/sabredav/ajaxplorer/class.AJXP_Sabre_AuthBackendDigest.php b/core/src/core/classes/sabredav/ajaxplorer/class.AJXP_Sabre_AuthBackendDigest.php
@@ -64,7 +64,15 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
     {
         //AJXP_Logger::debug("Try authentication on $realm", $server);
 
-        $success = parent::authenticate($server, $realm);
+        try {
+          $success = parent::authenticate($server, $realm);
+        }
+        catch(Exception $e) {
+          $success = 0;
+          $errmsg = $e->getMessage();
+          if ($errmsg != "No digest authentication headers were found")
+            $success = false;
+        }
         if ($success) {
             $res = AuthService::logUser($this->currentUser, null, true);
             if ($res < 1) {
@@ -76,14 +84,16 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
                 AJXP_Safe::storeCredentials($this->currentUser, $this->_decodePassword($webdavData["PASS"], $this->currentUser));
             }
         }
-        if ($success === false) {
-            throw new Sabre\DAV\Exception\NotAuthenticated();
+        else {
+          if ($success === false) {
+            AJXP_Logger::warning(__CLASS__, "Login failed", array("user" => $this->currentUser, "error" => "Invalid WebDAV user or password"));
+          }
+          throw new Sabre\DAV\Exception\NotAuthenticated($errmsg);
         }
         ConfService::switchRootDir($this->repositoryId);
         return true;
     }
 
-
     protected function updateCurrentUserRights($user)
     {
         if ($this->repositoryId == null) {