-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Logins log for Fail2Ban #986
Conversation
it works, but... the log works if you enter wrong logical data. e.g. username: 123@456.com password: 123456789 |
api/strategies/localStrategy.js
Outdated
format: winston.format.combine(winston.format.timestamp(), winston.format.json()), | ||
transports: [ | ||
new winston.transports.Console(), | ||
new winston.transports.File({ filename: 'login-logs.log' }), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
here e.g. /logins/login-logs.txt instead of just login-logs.txt
-> for better handling when using logrotate
I know, I did it on purpose this way! I thought the logs would help you understand if someone wanted to attempt to brute force the password, etc.. |
No, the wish was to make librechat compatible with fail2ban xD |
this is a good point, it should count as a login fail when the validation fails @berry-13 |
* login logs and output * fix(merge) * fix(wiston) unistall * fix(winston) installation in api * fix(logger) new module
* login logs and output * fix(merge) * fix(wiston) unistall * fix(winston) installation in api * fix(logger) new module
I'm not sure if this is the function that was requested, which is why I welcome ideas on how to improve it. Every time a login fails, the logs are both displayed in the console and saved in the root folder in a file named login-logs.txt #985
logs:
Change Type
Testing
check if the log and the .txt works properly
Test Configuration:
Checklist