login failed log message

2025-02-01 23:31:41 +01:00 · 2019-11-22 07:30:32 -05:00 · 2019-11-22 07:30:32 -05:00 · d022517762
commit d022517762
parent 8f3df46075
2 changed files with 8 additions and 1 deletions
--- a/src/Core/IdentityServer/ResourceOwnerPasswordValidator.cs
+++ b/src/Core/IdentityServer/ResourceOwnerPasswordValidator.cs
@ -17,6 +17,7 @@ using Bit.Core.Models.Data;
 using Bit.Core.Utilities;
 using System.ComponentModel.DataAnnotations;
 using System.Reflection;
+using Microsoft.Extensions.Logging;

 namespace Bit.Core.IdentityServer
 {
@ -32,6 +33,7 @@ namespace Bit.Core.IdentityServer
        private readonly IOrganizationUserRepository _organizationUserRepository;
        private readonly IApplicationCacheService _applicationCacheService;
        private readonly IMailService _mailService;
+        private readonly ILogger<ResourceOwnerPasswordValidator> _logger;
        private readonly CurrentContext _currentContext;
        private readonly GlobalSettings _globalSettings;

@ -46,6 +48,7 @@ namespace Bit.Core.IdentityServer
            IOrganizationUserRepository organizationUserRepository,
            IApplicationCacheService applicationCacheService,
            IMailService mailService,
+            ILogger<ResourceOwnerPasswordValidator> logger,
            CurrentContext currentContext,
            GlobalSettings globalSettings)
        {
@ -59,6 +62,7 @@ namespace Bit.Core.IdentityServer
            _organizationUserRepository = organizationUserRepository;
            _applicationCacheService = applicationCacheService;
            _mailService = mailService;
+            _logger = logger;
            _currentContext = currentContext;
            _globalSettings = globalSettings;
        }
@ -216,6 +220,8 @@ namespace Bit.Core.IdentityServer
                    twoFactorRequest ? EventType.User_FailedLogIn2fa : EventType.User_FailedLogIn);
            }

+            _logger.LogWarning(Constants.BypassFiltersEventId, "Failed login attempt.{0}",
+                twoFactorRequest ? " 2FA invalid." : string.Empty);
            await Task.Delay(2000); // Delay for brute force.
            context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant,
                customResponse: new Dictionary<string, object>
--- a/src/Identity/Program.cs
+++ b/src/Identity/Program.cs
@ -17,7 +17,8 @@ namespace Bit.Identity
                    logging.AddSerilog(hostingContext, e =>
                    {
                        var context = e.Properties["SourceContext"].ToString();
-                        if(context.Contains(typeof(IpRateLimitMiddleware).FullName) && e.Level == LogEventLevel.Information)
+                        if(context.Contains(typeof(IpRateLimitMiddleware).FullName) &&
+                            e.Level == LogEventLevel.Information)
                        {
                            return true;
                        }