Skip to content

Failed authentications should be logged to log.Error instead of log.Info #31968

New issue
New issue
Closed
Closed
Failed authentications should be logged to log.Error instead of log.Info#31968
Labels
good first issueLikely to be an easy fixtype/proposalThe new feature has not been accepted yet but needs to be discussed first.
@itzonban

Description

@itzonban
itzonban
opened on Sep 3, 2024

Feature Description

Hi,

it would be great if failed authentications would be logged to ERROR level instead of INFO.

routers/web/auth/auth.go:231:SignInPost() [I] Failed authentication attempt for username from 1.1.1.1:44774: user does not exist [uid: 0, name: username]

It is in fact an error and the INFO level output can still be a bit much in production, therefore it would be preferable to be able to lower the level to "warn" and still catch the failed logins for fail2ban etc.

If I see it correctly the change need to be done in routers/web/auth/auth.go in lines 227-252.
What do you think?

Best regards
Daniel

Screenshots

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    good first issueLikely to be an easy fixtype/proposalThe new feature has not been accepted yet but needs to be discussed first.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions