prosody-modules
dc0f502c12f1
mod_log_auth/mod_log_auth.lua
Software / code / prosody-modules
File
mod_log_auth/mod_log_auth.lua @ 5213:dc0f502c12f1
mod_http_oauth2: Fix authorization code logic
I have no idea what it did before or if it even worked.
RFC 6749 section 4.1.2 says:
> A maximum authorization code lifetime of 10 minutes is RECOMMENDED.
So this should prevent use of codes older than 10 minutes and remove
them from the cache some time after they expire.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 06 Mar 2023 16:49:43 +0100 |
| parent | 3941:6d1ec8099315 |
line wrap: on
line source
local mode = module:get_option_string("log_auth_ips", "failure"); assert(({ all = true, failure = true, success = true })[mode], "Unknown log mode: "..tostring(mode).." - valid modes are 'all', 'failure', 'success'"); if mode == "failure" or mode == "all" then module:hook("authentication-failure", function (event) local session = event.session; local username = session.username or session.sasl_handler and session.sasl_handler.username or "?"; session.log("info", "Failed authentication attempt (%s) for user %s@%s from IP: %s", event.condition or "unknown-condition", username, module.host, session.ip or "?"); end); end if mode == "success" or mode == "all" then module:hook("authentication-success", function (event) local session = event.session; session.log("info", "Successful authentication as %s@%s from IP: %s", session.username, module.host, session.ip or "?"); end); end
