Mercurial > prosody-modules

view mod_log_auth/mod_log_auth.lua @ 5512:1fbc8718bed6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Bind refresh tokens to client Prevent one OAuth client from using the refresh tokens issued to another client as required by RFC 6819 section 5.2.2.2 See also draft-ietf-oauth-security-topics-22 section 2.2.2 Thanks to OAuch for pointing out this issue
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 10:40:48 +0200
parents 6d1ec8099315
children
line wrap: on
line source

local mode = module:get_option_string("log_auth_ips", "failure");
assert(({ all = true, failure = true, success = true })[mode],
	"Unknown log mode: "..tostring(mode).." - valid modes are 'all', 'failure', 'success'");

if mode == "failure" or mode == "all" then
	module:hook("authentication-failure", function (event)
		local session = event.session;
		local username = session.username or session.sasl_handler and session.sasl_handler.username or "?";
		session.log("info", "Failed authentication attempt (%s) for user %s@%s from IP: %s",
			event.condition or "unknown-condition", username, module.host,  session.ip or "?");
	end);
end

if mode == "success" or mode == "all" then
	module:hook("authentication-success", function (event)
		local session = event.session;
		session.log("info", "Successful authentication as %s@%s from IP: %s", session.username, module.host, session.ip or "?");
	end);
end