Added ip logging for failed login attempts

2022-04-08 22:06:03 +02:00 · 2022-04-08 22:06:03 +02:00 · fa9ca9613d
commit fa9ca9613d
parent f62b580d46
2 changed files with 11 additions and 4 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,4 +2,5 @@
 *index-*.html
 /node_modules/
 *.pem
 /failed-login-attempts.txt
--- a/server.js
+++ b/server.js
@ -158,10 +158,19 @@ function testAuthentication(request, response) {
        response.end('Access granted! You\'re in!');
        return;
      } else {
        // Log failed login attempt
        console.log('Failed login attempt by ' + request.connection.remoteAddress);
        const now = new Date();
        fs.appendFile(
          'failed-login-attempts.txt',
          '[' + (now.getDate()+1) + '.' + (now.getMonth()+1) + '.' + now.getFullYear() + ' ' + now.getHours() + ':' + now.getMinutes() + ':' + now.getSeconds() + '] Failed login attempt by ' + request.connection.remoteAddress + '\n',
          () => {}
        );
        response.writeHead(401, {
          'Content-Type': 'text/html'
        });
-        response.end('WOOP! WOOP! Invalid password!<br><br>Need to reset your password? Replace the password hash in config.yaml with a new one.<br>This password hashes to: <em>' + passwordHash + '</em>.');
+        response.end('WOOP! WOOP! Invalid password!<br>This attempt as been logged.<br><br>Need to reset your password? Replace the password hash in config.yaml with a new one.<br>This password hashes to: <em>' + passwordHash + '</em>.');
        return;
      }
@ -209,9 +218,6 @@ const serverOptions = {
 };
 var server = https.createServer(serverOptions, function (request, response) {
  // Handle requests here...
  console.log(request.headers.referer);
  // If request is trying to authenticate
  if (request.url == '/api--authenticate') {
    testAuthentication(request, response);