Updated functionality for logging failed access

- Added testing to cover. - Linked logging into Laravel's monolog logging system and made log channel configurable. - Updated env var names to be specific to login access. - Added extra locations as to where failed logins would be captured. Related to #1881 and #728
2025-06-04 17:04:32 +08:00 · 2020-07-28 12:59:43 +01:00
parent 2f6ff07347
commit 2ed0317129
8 changed files with 98 additions and 30 deletions
--- a/tests/Auth/AuthTest.php
+++ b/tests/Auth/AuthTest.php
@ -401,6 +401,18 @@ class AuthTest extends BrowserKitTest
        $this->assertFalse(auth('saml2')->check());
    }

+    public function test_failed_logins_are_logged_when_message_configured()
+    {
+        $log = $this->withTestLogger();
+        config()->set(['logging.failed_login.message' => 'Failed login for %u']);
+
+        $this->post('/login', ['email' => 'admin@example.com', 'password' => 'cattreedog']);
+        $this->assertTrue($log->hasWarningThatContains('Failed login for admin@example.com'));
+
+        $this->post('/login', ['email' => 'admin@admin.com', 'password' => 'password']);
+        $this->assertFalse($log->hasWarningThatContains('Failed login for admin@admin.com'));
+    }
+
    /**
     * Perform a login
     */
--- a/tests/Auth/LdapTest.php
+++ b/tests/Auth/LdapTest.php
@ -593,4 +593,17 @@ class LdapTest extends BrowserKitTest

        $this->see('A user with the email tester@example.com already exists but with different credentials');
    }
+
+    public function test_failed_logins_are_logged_when_message_configured()
+    {
+        $log = $this->withTestLogger();
+        config()->set(['logging.failed_login.message' => 'Failed login for %u']);
+
+        $this->commonLdapMocks(1, 1, 1, 1, 1);
+        $this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)
+            ->andReturn(['count' => 0]);
+
+        $this->post('/login', ['username' => 'timmyjenkins', 'password' => 'cattreedog']);
+        $this->assertTrue($log->hasWarningThatContains('Failed login for timmyjenkins'));
+    }
 }
--- a/tests/Unit/ConfigTest.php
+++ b/tests/Unit/ConfigTest.php
@ -1,5 +1,6 @@
 <?php namespace Tests\Unit;

+use Illuminate\Support\Facades\Log;
 use Tests\TestCase;

 /**
@ -36,6 +37,28 @@ class ConfigTest extends TestCase
        $this->checkEnvConfigResult('APP_URL', $oldDefault, 'app.url', '');
    }

+    public function test_errorlog_plain_webserver_channel()
+    {
+        // We can't full test this due to it being targeted for the SAPI logging handler
+        // so we just overwrite that component so we can capture the error log output.
+        config()->set([
+            'logging.channels.errorlog_plain_webserver.handler_with' => [0],
+        ]);
+
+        $temp = tempnam(sys_get_temp_dir(), 'bs-test');
+        $original = ini_set( 'error_log', $temp);
+
+        Log::channel('errorlog_plain_webserver')->info('Aww, look, a cute puppy');
+
+        ini_set( 'error_log', $original);
+
+        $output = file_get_contents($temp);
+        $this->assertStringContainsString('Aww, look, a cute puppy', $output);
+        $this->assertStringNotContainsString('INFO', $output);
+        $this->assertStringNotContainsString('info', $output);
+        $this->assertStringNotContainsString('testing', $output);
+    }
+
    /**
     * Set an environment variable of the given name and value
     * then check the given config key to see if it matches the given result.