Log failed login attempts

bin/v-list-user-auth-log

@@ -25,15 +25,17 @@ json_list() {
     for str in $logs; do
         IP=$(echo "$str" |cut -f 2 -d \')
         FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
-        DATE=$(echo "$str" |cut -f 6 -d \')
-        TIME=$(echo "$str" |cut -f 8 -d \')
-        ACTIVE=$(echo "$str" |cut -f 10 -d \')
+        STATUS=$(echo "$str" |cut -f 6 -d \')
+        DATE=$(echo "$str" |cut -f 8 -d \')
+        TIME=$(echo "$str" |cut -f 10 -d \')
+        ACTIVE=$(echo "$str" |cut -f 12 -d \')
         echo -n '    "'$i'": {
             "IP": "'$IP'",
             "FINGERPRINT": "'$FINGERPRINT'",
             "TIME": "'$TIME'",
             "DATE": "'$DATE'",
-            "ACTIVE": "'$ACTIVE'"
+            "ACTIVE": "'$ACTIVE'",
+            "STATUS": "'$STATUS'"
         }'
         if [ "$i" -lt "$objects" ]; then
             echo ','
@@ -47,15 +49,16 @@ json_list() {
 
 shell_list() {
     IFS=$'\n'
-    echo "DATE~TIME~IP~FINGERPRINT~ACTIVE"
+    echo "DATE~TIME~IP~FINGERPRINT~ACTIVE~STATUS"
     echo "----~----~--~-----------~------"
     for str in $logs; do
         IP=$(echo "$str" |cut -f 2 -d \')
         FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
-        DATE=$(echo "$str" |cut -f 6 -d \')
-        TIME=$(echo "$str" |cut -f 8 -d \')
-        ACTIVE=$(echo "$str" |cut -f 10 -d \')
-        echo "$DATE~$TIME~$IP~$FINGERPRINT~$ACTIVE"
+        STATUS=$(echo "$str" |cut -f 6 -d \')
+        DATE=$(echo "$str" |cut -f 8 -d \')
+        TIME=$(echo "$str" |cut -f 10 -d \')
+        ACTIVE=$(echo "$str" |cut -f 12 -d \')
+        echo "$DATE~$TIME~$IP~$FINGERPRINT~$ACTIVE~$STATUS"
     done
 }
 
@@ -65,24 +68,26 @@ plain_list() {
     for str in $logs; do
         IP=$(echo "$str" |cut -f 2 -d \')
         FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
-        DATE=$(echo "$str" |cut -f 6 -d \')
-        TIME=$(echo "$str" |cut -f 8 -d \')
-        ACTIVE=$(echo "$str" |cut -f 10 -d \')
-        echo -e "$DATE\t$TIME\t$IP\t$FINGERPRINT\t$ACTIVE"
+        STATUS=$(echo "$str" |cut -f 6 -d \')
+        DATE=$(echo "$str" |cut -f 8 -d \')
+        TIME=$(echo "$str" |cut -f 10 -d \')
+        ACTIVE=$(echo "$str" |cut -f 12 -d \')
+        echo -e "$DATE\t$TIME\t$IP\t$FINGERPRINT\t$ACTIVE\t$STATUS"
     done
 }
 
 # CSV list function
 csv_list() {
     IFS=$'\n'
-    echo "ID,CMD,UNDO,TIME,DATE"
+    echo "DATE,TIME,IP,FINGERPRINT,ACTIVE,STATUS"
     for str in $logs; do
         IP=$(echo "$str" |cut -f 2 -d \')
         FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
-        DATE=$(echo "$str" |cut -f 6 -d \')
-        TIME=$(echo "$str" |cut -f 8 -d \')
-        ACTIVE=$(echo "$str" |cut -f 10 -d \')
-        echo "$DATE,$TIME,$IP,$FINGERPRINT,$ACTIVE"
+        STATUS=$(echo "$str" |cut -f 6 -d \')
+        DATE=$(echo "$str" |cut -f 8 -d \')
+        TIME=$(echo "$str" |cut -f 10 -d \')
+        ACTIVE=$(echo "$str" |cut -f 12 -d \')
+        echo "$DATE,$TIME,$IP,$FINGERPRINT,$ACTIVE,$STATUS"
 
     done
 }

bin/v-log-user-login

@@ -1,11 +1,13 @@
 #!/bin/bash
 # info: add user login
-# options: USER IP [FINGERPRINT]
+# options: USER IP STATUS [FINGERPRINT]
 
 # Argument definition
 user=$1
 ip=$2
-fingerprint=${3}
+status=$3
+fingerprint=${4}
+
 
 # Includes
 source $HESTIA/func/main.sh
@@ -34,9 +36,9 @@ fi
 #                       Action                             #
 #----------------------------------------------------------#
 
-awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $USER_DATA/auth.log   
+awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="ACTIVE='no'" '$2 == TIME {$5=ACTIVE}1' $USER_DATA/auth.log   
 
-echo "IP='$ip' FINGERPRINT='$fingerprint' DATE='$date' TIME='$time' active='yes'" >> $USER_DATA/auth.log
+echo "IP='$ip' FINGERPRINT='$fingerprint' STATUS='$status' DATE='$date' TIME='$time' ACTIVE='yes'" >> $USER_DATA/auth.log
 
 #----------------------------------------------------------#
 #                       Hestia                             #

bin/v-log-user-logout

@@ -26,7 +26,7 @@ fi
 #                       Action                             #
 #----------------------------------------------------------#
 
-awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $USER_DATA/auth.log 
+awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="ACTIVE='no'" '$2 == TIME  {$5=active}1' $USER_DATA/auth.log 
 
 #----------------------------------------------------------#
 #                       Hestia                             #

web/delete/user/log/index.php

@@ -26,7 +26,7 @@ if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])){
 $v_ip = escapeshellarg($ip);
     
 $v_murmur = escapeshellarg($_SESSION['MURMUR']);
-exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." ".$v_murmur, $output, $return_var);
+exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." sucess ".$v_murmur, $output, $return_var);
 
 // Render page
 //render_page($user, $TAB, 'list_auth');

web/login/index.php

@@ -89,6 +89,9 @@ function authenticate_user($user, $password, $twofa = ''){
             if ( $return_var > 0 ) {
                 sleep(2);
                 $error = "<a class=\"error\">"._('Invalid username or password')."</a>";
+                $v_murmur = escapeshellarg($_POST['murmur']);
+                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_murmur, $output, $return_var);
+
                 return $error;
             } else {
 
@@ -108,6 +111,7 @@ function authenticate_user($user, $password, $twofa = ''){
                                 $error = "<a class=\"error\">"._('Invalid or missing 2FA token')."</a>";
                                 $_SESSION['login']['username'] = $user;
                                 $_SESSION['login']['password'] = $password;
+                                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip."  failed ".$v_murmur, $output, $return_var);
                                 return $error;
                                 unset($_POST['twofa']);
                             }
@@ -124,7 +128,7 @@ function authenticate_user($user, $password, $twofa = ''){
                 $v_user = $_SESSION['user'];
                 //log successfull login attempt
                 $v_murmur = escapeshellarg($_POST['murmur']);
-                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." ".$v_murmur, $output, $return_var);
+                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." succes ".$v_murmur, $output, $return_var);
 
                 $_SESSION['LAST_ACTIVITY'] = time();
                 $_SESSION['MURMUR'] = $_POST['murmur'];

web/templates/admin/list_auth.html

@@ -30,6 +30,7 @@
       <div class="clearfix l-unit__stat-col--left small"><b><?php print _('Date');?></b></div>
       <div class="clearfix l-unit__stat-col--left compact"><b><?php print _('Time');?></b></div>
       <div class="clearfix l-unit__stat-col--left "><b><?php print _('IP address');?></b></div>
+      <div class="clearfix l-unit__stat-col--left "><b><?php print _('Status');?></b></div>
       <div class="clearfix l-unit__stat-col--left "><b><?php print _('Active');?></b></div>
       <div class="clearfix l-unit__stat-col--left wide-4"><b><?php print _('Browser Fingerprint');?></b></div>
     </div>
@@ -46,6 +47,7 @@
       <div class="clearfix l-unit__stat-col--left small"><b><?=translate_date($data[$key]['DATE'])?></b></div>
       <div class="clearfix l-unit__stat-col--left compact"><b><?=$data[$key]['TIME']?></b></div>
       <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['IP']?></div>
+      <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['STATUS']?></div>
       <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['ACTIVE']?></div>
       <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['FINGERPRINT']?></div>
       

web/templates/user/list_auth.html

@@ -20,6 +20,7 @@
       <div class="clearfix l-unit__stat-col--left small"><b><?php print _('Date');?></b></div>
       <div class="clearfix l-unit__stat-col--left compact"><b><?php print _('Time');?></b></div>
       <div class="clearfix l-unit__stat-col--left "><b><?php print _('IP address');?></b></div>
+      <div class="clearfix l-unit__stat-col--left "><b><?php print _('Status');?></b></div>
       <div class="clearfix l-unit__stat-col--left "><b><?php print _('Active');?></b></div>
       <div class="clearfix l-unit__stat-col--left wide-4"><b><?php print _('Browser Fingerprint');?></b></div>
     </div>
@@ -36,6 +37,7 @@
       <div class="clearfix l-unit__stat-col--left small"><b><?=translate_date($data[$key]['DATE'])?></b></div>
       <div class="clearfix l-unit__stat-col--left compact"><b><?=$data[$key]['TIME']?></b></div>
       <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['IP']?></div>
+      <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['STATUS']?></div>
       <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['ACTIVE']?></div>
       <div class="clearfix l-unit__stat-col--left "><?=$data[$key]['FINGERPRINT']?></div>