gitea/opengist
0
0
Fork 0
mirror of https://github.com/thomiceli/opengist.git synced 2025-07-10 18:01:53 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add warn logs on invalid authentications

Browse Source
This commit is contained in:
Thomas Miceli
2023-04-04 01:16:22 +02:00
parent 8cdcb58e95
commit 746d836b99
5 changed files with 27 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/ssh/git_ssh.go
View File

@ -2,6 +2,7 @@ package ssh
import (
"errors"
"github.com/rs/zerolog/log"
"golang.org/x/crypto/ssh"
"gorm.io/gorm"
"io"
@ -11,7 +12,7 @@ import (
"strings"
)
func runGitCommand(ch ssh.Channel, gitCmd string, keyID uint) error {
func runGitCommand(ch ssh.Channel, gitCmd string, keyID uint, ip string) error {
verb, args := parseCommand(gitCmd)
if !strings.HasPrefix(verb, "git-") {
verb = ""
@ -40,6 +41,7 @@ func runGitCommand(ch ssh.Channel, gitCmd string, keyID uint) error {
user, err := models.GetUserBySSHKeyID(keyID)
if err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
log.Warn().Msg("Invalid SSH authentication attempt from " + ip)
return errors.New("unauthorized")
}
errorSsh("Failed to get user by SSH key id", err)
@ -47,6 +49,7 @@ func runGitCommand(ch ssh.Channel, gitCmd string, keyID uint) error {
}
if user.ID != gist.UserID {
log.Warn().Msg("Invalid SSH authentication attempt from " + ip)
return errors.New("unauthorized")
}
}