<div dir="ltr">Thanks Blake, I wasn't aware of the built in rate limiting.  I'll look at the commits for that feature and for those log entries.<div><br></div><div>Josh</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Apr 9, 2024 at 1:45 PM Blake Graham-Henderson via Evergreen-dev <<a href="mailto:evergreen-dev@list.evergreen-ils.org">evergreen-dev@list.evergreen-ils.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u>

  
    
  
  <div>
    Josh,<br>
    <br>
    Are you aware of the Evergreen feature hidden inside the
    open-ils.auth settings:<br>
    <br>
    ...<br>
    <app_settings><br>
                        <!-- defined app-specific settings here
    --><br>
                        <auth_limits><br>
                            <seed>30</seed> <!-- amount
    of time a seed request is valid for --><br>
                            <block_time>90</block_time>
    <!-- amount of time since last auth or seed request to save
    failure counts --><br>
                            <block_count>10</block_count>
    <!-- number of failures before blocking access --><br>
                        </auth_limits><br>
    </app_settings><br>
    ...<br>
    <br>
    Using memcached, the system keeps track of the number of failures in
    a period of time. And will automatically block subsequent login
    attempts for a configurable amount of time.<br>
    <pre cols="72">-Blake-
Conducting Magic
Will consume any data format
MOBIUS

</pre>
    <div>On 4/9/2024 1:31 PM, Josh Stompro via
      Evergreen-dev wrote:<br>
    </div>
    <blockquote type="cite">
      
      <div dir="ltr">Hello, I'm curious about getting a log of all
        successful and unsuccessful logins to our Evergreen system. 
        Along with extra info like IP address and user agent when the
        request comes in through a web form.
        <div><br>
        </div>
        <div>I would like a simple way to make use of tools like
          fail2ban to protect against brute force login attacks and to
          have a good log for staff account logins that could be kept
          longer than our full logs might be kept.</div>
        <div><br>
        </div>
        <div>Does anyone have something like that setup already?</div>
        <div><br>
        </div>
        <div>The actor.usr_activity data doesn't track
          unsuccessful logins or info like IP addresses.  And I think it
          only tracks the last successful login.</div>
        <div><br>
        </div>
        <div>I can see some  oils_auth.c logs that show a
          success/failure took place</div>
        <div><br>
        </div>
        <div>open-ils.auth 2024-04-09 13:14:26
          [INFO:1950887:oils_auth.c:847:17126388021950749339] failed
          login: username=user, barcode=(none), workstation=<br>
        </div>
        <div><br>
        </div>
        <div>open-ils.auth 2024-04-09 13:11:33
          [ACT:1950868:oils_auth.c:641:17126388021949775649] successful
          login: username=user, authtoken=12345<br>
        </div>
        <div><br>
        </div>
        <div>But no IP address info is available at that point I'm
          assuming.  Maybe I need to look at generating the log closer
          to the web server.</div>
        <div><br>
        </div>
        <div>Thanks</div>
        <div>Josh</div>
        <div><br>
          <div>
            <div>
              <div dir="ltr" class="gmail_signature">
                <div dir="ltr">
                  <table style="padding:0px;margin:10px 0px;border:none">
                    <tbody>
                      <tr>
                        <td style="vertical-align:middle;padding:0px 7px 0px 0px"><img alt="Company logo" src="https://storage.googleapis.com/signaturesatori/customer-C039u5c5y/images/7DIM6.png" width="125" height="107"></td>
                        <td style="border-left:3px solid rgb(232,232,232);padding:7px 0px 0px 10px">
                          <div style="font-family:arial,helvetica,sans-serif;font-size:14px;line-height:17px;font-weight:bold;color:rgb(238,142,22)"><span style="color:rgb(0,0,0)"><strong>Josh Stompro</strong></span></div>
                          <div style="font-family:arial,helvetica,sans-serif;font-size:12px;line-height:14px;font-weight:normal;color:rgb(0,0,0);margin-bottom:10px">IT
                            Director<br>
                            <a href="mailto:stomproj@gsuite.larl.org" target="_blank"><span style="color:rgb(27,70,152)">stomproj@gsuite.larl.org</span></a><span style="color:rgb(27,70,152)"> </span>| 218-233-3757
                            ext. 139<span style="font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:small;color:rgb(32,33,36)"> </span>| 218-790-2110</div>
                          <div style="font-family:arial,helvetica,sans-serif;font-size:12px;line-height:14px;color:rgb(0,0,0)"><strong>Lake
                              Agassiz Regional Library </strong></div>
                          <div style="font-family:arial,helvetica,sans-serif;font-size:12px;line-height:14px;font-weight:normal;color:rgb(0,0,0);margin-bottom:10px">118
                            5th ST S<br>
                            Moorhead MN 56560<br>
                            <a href="http://www.larl.org" target="_blank"><span style="color:rgb(27,70,152)">www.larl.org</span></a><br>
                            <em>Our mission is to enrich lives and
                              strengthen communities.</em></div>
                        </td>
                      </tr>
                    </tbody>
                  </table>
                </div>
              </div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset></fieldset>
      <pre>_______________________________________________
Evergreen-dev mailing list
<a href="mailto:Evergreen-dev@list.evergreen-ils.org" target="_blank">Evergreen-dev@list.evergreen-ils.org</a>
<a href="http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-dev" target="_blank">http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-dev</a>
</pre>
    </blockquote>
    <br>
  </div>

_______________________________________________<br>
Evergreen-dev mailing list<br>
<a href="mailto:Evergreen-dev@list.evergreen-ils.org" target="_blank">Evergreen-dev@list.evergreen-ils.org</a><br>
<a href="http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-dev" rel="noreferrer" target="_blank">http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-dev</a><br>
</blockquote></div>