Moonlight-Panel/Moonlight
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #270 from Moonlight-Panel/ImproveSecurityLogPrivacy

Browse Source 
Improved the privacy for security logs
This commit is contained in:
Marcel Baumgartner
2023-08-15 15:33:38 +02:00
committed by GitHub
parent c155909e82 95e659e5f7
commit c80622c2fd
2 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Moonlight/App/Helpers/StringHelper.cs
View File

@@ -43,4 +43,15 @@ public static class StringHelper
return firstChar + restOfString; return firstChar + restOfString;
} }
public static string CutInHalf(string input)
{
if (string.IsNullOrEmpty(input))
return input;
int length = input.Length;
int halfLength = length / 2;
return input.Substring(0, halfLength);
}
} }

10
Moonlight/App/Services/UserService.cs
View File

@@ -106,7 +106,7 @@ public class UserService
if (user == null) if (user == null)
{ {
Logger.Warn($"Failed login attempt. Email: {email} Password: {password}", "security"); Logger.Warn($"Failed login attempt. Email: {email} Password: {StringHelper.CutInHalf(password)}", "security");
throw new DisplayException("Email and password combination not found"); throw new DisplayException("Email and password combination not found");
} }
@@ -115,7 +115,7 @@ public class UserService
return user.TotpEnabled; return user.TotpEnabled;
} }
Logger.Warn($"Failed login attempt. Email: {email} Password: {password}", "security"); Logger.Warn($"Failed login attempt. Email: {email} Password: {StringHelper.CutInHalf(password)}", "security");
throw new DisplayException("Email and password combination not found");; throw new DisplayException("Email and password combination not found");;
} }
@@ -148,7 +148,7 @@ public class UserService
} }
else else
{ {
Logger.Warn($"Failed login attempt. Email: {email} Password: {password}", "security"); Logger.Warn($"Failed login attempt. Email: {email} Password: {StringHelper.CutInHalf(password)}", "security");
throw new DisplayException("2FA code invalid"); throw new DisplayException("2FA code invalid");
} }
} }
@@ -190,7 +190,7 @@ public class UserService
if (user == null) if (user == null)
{ {
Logger.Warn($"Detected an sftp bruteforce attempt. ID: {id} Password: {password}", "security"); Logger.Warn($"Detected an sftp bruteforce attempt. ID: {id} Password: {StringHelper.CutInHalf(password)}", "security");
throw new Exception("Invalid username"); throw new Exception("Invalid username");
} }
@@ -201,7 +201,7 @@ public class UserService
return user; return user;
} }
Logger.Warn($"Detected an sftp bruteforce attempt. ID: {id} Password: {password}", "security"); Logger.Warn($"Detected an sftp bruteforce attempt. ID: {id} Password: {StringHelper.CutInHalf(password)}", "security");
throw new Exception("Invalid userid or password"); throw new Exception("Invalid userid or password");
} }