From 59c14e9c0001bc7a01763ecc7d3042dcde978a1a Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Thu, 25 Feb 2021 15:39:46 +0300
Subject: api: remove base64 encoded passwords (wtf), log all authentication
 failures in userhelper

---
 classes/userhelper.php | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'classes/userhelper.php')

diff --git a/classes/userhelper.php b/classes/userhelper.php
index 8d9d483a8..0698f6beb 100644
--- a/classes/userhelper.php
+++ b/classes/userhelper.php
@@ -46,6 +46,9 @@ class UserHelper {
 				return true;
 			}
 
+			if (!$user_id)
+				Logger::get()->log(E_USER_WARNING, "Failed login attempt for $login (service: $service) from " . UserHelper::get_user_ip());
+
 			return false;
 
 		} else {
-- 
cgit v1.2.3-54-g00ecf