From 9a4a7e2f4dd2d440df91ac34a0abdd844fbd86f4 Mon Sep 17 00:00:00 2001 From: Franck Nijhof Date: Thu, 14 Jul 2022 21:43:14 +0200 Subject: [PATCH] Extend failed login message with the request URL (#75218) --- homeassistant/components/http/ban.py | 2 +- tests/components/http/test_ban.py | 15 ++++++++++----- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/homeassistant/components/http/ban.py b/homeassistant/components/http/ban.py index 81349fe95a1..ee8324b2791 100644 --- a/homeassistant/components/http/ban.py +++ b/homeassistant/components/http/ban.py @@ -117,7 +117,7 @@ async def process_wrong_login(request: Request) -> None: # The user-agent is unsanitized input so we only include it in the log user_agent = request.headers.get("user-agent") - log_msg = f"{base_msg} ({user_agent})" + log_msg = f"{base_msg} Requested URL: '{request.rel_url}'. ({user_agent})" notification_msg = f"{base_msg} See the log for details." diff --git a/tests/components/http/test_ban.py b/tests/components/http/test_ban.py index 05a6493c9c2..7a4202c1a67 100644 --- a/tests/components/http/test_ban.py +++ b/tests/components/http/test_ban.py @@ -234,7 +234,7 @@ async def test_ban_middleware_loaded_by_default(hass): assert len(mock_setup.mock_calls) == 1 -async def test_ip_bans_file_creation(hass, aiohttp_client): +async def test_ip_bans_file_creation(hass, aiohttp_client, caplog): """Testing if banned IP file created.""" app = web.Application() app["hass"] = hass @@ -243,7 +243,7 @@ async def test_ip_bans_file_creation(hass, aiohttp_client): """Return a mock web response.""" raise HTTPUnauthorized - app.router.add_get("/", unauth_handler) + app.router.add_get("/example", unauth_handler) setup_bans(hass, app, 2) mock_real_ip(app)("200.201.202.204") @@ -259,19 +259,19 @@ async def test_ip_bans_file_creation(hass, aiohttp_client): m_open = mock_open() with patch("homeassistant.components.http.ban.open", m_open, create=True): - resp = await client.get("/") + resp = await client.get("/example") assert resp.status == HTTPStatus.UNAUTHORIZED assert len(manager.ip_bans_lookup) == len(BANNED_IPS) assert m_open.call_count == 0 - resp = await client.get("/") + resp = await client.get("/example") assert resp.status == HTTPStatus.UNAUTHORIZED assert len(manager.ip_bans_lookup) == len(BANNED_IPS) + 1 m_open.assert_called_once_with( hass.config.path(IP_BANS_FILE), "a", encoding="utf8" ) - resp = await client.get("/") + resp = await client.get("/example") assert resp.status == HTTPStatus.FORBIDDEN assert m_open.call_count == 1 @@ -283,6 +283,11 @@ async def test_ip_bans_file_creation(hass, aiohttp_client): == "Login attempt or request with invalid authentication from example.com (200.201.202.204). See the log for details." ) + assert ( + "Login attempt or request with invalid authentication from example.com (200.201.202.204). Requested URL: '/example'." + in caplog.text + ) + async def test_failed_login_attempts_counter(hass, aiohttp_client): """Testing if failed login attempts counter increased."""