jeans/core
jeans/core
1
0
Fork 0
mirror of https://github.com/home-assistant/core.git synced 2025-07-18 02:37:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Extend failed login message with the request URL (#75218)

Browse Source
This commit is contained in:
Franck Nijhof 2022-07-14 21:43:14 +02:00 committed by GitHub
parent f0cc565f6c
commit 9a4a7e2f4d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
homeassistant/components/http/ban.py
View File

@ -117,7 +117,7 @@ async def process_wrong_login(request: Request) -> None:
# The user-agent is unsanitized input so we only include it in the log # The user-agent is unsanitized input so we only include it in the log
user_agent = request.headers.get("user-agent") user_agent = request.headers.get("user-agent")
log_msg = f"{base_msg} ({user_agent})" log_msg = f"{base_msg} Requested URL: '{request.rel_url}'. ({user_agent})"
notification_msg = f"{base_msg} See the log for details." notification_msg = f"{base_msg} See the log for details."

15
tests/components/http/test_ban.py
View File

@ -234,7 +234,7 @@ async def test_ban_middleware_loaded_by_default(hass):
assert len(mock_setup.mock_calls) == 1 assert len(mock_setup.mock_calls) == 1
async def test_ip_bans_file_creation(hass, aiohttp_client): async def test_ip_bans_file_creation(hass, aiohttp_client, caplog):
"""Testing if banned IP file created.""" """Testing if banned IP file created."""
app = web.Application() app = web.Application()
app["hass"] = hass app["hass"] = hass
@ -243,7 +243,7 @@ async def test_ip_bans_file_creation(hass, aiohttp_client):
"""Return a mock web response.""" """Return a mock web response."""
raise HTTPUnauthorized raise HTTPUnauthorized
app.router.add_get("/", unauth_handler) app.router.add_get("/example", unauth_handler)
setup_bans(hass, app, 2) setup_bans(hass, app, 2)
mock_real_ip(app)("200.201.202.204") mock_real_ip(app)("200.201.202.204")
@ -259,19 +259,19 @@ async def test_ip_bans_file_creation(hass, aiohttp_client):
m_open = mock_open() m_open = mock_open()
with patch("homeassistant.components.http.ban.open", m_open, create=True): with patch("homeassistant.components.http.ban.open", m_open, create=True):
resp = await client.get("/") resp = await client.get("/example")
assert resp.status == HTTPStatus.UNAUTHORIZED assert resp.status == HTTPStatus.UNAUTHORIZED
assert len(manager.ip_bans_lookup) == len(BANNED_IPS) assert len(manager.ip_bans_lookup) == len(BANNED_IPS)
assert m_open.call_count == 0 assert m_open.call_count == 0
resp = await client.get("/") resp = await client.get("/example")
assert resp.status == HTTPStatus.UNAUTHORIZED assert resp.status == HTTPStatus.UNAUTHORIZED
assert len(manager.ip_bans_lookup) == len(BANNED_IPS) + 1 assert len(manager.ip_bans_lookup) == len(BANNED_IPS) + 1
m_open.assert_called_once_with( m_open.assert_called_once_with(
hass.config.path(IP_BANS_FILE), "a", encoding="utf8" hass.config.path(IP_BANS_FILE), "a", encoding="utf8"
) )
resp = await client.get("/") resp = await client.get("/example")
assert resp.status == HTTPStatus.FORBIDDEN assert resp.status == HTTPStatus.FORBIDDEN
assert m_open.call_count == 1 assert m_open.call_count == 1
@ -283,6 +283,11 @@ async def test_ip_bans_file_creation(hass, aiohttp_client):
== "Login attempt or request with invalid authentication from example.com (200.201.202.204). See the log for details." == "Login attempt or request with invalid authentication from example.com (200.201.202.204). See the log for details."
) )
assert (
"Login attempt or request with invalid authentication from example.com (200.201.202.204). Requested URL: '/example'."
in caplog.text
)
async def test_failed_login_attempts_counter(hass, aiohttp_client): async def test_failed_login_attempts_counter(hass, aiohttp_client):
"""Testing if failed login attempts counter increased.""" """Testing if failed login attempts counter increased."""