From 609fc607c273bd3573bb96d305cd2d58c2152e6c Mon Sep 17 00:00:00 2001
From: mseravalli <marco.seravalli@tum.de>
Date: Wed, 18 Jun 2025 02:03:06 +0200
Subject: [PATCH] feature (log):  log auth failure - #852

We want to have a warning so that it is possible from the logs to immediately
see if there have been failed logging attempts.

This might allow in the future to set up tools like fail2ban.

Co-authored-by: Marco Seravalli <me@marcoseravalli.com>
---
 server/ctrl/session.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server/ctrl/session.go b/server/ctrl/session.go
index 17a28b73..13cd5eb6 100644
--- a/server/ctrl/session.go
+++ b/server/ctrl/session.go
@@ -307,6 +307,7 @@ func SessionAuthMiddleware(ctx *App, res http.ResponseWriter, req *http.Request)
 	// - identity provider redirection uri. eg: oauth2, openid, ...
 	templateBind, err := plugin.Callback(formData, idpParams, res)
 	if err == ErrAuthenticationFailed {
+		Log.Warning("failed authentication - %s", err.Error())
 		http.Redirect(
 			res, req,
 			req.URL.Path+"?action=redirect",