refactor: change log text
This commit is contained in:
parent
6831d9c708
commit
db70e4dd96
@ -22,7 +22,7 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
|
||||
accessTokenService.GenerateToken(userId);
|
||||
|
||||
private static string GetAuthCacheKey(string fingerprint) => $"{fingerprint}_auth_token";
|
||||
private static string GetFirstAuthCacheKey(string fingerprint) => $"{fingerprint}_auth_token_first";
|
||||
internal static string GetFirstAuthCacheKey(string fingerprint) => $"{fingerprint}_auth_token_first";
|
||||
|
||||
private Task SetAuthTokenDataToCache(AuthToken data, CancellationToken cancellation) =>
|
||||
cache.SetAsync(
|
||||
@ -49,23 +49,23 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
|
||||
if (countFailedLogin > 5)
|
||||
{
|
||||
logger.LogWarning(
|
||||
"Multiple failed login attempts detected for user ID {UserId} from IP {UserIp}. Attempt: #{AttemptNumber}. Possible account compromise.",
|
||||
"Multiple unsuccessful login attempts for user ID {UserId} from IP {UserIp}. Attempt count: {AttemptNumber}.",
|
||||
user.Id,
|
||||
requestContext.Ip,
|
||||
countFailedLogin);
|
||||
|
||||
throw new SecurityException($"There are many incorrect attempts to access the account. Try again after {(int)cacheSaveTime.TotalMinutes} minutes.");
|
||||
throw new SecurityException("Too many unsuccessful login attempts. Please try again later.");
|
||||
}
|
||||
|
||||
logger.LogInformation(
|
||||
"Failed login attempt for user ID {UserId} from IP {UserIp} with User-Agent {UserAgent} and Fingerprint {Fingerprint} Attempt: #{AttemptNumber}.",
|
||||
"Login attempt failed for user ID {UserId}. IP: {UserIp}, User-Agent: {UserAgent}, Fingerprint: {Fingerprint}. Attempt count: {AttemptNumber}.",
|
||||
user.Id,
|
||||
requestContext.Ip,
|
||||
requestContext.UserAgent,
|
||||
requestContext.Fingerprint,
|
||||
countFailedLogin);
|
||||
|
||||
throw new SecurityException("Invalid username/email or password");
|
||||
throw new SecurityException("Authentication failed. Please check your credentials.");
|
||||
}
|
||||
|
||||
private async Task GenerateAuthTokensAsync(CookieOptionsParameters cookieOptions, HttpContext context, RequestContextInfo requestContext, string userId, CancellationToken cancellation = default)
|
||||
@ -86,7 +86,7 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
|
||||
cookieOptions.SetCookie(context, CookieNames.RefreshToken, authToken.RefreshToken, DateTime.UtcNow.Add(Lifetime));
|
||||
|
||||
logger.LogInformation(
|
||||
"Successful login attempt for user ID {UserId} from IP {UserIp} with User-Agent {UserAgent} and Fingerprint {Fingerprint}.",
|
||||
"Login successful for user ID {UserId}. IP: {UserIp}, User-Agent: {UserAgent}, Fingerprint: {Fingerprint}.",
|
||||
authToken.UserId,
|
||||
authToken.Ip,
|
||||
authToken.UserAgent,
|
||||
@ -100,23 +100,25 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
|
||||
var firstTokenAuth = await cache.GetAsync<FirstAuthToken?>(GetFirstAuthCacheKey(requestContext.Fingerprint), cancellationToken: cancellation);
|
||||
|
||||
if (firstTokenAuth == null || authenticator != firstTokenAuth.TwoFactorAuthenticator)
|
||||
throw new SecurityException("The session time has expired");
|
||||
throw new SecurityException("Session expired. Please log in again.");
|
||||
|
||||
switch (firstTokenAuth.TwoFactorAuthenticator)
|
||||
{
|
||||
case TwoFactorAuthenticator.Totp:
|
||||
{
|
||||
if (string.IsNullOrEmpty(firstTokenAuth.Secret))
|
||||
throw new InvalidOperationException("The user's secrets for data processing were not transferred.");
|
||||
throw new InvalidOperationException("Required authentication data is missing.");
|
||||
|
||||
var totp = new TotpService(firstTokenAuth.Secret);
|
||||
|
||||
if (!totp.VerifyToken(code))
|
||||
throw new SecurityException("The entered code is incorrect.");
|
||||
throw new SecurityException("Invalid verification code. Please try again.");
|
||||
}
|
||||
break;
|
||||
case TwoFactorAuthenticator.None:
|
||||
break;
|
||||
default:
|
||||
throw new InvalidOperationException("The system failed to understand the authorization method.");
|
||||
throw new InvalidOperationException("Unsupported authorization method.");
|
||||
}
|
||||
|
||||
await GenerateAuthTokensAsync(cookieOptions, context, requestContext, firstTokenAuth.UserId, cancellation);
|
||||
@ -162,7 +164,7 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
|
||||
cookieOptions.DropCookie(context, CookieNames.AccessToken);
|
||||
cookieOptions.DropCookie(context, CookieNames.RefreshToken);
|
||||
|
||||
logger.LogWarning("Token validation failed for user ID {UserId}. Invalid token used from IP {UserIp} with User-Agent {UserAgent} and Fingerprint {Fingerprint}. Possible account compromise. Reason: {Reason}.",
|
||||
logger.LogWarning("Token validation failed for user ID {UserId}. IP: {UserIp}, User-Agent: {UserAgent}, Fingerprint: {Fingerprint}. Reason: {Reason}.",
|
||||
authToken.UserId,
|
||||
authToken.Ip,
|
||||
authToken.UserAgent,
|
||||
|
Loading…
x
Reference in New Issue
Block a user