Skip to content

feat: log when attempted password resets fail #15267

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 29, 2024
Merged

feat: log when attempted password resets fail #15267

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
20b83b4
chore: log when attempted password resets fail
DanielleMaywood Oct 29, 2024
0b013a6
chore: update message
DanielleMaywood Oct 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions coderd/userauth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -291,6 +291,8 @@ func (api *API) postRequestOneTimePasscode(rw http.ResponseWriter, r *http.Reque
if err != nil {
logger.Error(ctx, "unable to notify user about one-time passcode request", slog.Error(err))
}
} else {
logger.Warn(ctx, "password reset requested for account that does not exist", slog.F("email", req.Email))
}
}

Expand Down Expand Up @@ -381,6 +383,7 @@ func (api *API) postChangePasswordWithOneTimePasscode(rw http.ResponseWriter, r

now := dbtime.Now()
if !equal || now.After(user.OneTimePasscodeExpiresAt.Time) {
logger.Warn(ctx, "password reset attempted with invalid one-time passcode", slog.F("email", req.Email))
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
Message: "Incorrect email or one-time passcode.",
})
Expand Down
Loading