Add auth failure logging

app/routes/api/auth.js

@@ -1,6 +1,7 @@
 const express = require('express');
 const router = express.Router();
 const config = require('config');
+const fs = require('fs').promises;
 
 const ModelPath = '../../models/';
 const User = require(ModelPath + 'User.js');
@@ -33,8 +34,11 @@ const login = (user, req) => {
 const validateInvite = wrap(async (req, res, next) => {
     const invite = await Invite.findOne({code: req.body.invite}).catch(next);
 
-    if (!invite)
+    if (!invite) {
+        // Log failure
+        await fs.appendFile('auth.log', `${new Date().toISOString()} register ${req.connection.remoteAddress}`);
         return res.status(422).json({message: 'Invalid invite code.'});
+    }
 
     if (invite.used)
         return res.status(422).json({message: 'Invite already used.'});
@@ -92,8 +96,11 @@ const loginProps = [
 router.post('/login', bodyVerifier(loginProps), canonicalizeRequest, wrap(async (req, res, next) => {
     // Authenticate
     const user = await authenticate(req, res, next);
-    if (!user)
+    if (!user) {
+        // Log failure
+        await fs.appendFile('auth.log', `${new Date().toISOString()} login ${req.connection.remoteAddress}`);
         return res.status(401).json({'message': 'Unauthorized.'});
+    }
 
     // Create session
     await login(user, req);

app/util/auth.js

@@ -2,6 +2,7 @@ const ModelPath = '../models/';
 const Key = require(ModelPath + 'Key.js');
 const User = require(ModelPath + 'User.js');
 
+const fs = require('fs').promises;
 const wrap = require('./wrap.js');
 const verifyScope = require('./verifyScope.js');
 
@@ -30,6 +31,9 @@ const checkKey = async (req, scope, status) => {
                 req.key = key.key;
                 status.permission = true;
             }
+        } else {
+            // Log failure
+            await fs.appendFile('auth.log', `${new Date().toISOString()} key ${req.connection.remoteAddress}`);
         }
     }
 };

config/default.json

@@ -2,7 +2,8 @@
   "Server": {
     "port": 4433,
     "hostname": "https://shimapan.rocks",
-    "tls": true
+    "tls": true,
+    "trustProxy": []
   },
   "Database": {
     "host": "mongodb://localhost:27017/shimapan"

config/dev.json

@@ -2,7 +2,8 @@
   "Server": {
     "port": 8080,
     "hostname": "http://localhost:8080",
-    "tls": false
+    "tls": false,
+    "trustProxy": []
   },
   "Database": {
     "host": "mongodb://localhost:27017/shimapan-dev"

config/test.json

@@ -2,7 +2,8 @@
   "Server": {
     "port": 8080,
     "hostname": "http://localhost:8080",
-    "tls": false
+    "tls": false,
+    "trustProxy": []
   },
   "Database": {
     "host": "mongodb://localhost:27017/shimapan-test"

extra/shimapan.filter

@@ -0,0 +1,3 @@
+[Definition]
+failregex = \w <HOST>
+ignoreregex =

server.js

@@ -70,6 +70,8 @@ app.use((err, req, res, next) => {
     res.status(500).json({'message': 'Internal server error.'});
 });
 
+app.set('trust proxy', config.get('Server.trustProxy'));
+
 // Start app
 const port = config.get('Server.port');