diff --git a/server/apps/immich/src/api-v1/auth/auth.controller.ts b/server/apps/immich/src/api-v1/auth/auth.controller.ts index 1f53a3c77..50a18fd06 100644 --- a/server/apps/immich/src/api-v1/auth/auth.controller.ts +++ b/server/apps/immich/src/api-v1/auth/auth.controller.ts @@ -1,4 +1,4 @@ -import { Body, Controller, Post, Res, UseGuards, ValidationPipe } from '@nestjs/common'; +import { Body, Controller, Post, Res, UseGuards, ValidationPipe, Ip } from '@nestjs/common'; import { ApiBadRequestResponse, ApiBearerAuth, ApiTags } from '@nestjs/swagger'; import { AuthUserDto, GetAuthUser } from '../../decorators/auth-user.decorator'; import { JwtAuthGuard } from '../../modules/immich-jwt/guards/jwt-auth.guard'; @@ -19,9 +19,10 @@ export class AuthController { @Post('/login') async login( @Body(new ValidationPipe({ transform: true })) loginCredential: LoginCredentialDto, + @Ip() clientIp: string, @Res() response: Response, ): Promise { - const loginResponse = await this.authService.login(loginCredential); + const loginResponse = await this.authService.login(loginCredential, clientIp); // Set Cookies const accessTokenCookie = this.authService.getCookieWithJwtToken(loginResponse); diff --git a/server/apps/immich/src/api-v1/auth/auth.service.ts b/server/apps/immich/src/api-v1/auth/auth.service.ts index 637abb7ed..f3e5afd68 100644 --- a/server/apps/immich/src/api-v1/auth/auth.service.ts +++ b/server/apps/immich/src/api-v1/auth/auth.service.ts @@ -50,10 +50,11 @@ export class AuthService { return null; } - public async login(loginCredential: LoginCredentialDto): Promise { + public async login(loginCredential: LoginCredentialDto, clientIp: string): Promise { const validatedUser = await this.validateUser(loginCredential); if (!validatedUser) { + Logger.warn(`Failed login attempt for user ${loginCredential.email} from ip address ${clientIp}`) throw new BadRequestException('Incorrect email or password'); }