CoreAuthHandler::CoreAuthHandler(QTcpSocket* socket, QObject* parent)
: AuthHandler(parent)
, _peer(nullptr)
+ , _metricsServer(Core::instance()->metricsServer())
, _magicReceived(false)
, _legacy(false)
, _clientRegistered(false)
// First attempt local auth using the real username and password.
// If that fails, move onto the auth provider.
- UserId uid = Core::validateUser(msg.user, msg.password);
+
+ // Check to see if the user has the "Database" authenticator configured.
+ UserId uid = 0;
+ if (Core::getUserAuthenticator(msg.user) == "Database") {
+ uid = Core::validateUser(msg.user, msg.password);
+ }
+
+ // If they did not, *or* if the database login fails, try to use a different authenticator.
+ // TODO: this logic should likely be moved into Core::authenticateUser in the future.
+ // Right now a core can only have one authenticator configured; this might be something
+ // to change in the future.
if (uid == 0) {
uid = Core::authenticateUser(msg.user, msg.password);
}
qInfo() << qPrintable(tr("Invalid login attempt from %1 as \"%2\"").arg(socket()->peerAddress().toString(), msg.user));
_peer->dispatch(Protocol::LoginFailed(tr(
"<b>Invalid username or password!</b><br>The username/password combination you supplied could not be found in the database.")));
+ if (_metricsServer) {
+ _metricsServer->addLoginAttempt(msg.user, false);
+ }
return;
}
_peer->dispatch(Protocol::LoginSuccess());
+ if (_metricsServer) {
+ _metricsServer->addLoginAttempt(uid, true);
+ }
qInfo() << qPrintable(tr("Client %1 initialized and authenticated successfully as \"%2\" (UserId: %3).")
.arg(socket()->peerAddress().toString(), msg.user, QString::number(uid.toInt())));