From: Christoph Wurst <christoph@winzerhof-wurst.at>
Date: Wed, 31 Aug 2022 08:37:48 +0000 (+0200)
Subject: Log if cookie login failed with token mismatch or session unavailability
X-Git-Tag: v23.0.10rc1~6^2
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=2fbcc9184bc470ff57ed00171c54a619906972c8;p=nextcloud-server.git

Log if cookie login failed with token mismatch or session unavailability

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
---

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 7aea219b608..4ef9e6fdbcb 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -877,6 +877,10 @@ class Session implements IUserSession, Emitter {
 		$tokens = $this->config->getUserKeys($uid, 'login_token');
 		// test cookies token against stored tokens
 		if (!in_array($currentToken, $tokens, true)) {
+			$this->logger->error('Tried to log in {uid} but could not verify token', [
+				'app' => 'core',
+				'uid' => $uid,
+			]);
 			return false;
 		}
 		// replace successfully used token with a new one
@@ -888,6 +892,10 @@ class Session implements IUserSession, Emitter {
 			$sessionId = $this->session->getId();
 			$token = $this->tokenProvider->renewSessionToken($oldSessionId, $sessionId);
 		} catch (SessionNotAvailableException $ex) {
+			$this->logger->warning('Could not renew session token for {uid} because the session is unavailable', [
+				'app' => 'core',
+				'uid' => $uid,
+			]);
 			return false;
 		} catch (InvalidTokenException $ex) {
 			\OC::$server->getLogger()->warning('Renewing session token failed', ['app' => 'core']);