From a441721d32d06d18368bf236ad127ffccad0bef8 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jo@mein.io>
Date: Wed, 17 Jan 2018 18:49:08 +0100
Subject: [PATCH 1/1] luci-base: log login attempts

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---
 modules/luci-base/luasrc/dispatcher.lua | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/modules/luci-base/luasrc/dispatcher.lua b/modules/luci-base/luasrc/dispatcher.lua
index e4f77f18d..16b32548e 100644
--- a/modules/luci-base/luasrc/dispatcher.lua
+++ b/modules/luci-base/luasrc/dispatcher.lua
@@ -191,6 +191,9 @@ local function session_setup(user, pass, allowed_users)
 			timeout  = tonumber(luci.config.sauth.sessiontime)
 		})
 
+		local rp = context.requestpath
+			and table.concat(context.requestpath, "/") or ""
+
 		if type(login) == "table" and
 		   type(login.ubus_rpc_session) == "string"
 		then
@@ -199,8 +202,14 @@ local function session_setup(user, pass, allowed_users)
 				values = { token = sys.uniqueid(16) }
 			})
 
+			io.stderr:write("luci: accepted login on /%s for %s from %s\n"
+				%{ rp, user, http.getenv("REMOTE_ADDR") or "?" })
+
 			return session_retrieve(login.ubus_rpc_session)
 		end
+
+		io.stderr:write("luci: failed login on /%s for %s from %s\n"
+			%{ rp, user, http.getenv("REMOTE_ADDR") or "?" })
 	end
 
 	return nil, nil
@@ -358,7 +367,7 @@ function dispatch(request)
 		"https://github.com/openwrt/luci/issues"
 	)
 
-	if track.sysauth then
+	if track.sysauth and not ctx.authsession then
 		local authen = track.sysauth_authenticator
 		local _, sid, sdat, default_user, allowed_users
 
-- 
2.11.0