Page MenuHomePhabricator

Successful login attemps should be logged for the user account, not just the IP
Closed, ResolvedPublic

Description

The onAuthManagerLoginAuthenticateAudit() hook call back in CheckUser should be edited such that if the login attempt was successful, the row entered in cu_changes would indicate the user name and ID. In cases where the login was unsuccessful, current code (which only attributes the event to the IP address) is appropriate.

Originally reported on the CheckUser listserv.

Technical debt was introduced in a14842e7

Event Timeline

Huji claimed this task.May 29 2020, 2:38 AM
Huji triaged this task as Medium priority.
Huji created this task.

Change 599486 had a related patch set uploaded (by Huji; owner: Huji):
[mediawiki/extensions/CheckUser@master] Successful login attemps should be logged for the user account

https://gerrit.wikimedia.org/r/599486

Huji updated the task description. (Show Details)May 29 2020, 2:47 AM

Change 599492 had a related patch set uploaded (by Huji; owner: Huji):
[operations/mediawiki-config@master] Set wgCheckUserLogLogins to true by default

https://gerrit.wikimedia.org/r/599492

jrbs added a subscriber: jrbs.Jun 2 2020, 8:09 PM
Huji closed this task as Resolved.Jun 4 2020, 2:41 PM
Huji removed a project: Patch-For-Review.

Change 599486 merged by jenkins-bot:
[mediawiki/extensions/CheckUser@master] Successful login attemps should be logged for the user account

https://gerrit.wikimedia.org/r/599486