diff options
| author | Aleksei Sidorenko <88515338+rydve@users.noreply.github.com> | 2026-03-04 20:26:53 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2026-03-04 20:26:53 +0300 |
| commit | a2097ad06218d49f5aad20254b7bb8c2a9fc0e03 (patch) | |
| tree | e6301703482c51bc06a1e6471f251249810bb8c8 /web/controller/index.go | |
| parent | 52fdf5d4296b4534e25d6221d82ec7d819a9b952 (diff) | |
feat: mask password in telegram notification on 2FA failure (#3884)
Diffstat (limited to 'web/controller/index.go')
| -rw-r--r-- | web/controller/index.go | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/web/controller/index.go b/web/controller/index.go index 5f9e1c2c..605f874f 100644 --- a/web/controller/index.go +++ b/web/controller/index.go @@ -4,6 +4,7 @@ import ( "net/http" "text/template" "time" + "fmt" "github.com/mhsanaei/3x-ui/v2/logger" "github.com/mhsanaei/3x-ui/v2/web/service" @@ -71,14 +72,22 @@ func (a *IndexController) login(c *gin.Context) { return } - user := a.userService.CheckUser(form.Username, form.Password, form.TwoFactorCode) + user, checkErr := a.userService.CheckUser(form.Username, form.Password, form.TwoFactorCode) timeStr := time.Now().Format("2006-01-02 15:04:05") safeUser := template.HTMLEscapeString(form.Username) safePass := template.HTMLEscapeString(form.Password) if user == nil { logger.Warningf("wrong username: \"%s\", password: \"%s\", IP: \"%s\"", safeUser, safePass, getRemoteIp(c)) - a.tgbot.UserLoginNotify(safeUser, safePass, getRemoteIp(c), timeStr, 0) + + notifyPass := safePass + + if checkErr != nil && checkErr.Error() == "invalid 2fa code" { + translatedError := a.tgbot.I18nBot("tgbot.messages.2faFailed") + notifyPass = fmt.Sprintf("*** (%s)", translatedError) + } + + a.tgbot.UserLoginNotify(safeUser, notifyPass, getRemoteIp(c), timeStr, 0) pureJsonMsg(c, http.StatusOK, false, I18nWeb(c, "pages.login.toasts.wrongUsernameOrPassword")) return } |