Add: Auth diagnosis logs.

This commit is contained in:
ghost 2025-12-28 22:05:20 +01:00
parent 0382ba4f15
commit 5cd29d7100

View File

@ -9,6 +9,7 @@ use async_trait::async_trait;
use base64::Engine;
use hmac::{Hmac, Mac};
use sha1::Sha1;
use tracing::warn;
use std::net::SocketAddr;
use std::sync::Arc;
use std::time::{Duration, SystemTime, UNIX_EPOCH};
@ -134,6 +135,7 @@ impl<S: CredentialStore + Clone> AuthManager<S> {
};
if realm != self.settings.realm {
warn!("auth reject: realm mismatch client_realm={} expected={} peer={}", realm, self.settings.realm, peer);
return AuthStatus::Reject {
code: 400,
reason: "Realm Mismatch",
@ -168,6 +170,7 @@ impl<S: CredentialStore + Clone> AuthManager<S> {
None => match self.derive_turn_rest_password(&username) {
Some(p) => p,
None => {
warn!("auth reject: unknown user username={} realm={} peer={}", username, realm, peer);
return AuthStatus::Reject {
code: 401,
reason: "Unknown User",
@ -178,6 +181,7 @@ impl<S: CredentialStore + Clone> AuthManager<S> {
let key = self.derive_long_term_key(&username, &password);
if !validate_message_integrity(msg, &key) {
warn!("auth reject: bad credentials username={} realm={} peer={}", username, realm, peer);
return AuthStatus::Reject {
code: 401,
reason: "Bad Credentials",