From 93f029cb75c1a68f66d99f71c26656d1a56a0798 Mon Sep 17 00:00:00 2001 From: Michael Kriese Date: Wed, 16 Jul 2025 14:17:06 +0200 Subject: [PATCH] chore: failed authentication attempts are not errors and are displayed at the log info level (#8524) I think those are not errors but simple info messages for admins. I saw them a lot in my logs when no auth was passed to the api calls. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8524 Reviewed-by: Gusted Co-authored-by: Michael Kriese Co-committed-by: Michael Kriese --- routers/api/packages/api.go | 2 +- routers/web/web.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/routers/api/packages/api.go b/routers/api/packages/api.go index c53edfbf96..721f96b768 100644 --- a/routers/api/packages/api.go +++ b/routers/api/packages/api.go @@ -117,7 +117,7 @@ func verifyAuth(r *web.Route, authMethods []auth.Method) { var err error ctx.Doer, err = authGroup.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session) if err != nil { - log.Error("Failed to verify user: %v", err) + log.Info("Failed to verify user: %v", err) ctx.Error(http.StatusUnauthorized, "authGroup.Verify") return } diff --git a/routers/web/web.go b/routers/web/web.go index 4b39f22f7d..6cca2a9f2e 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -117,7 +117,7 @@ func webAuth(authMethod auth_service.Method) func(*context.Context) { return func(ctx *context.Context) { ar, err := common.AuthShared(ctx.Base, ctx.Session, authMethod) if err != nil { - log.Error("Failed to verify user: %v", err) + log.Info("Failed to verify user: %v", err) ctx.Error(http.StatusUnauthorized, ctx.Locale.TrString("auth.unauthorized_credentials", "https://codeberg.org/forgejo/forgejo/issues/2809")) return }