fix: Drop auth failure logger

Author: MohamedBassem

apps/web/server/auth.ts

@@ -9,7 +9,6 @@ import NextAuth, {
 import { Adapter as NextAuthAdapater } from "next-auth/adapters";
 import CredentialsProvider from "next-auth/providers/credentials";
 import { Provider } from "next-auth/providers/index";
-import requestIp from "request-ip";
 
 import { db } from "@karakeep/db";
 import {
@@ -19,7 +18,7 @@ import {
   verificationTokens,
 } from "@karakeep/db/schema";
 import serverConfig from "@karakeep/shared/config";
-import { logAuthenticationError, validatePassword } from "@karakeep/trpc/auth";
+import { validatePassword } from "@karakeep/trpc/auth";
 import { createUserRaw } from "@karakeep/trpc/routers/users";
 
 type UserRole = "admin" | "user";
@@ -100,7 +99,7 @@ const providers: Provider[] = [
       email: { label: "Email", type: "email", placeholder: "Email" },
       password: { label: "Password", type: "password" },
     },
-    async authorize(credentials, req) {
+    async authorize(credentials) {
       if (!credentials) {
         return null;
       }
@@ -110,13 +109,7 @@ const providers: Provider[] = [
           credentials?.email,
           credentials?.password,
         );
-      } catch (e) {
-        const error = e as Error;
-        logAuthenticationError(
-          credentials?.email,
-          error.message,
-          requestIp.getClientIp({ headers: req.headers }),
-        );
+      } catch {
         return null;
       }
     },

packages/shared/logger.ts

@@ -15,22 +15,3 @@ const logger = winston.createLogger({
 });
 
 export default logger;
-
-export const authFailureLogger = winston.createLogger({
-  level: "debug",
-  format: winston.format.combine(
-    winston.format.timestamp(),
-    winston.format.printf(
-      (info) => `${info.timestamp} ${info.level}: ${info.message}`,
-    ),
-  ),
-  transports: [
-    new winston.transports.Console(),
-    new winston.transports.File({
-      filename: "auth_failures.log",
-      dirname: serverConfig.dataDir,
-      maxFiles: 2,
-      maxsize: 1024 * 1024,
-    }),
-  ],
-});

packages/trpc/auth.ts

@@ -4,7 +4,6 @@ import * as bcrypt from "bcryptjs";
 import { db } from "@karakeep/db";
 import { apiKeys } from "@karakeep/db/schema";
 import serverConfig from "@karakeep/shared/config";
-import { authFailureLogger } from "@karakeep/shared/logger";
 
 // API Keys
 
@@ -116,13 +115,3 @@ export async function validatePassword(email: string, password: string) {
 
   return user;
 }
-
-export function logAuthenticationError(
-  user: string,
-  message: string,
-  ip: string | null,
-): void {
-  authFailureLogger.error(
-    `Authentication error. User: "${user}", Message: "${message}", IP-Address: "${ip}"`,
-  );
-}

packages/trpc/routers/apiKeys.ts

@@ -5,12 +5,7 @@ import { z } from "zod";
 import { apiKeys } from "@karakeep/db/schema";
 import serverConfig from "@karakeep/shared/config";
 
-import {
-  authenticateApiKey,
-  generateApiKey,
-  logAuthenticationError,
-  validatePassword,
-} from "../auth";
+import { authenticateApiKey, generateApiKey, validatePassword } from "../auth";
 import {
   authedProcedure,
   createRateLimitMiddleware,
@@ -90,7 +85,7 @@ export const apiKeysAppRouter = router({
       }),
     )
     .output(zApiKeySchema)
-    .mutation(async ({ input, ctx }) => {
+    .mutation(async ({ input }) => {
       let user;
       // Special handling as otherwise the extension would show "username or password is wrong"
       if (serverConfig.auth.disablePasswordAuth) {
@@ -101,9 +96,7 @@ export const apiKeysAppRouter = router({
       }
       try {
         user = await validatePassword(input.email, input.password);
-      } catch (e) {
-        const error = e as Error;
-        logAuthenticationError(input.email, error.message, ctx.req.ip);
+      } catch {
         throw new TRPCError({ code: "UNAUTHORIZED" });
       }
       return await generateApiKey(input.keyName, user.id);
@@ -118,16 +111,10 @@ export const apiKeysAppRouter = router({
     ) // 30 requests per minute
     .input(z.object({ apiKey: z.string() }))
     .output(z.object({ success: z.boolean() }))
-    .mutation(async ({ input, ctx }) => {
-      try {
-        await authenticateApiKey(input.apiKey); // Throws if the key is invalid
-        return {
-          success: true,
-        };
-      } catch (e) {
-        const error = e as Error;
-        logAuthenticationError("<unknown>", error.message, ctx.req.ip);
-        throw e;
-      }
+    .mutation(async ({ input }) => {
+      await authenticateApiKey(input.apiKey); // Throws if the key is invalid
+      return {
+        success: true,
+      };
     }),
 });