From 5872807308ffea41b0cbac36cc1771de056089a1 Mon Sep 17 00:00:00 2001
From: Ahmad Farhat <ahmad.af.farhat@gmail.com>
Date: Tue, 1 Jun 2021 17:18:48 -0400
Subject: [PATCH] Added failed login logging (#2746)

---
 app/controllers/sessions_controller.rb | 7 +++++--
 app/models/user.rb                     | 2 +-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 2e04ac76..e131a845 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -79,8 +79,11 @@ class SessionsController < ApplicationController
     return switch_account_to_local(user) if !is_super_admin && auth_changed_to_local?(user)
 
     # Check correct password was entered
-    return redirect_to(signin_path, alert: I18n.t("invalid_credentials")) unless user.try(:authenticate,
-      session_params[:password])
+    unless user.try(:authenticate, session_params[:password])
+      logger.info "Support: #{session_params[:email]} login failed."
+      return redirect_to(signin_path, alert: I18n.t("invalid_credentials"))
+    end
+
     # Check that the user is not deleted
     return redirect_to root_path, flash: { alert: I18n.t("registration.banned.fail") } if user.deleted?
 
diff --git a/app/models/user.rb b/app/models/user.rb
index 3ad99d4c..a8a18bbe 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -238,7 +238,7 @@ class User < ApplicationRecord
   def check_domain
     if Rails.configuration.require_email_domain.any? && !email.end_with?(*Rails.configuration.require_email_domain)
       errors.add(:email, I18n.t("errors.messages.domain",
-        email_domain: Rails.configuration.require_email_domain.join('" ' + I18n.t("modal.login.or") + ' "')))
+        email_domain: Rails.configuration.require_email_domain.join("\" #{I18n.t('modal.login.or')} \"")))
     end
   end