does sugar log failed api requests for tokens?

Does Sugar log failed requests for API tokens?

I'd like to see if there were any token requests that failed the authentication step.

thank you,

Francesca

Parents
  • Hi Francesca, 

    To see these logs in Sugar you'll need to increase the log level to Error and then they will be caught in sugarcrm.log like this

    Wrong password error:
    Wed Nov 16 09:43:54 2022 [23][-none-][ERROR] An exception happened: ( 401: need_login)You must specify a valid username and password.


    Wrong platform error: 
    Wed Nov 16 09:44:43 2022 [23][-none-][ERROR] An exception happened: ( 422: invalid_parameter)Invalid platform specified.



    To understand which is the user, the only way I find is to increase the log level to info and observe the queries performed in Sugar against the users table.

    Wed Nov 16 10:05:02 2022 [18][-none-][INFO] Query: SELECT users.id FROM users WHERE (users.user_name = ?) AND (users.deleted = ?) LIMIT 1\nParams: {"1":"ThisWastheUserTryingToLogIn","2":0}\nTypes: {"1":2,"2":5}

    I understand this is not optimal but I hope it helps. 

    André

  • Thank you Andre, I was hoping to backtrace the number of attempted token requests by a given user after a password change. So it's too late to change the log level.

  • Hello Francesca, 

    In the user_preferences table Sugar stores the failed login attempts for each user. 

    Base64 Decode the contents and search for the loginfailed parameter. 

    From my tests this is incremental and it does not reset after a user has a successful login.

Reply Children