From ee9f136391fe2dbfb1affe0f912769e4b11e0670 Mon Sep 17 00:00:00 2001
From: Janne Koschinski <janne@kuschku.de>
Date: Fri, 16 Sep 2016 02:25:48 +0200
Subject: [PATCH] Added error messages

---
 backend/Database.php | 12 +++++++++---
 login.php            |  2 ++
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/backend/Database.php b/backend/Database.php
index 2f11edb..61857ed 100644
--- a/backend/Database.php
+++ b/backend/Database.php
@@ -137,20 +137,26 @@ class Backend {
     }
 
     public function authenticate(string $username, string $password) : bool {
-        if (!isset($username) || !isset($password))
+        if (!isset($username) || !isset($password)) {
+            syslog(LOG_ERR, "Username or password not set");
             return false;
+        }
 
         $this->findUser->bindParam(":username", $username);
         $this->findUser->execute();
 
         $result = $this->findUser->fetch(\PDO::FETCH_ASSOC);
-        if ($result === FALSE)
+        if ($result === FALSE) {
+            syslog(LOG_ERR, "Couldn’t find user " . $username);
             return false;
+        }
 
         $user = new User($result);
 
-        if (!AuthHelper::initialAuthenticateUser($password, $user->password, $user->hashversion))
+        if (!AuthHelper::initialAuthenticateUser($password, $user->password, $user->hashversion)) {
+            syslog(LOG_ERR, "Password does not match for user ".$username);
             return false;
+        }
 
         $this->user = $user;
         return true;
diff --git a/login.php b/login.php
index 9fa8e2a..1aa44fd 100644
--- a/login.php
+++ b/login.php
@@ -19,6 +19,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_GET['action']) && $_GET['ac
         $session->username = $username;
         $session->password = $password;
         $renderer->redirect('/');
+    } else {
+        syslog(LOG_ERR, "Could not authenticate user " . $username);
     }
 } elseif (isset($_GET['action']) && $_GET['action'] === 'logout') {
     $session->destroy();
-- 
GitLab