From 273b36c54c7bc2b9cf7e6e135bb75528c7c6a08c Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Thu, 20 Apr 2023 09:13:59 +0200
Subject: Show REMOTE_ADDR in case of HTTP Basic Auth error (#5314)

* Show REMOTE_ADDR in case of HTTP Basic Auth error
https://github.com/FreshRSS/FreshRSS/issues/5300

* Remove obsolete TODO
---
 app/Controllers/authController.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'app/Controllers/authController.php')

diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index fa5cb0d53..b54953b1d 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -14,8 +14,6 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 	 *   - auth_type (default: none)
 	 *   - unsafe_autologin (default: false)
 	 *   - api_enabled (default: false)
-	 *
-	 * @todo move unsafe_autologin in an extension.
 	 */
 	public function indexAction(): void {
 		if (!FreshRSS_Auth::hasAccess('admin')) {
@@ -77,7 +75,8 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController {
 				break;
 			case 'http_auth':
 				Minz_Error::error(403, array('error' => array(_t('feedback.access.denied'),
-						' [HTTP Remote-User=' . htmlspecialchars(httpAuthUser(), ENT_NOQUOTES, 'UTF-8') . ']'
+						' [HTTP Remote-User=' . htmlspecialchars(httpAuthUser(), ENT_NOQUOTES, 'UTF-8') .
+						' ; Remote IP address=' . ($_SERVER['REMOTE_ADDR'] ?? '') . ']'
 					)), false);
 				break;
 			case 'none':
-- 
cgit v1.2.3