Thread the request context through CheckUserCredentials so the LoginFailedEvent carries IP, user agent and request id — without it, failed logins were the one auth event useless for brute-force tracing. All four callers have the request at hand. |
||
|---|---|---|
| .. | ||
| auth.go | ||
| handler.go | ||
| listStorageProvider.go | ||
| listStorageProvider_test.go | ||
| main_test.go | ||