feat: add ip address in logs when email 2fa token is invalid or not available (#5779)

* Update email.rs

Add ip_src on logs when email 2fa token is invalid or not available
Changes for fail2ban purposes

* Update email.rs

removed current_time

* fix: compile error

---------

Co-authored-by: setsecurity <set.ghost@gmail.com>

src/api/core/two_factor/email.rs

@@ -197,14 +197,20 @@ async fn email(data: Json<EmailData>, headers: Headers, mut conn: DbConn) -> Jso
 }
 
 /// Validate the email code when used as TwoFactor token mechanism
-pub async fn validate_email_code_str(user_id: &UserId, token: &str, data: &str, conn: &mut DbConn) -> EmptyResult {
+pub async fn validate_email_code_str(
+    user_id: &UserId,
+    token: &str,
+    data: &str,
+    ip: &std::net::IpAddr,
+    conn: &mut DbConn,
+) -> EmptyResult {
     let mut email_data = EmailTokenData::from_json(data)?;
     let mut twofactor = TwoFactor::find_by_user_and_type(user_id, TwoFactorType::Email as i32, conn)
         .await
         .map_res("Two factor not found")?;
     let Some(issued_token) = &email_data.last_token else {
         err!(
-            "No token available",
+            format!("No token available! IP: {}", ip),
             ErrorEvent {
                 event: EventType::UserFailedLogIn2fa
             }
@@ -220,7 +226,7 @@ pub async fn validate_email_code_str(user_id: &UserId, token: &str, data: &str,
         twofactor.save(conn).await?;
 
         err!(
-            "Token is invalid",
+            format!("Token is invalid! IP: {}", ip),
             ErrorEvent {
                 event: EventType::UserFailedLogIn2fa
             }

src/api/identity.rs

@@ -575,7 +575,7 @@ async fn twofactor_auth(
             }
         }
         Some(TwoFactorType::Email) => {
-            email::validate_email_code_str(&user.uuid, twofactor_code, &selected_data?, conn).await?
+            email::validate_email_code_str(&user.uuid, twofactor_code, &selected_data?, &ip.ip, conn).await?
         }
 
         Some(TwoFactorType::Remember) => {