fix creating login records for user failed (#2572)

Signed-off-by: Jeff <zw0948@gmail.com>

Co-authored-by: hongming <talonwan@yunify.com>

pkg/apiserver/filters/authentication.go

@@ -44,13 +44,14 @@ func WithAuthentication(handler http.Handler, auth authenticator.Request, loginR
 		if err != nil || !ok {
 			if err != nil {
 				klog.Errorf("Unable to authenticate the request due to error: %v", err)
-				if err == im.AuthFailedIncorrectPassword { // log failed login attempts
-					go func() {
-						if loginRecorder != nil && resp != nil {
-							err = loginRecorder.RecordLogin(resp.User.GetName(), err, req)
-							klog.Errorf("Failed to record unsuccessful login attempt for user %s", resp.User.GetName())
+				if err.Error() == im.AuthFailedIncorrectPassword.Error() { // log failed login attempts
+					username, _, _ := req.BasicAuth()
+					go func(user string) {
+						if loginRecorder != nil && len(user) != 0 {
+							err = loginRecorder.RecordLogin(user, err, req)
+							klog.Errorf("Failed to record unsuccessful login attempt for user %s", user)
 						}
-					}()
+					}(username)
 				}
 			}
 

pkg/models/iam/im/authenticator.go

@@ -77,7 +77,7 @@ func (im *passwordAuthenticator) Authenticate(username, password string) (authus
 	// no identity provider
 	// even auth failed, still return username to record login attempt
 	if user == nil && (providerOptions == nil || providerOptions.MappingMethod != oauth.MappingMethodAuto) {
-		return &authuser.DefaultInfo{Name: user.Name}, AuthFailedIncorrectPassword
+		return nil, AuthFailedIncorrectPassword
 	}
 
 	if user != nil && user.Status.State != iamv1alpha2.UserActive {

pkg/models/iam/im/login_recoder.go

@@ -43,7 +43,6 @@ func NewLoginRecorder(ksClient kubesphere.Interface) LoginRecorder {
 }
 
 func (l *loginRecorder) RecordLogin(username string, authErr error, req *http.Request) error {
-
 	loginEntry := &iamv1alpha2.LoginRecord{
 		ObjectMeta: metav1.ObjectMeta{
 			GenerateName: fmt.Sprintf("%s-", username),