diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-08-10 14:41:02 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-08-10 14:41:02 +0300 |
commit | 371b445213a8d38948b655ce16f5b7ccf9ba6e46 (patch) | |
tree | 8e87de1a34abe02fb2dd0d91cc30108f757b0377 | |
parent | 1b7d201e1dd70b04c5f56b730bb466d65dc75bf5 (diff) | |
download | qvisqve-371b445213a8d38948b655ce16f5b7ccf9ba6e46.tar.gz |
Add: log messages for why login fails
-rw-r--r-- | qvisqve/auth_router.py | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/qvisqve/auth_router.py b/qvisqve/auth_router.py index 1dd769d..0313812 100644 --- a/qvisqve/auth_router.py +++ b/qvisqve/auth_router.py @@ -130,14 +130,25 @@ class AuthRouter(qvisqve.Router): qvisqve.log.log( 'trace', msg_text='extracted form parameters', params=params, username=username, password=password, attempt_id=attempt_id) + if None in (username, password, attempt_id): + qvisqve.log.log( + 'error', msg_text='Necessary form field not given', + username=username, password=password, attempt_id=attempt_id) return qvisqve.unauthorized_response('Access denied') if not self._users.is_valid_secret(username, password): + qvisqve.log.log( + 'error', + msg_text='User secret is invalid (username or password wrong)', + username=username, password=password, attempt_id=attempt_id) return qvisqve.unauthorized_response('Access denied') aa = self._attempts.find_by_id(attempt_id) if aa is None: + qvisqve.log.log( + 'error', + msg_text='Attempt ID is unknown', attempt_id=attempt_id) return qvisqve.unauthorized_response('Access denied') aa.set_subject_id(username) @@ -148,6 +159,10 @@ class AuthRouter(qvisqve.Router): redirect_uri = aa.get_redirect_uri() if redirect_uri == '': + qvisqve.log.log( + 'error', + msg_text='redirect_uri is unknown', + redirect_uri=repr(redirect_uri)) return qvisqve.bad_request_response('Bad request') params = { |