Add some auth logging for debugging

42def909 · Arie Peterson · Tin Geber · 5df19b0c · 42def909
Commit 42def909 authored 1 year ago by Arie Peterson Committed by Tin Geber 1 year ago
--- a/backend/web/login/login.py
+++ b/backend/web/login/login.py
@@ -131,6 +131,7 @@ def login():
    """

    # Check if we are logged in:
+    current_app.logger.info("/login: get_auth")
    (identity, auth_response) = get_auth()
    # We ignore the potential `auth_response` in this case: that's for telling
    # the user they have to upgrade their session to include a second factor,
@@ -205,6 +206,7 @@ def login():

    # If we do not have a flow, get one.
    if not flow:
+        current_app.logger.info("No flow found. Redirecting to Kratos to obtain one.")
        return redirect(KRATOS_PUBLIC_URL + "self-service/login/browser")

    # If we end up here, then either:
@@ -249,6 +251,7 @@ def auth():
        abort(400, description="Challenge required when requesting authorization")

    # Check if we are logged in:
+    current_app.logger.info("/auth: get_auth")
    (identity, auth_response) = get_auth()

    if auth_response is not None:
@@ -532,7 +535,7 @@ def get_auth():
            current_app.logger.info("Error in to_session: {}".format(body))
            error_id = body.get('error', {}).get('id')
            if error_id == 'session_aal2_required':
-                current_app.logger.info("2FA requested by Kratos. Redirecting the user.")
+                current_app.logger.info("2FA requested by Kratos. Suggesting to redirect the user.")
                redirect_url = body.get('redirect_browser_to')
                if redirect_url is None:
                    response = None