From 42def90931b9129f0e7a899c1ce4a2f0e15c35d7 Mon Sep 17 00:00:00 2001
From: Arie Peterson <arie@greenhost.nl>
Date: Thu, 16 Nov 2023 11:29:04 +0100
Subject: [PATCH] Add some auth logging for debugging

---
 backend/web/login/login.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/backend/web/login/login.py b/backend/web/login/login.py
index 7034eb9e..6198d851 100644
--- a/backend/web/login/login.py
+++ b/backend/web/login/login.py
@@ -131,6 +131,7 @@ def login():
     """
 
     # Check if we are logged in:
+    current_app.logger.info("/login: get_auth")
     (identity, auth_response) = get_auth()
     # We ignore the potential `auth_response` in this case: that's for telling
     # the user they have to upgrade their session to include a second factor,
@@ -205,6 +206,7 @@ def login():
 
     # If we do not have a flow, get one.
     if not flow:
+        current_app.logger.info("No flow found. Redirecting to Kratos to obtain one.")
         return redirect(KRATOS_PUBLIC_URL + "self-service/login/browser")
 
     # If we end up here, then either:
@@ -249,6 +251,7 @@ def auth():
         abort(400, description="Challenge required when requesting authorization")
 
     # Check if we are logged in:
+    current_app.logger.info("/auth: get_auth")
     (identity, auth_response) = get_auth()
 
     if auth_response is not None:
@@ -532,7 +535,7 @@ def get_auth():
             current_app.logger.info("Error in to_session: {}".format(body))
             error_id = body.get('error', {}).get('id')
             if error_id == 'session_aal2_required':
-                current_app.logger.info("2FA requested by Kratos. Redirecting the user.")
+                current_app.logger.info("2FA requested by Kratos. Suggesting to redirect the user.")
                 redirect_url = body.get('redirect_browser_to')
                 if redirect_url is None:
                     response = None
-- 
GitLab