Skip to content
Snippets Groups Projects
Verified Commit 2cbdd0bf authored by Peter Stanko's avatar Peter Stanko
Browse files

Auth logging

parent 63291a78
No related branches found
No related tags found
Loading
Pipeline #
......@@ -41,12 +41,16 @@ HANDLERS = {
},
'portal_file': get_logger_file('portal'),
'access_file': get_logger_file('access'),
'auth_file': get_logger_file('auth'),
'storage_file': get_logger_file('storage'),
'flask_file': get_logger_file('flask')
}
LOGGERS = {
'portal': {'handlers': ['console', 'portal_file'], 'level': 'DEBUG', 'propagate': True},
'portal.auth_log': {
'handlers': ['console', 'auth_file'], 'level': 'DEBUG', 'propagate': True
},
'portal.access_log': {
'handlers': ['console', 'access_file'], 'level': 'DEBUG', 'propagate': True
},
......@@ -101,4 +105,8 @@ def get_access_logger(*args, **kwargs):
return logging.getLogger('portal.access_log', *args, **kwargs)
def get_auth_logger(*args, **kwargs):
return logging.getLogger('portal.auth_log', *args, **kwargs)
ACCESS = get_access_logger()
AUTH = get_auth_logger()
......@@ -6,6 +6,7 @@ import logging
from flask_jwt_extended import get_jwt_identity
from portal.database.models import Client
from portal.logger import AUTH
from portal.service import errors
log = logging.getLogger(__name__)
......@@ -37,7 +38,6 @@ class AuthService:
raise errors.PortalAPIError(400, message="Invalid login type.")
identifier = data.get('identifier', None)
secret = data.get('secret', None)
return types[login_type](identifier, secret)
def login_gitlab(self, identifier: str, secret: str) -> Client:
......@@ -50,12 +50,14 @@ class AuthService:
Returns(User): the authenticated user
"""
if secret is None:
AUTH.warning(f"[AUTH] Gitlab: No access token for {identifier}")
raise errors.PortalAPIError(400, 'No gitlab access token found.')
self.validate_gitlab_token(secret, username=identifier)
user = self._rest_service.find.user(identifier, throws=False)
if user is None:
AUTH.warning(f"[AUTH] Gitlab: Invalid access token for {identifier}")
raise errors.InvalidGitlabAccessTokenError()
return user
......@@ -70,11 +72,13 @@ class AuthService:
"""
user = self._rest_service.find.user(identifier, throws=False)
if user is None or secret is None:
AUTH.warning(f"[AUTH] Login: Invalid user or secret for {identifier}")
raise errors.IncorrectCredentialsError()
if user.verify_password(password=secret):
AUTH.info(f"[AUTH] Login successful with password for {identifier}: {user.log_name}")
return user
AUTH.warning(f"[AUTH] Login: Invalid credentials for {identifier}")
raise errors.IncorrectCredentialsError()
def login_secret(self, identifier: str, secret: str) -> Client:
......@@ -89,7 +93,9 @@ class AuthService:
"""
client = self._find_client_helper(identifier)
if client.verify_secret(secret):
AUTH.info(f"[AUTH] Login successful with secret for {identifier}: {client.log_name}")
return client
AUTH.warning(f"[AUTH] Login: Invalid credentials for {identifier}")
raise errors.UnauthorizedError(f"[LOGIN] Invalid secret.")
def validate_gitlab_token(self, token: str, username: str, throws: bool = True):
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment