From a0a93185993d2b49ce7d2909c166bb7a84e20865 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Sun, 9 Nov 2014 17:09:59 +0000
Subject: [PATCH] improve logging of auth events

---
 authserv/app_main.py  | 16 ++++++++++------
 authserv/app_nginx.py | 10 ++++++----
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/authserv/app_main.py b/authserv/app_main.py
index 922dc4a..4e53de9 100644
--- a/authserv/app_main.py
+++ b/authserv/app_main.py
@@ -31,18 +31,22 @@ def api_auth():
     check_ratelimit(request, username, source_ip)
 
     try:
-        result, errmsg, unused_shard = do_auth(
+        auth_status, errmsg, unused_shard = do_auth(
             username, service, shard, password, otp_token, source_ip)
     except Exception, e:
         app.logger.exception('Unexpected exception in authenticate()')
         abort(500)
 
-    app.logger.info(
-        'AUTH %s %s %s otp=%s%s',
-        username, service, result, otp_token and 'y' or 'n',
-        (' err=%s' % errmsg) if errmsg else '')
+    # Build a nice log message.
+    log_parts = [username, service, auth_status]
+    log_parts.append('otp=%s' % (otp_token and 'y' or 'n'))
+    if shard:
+        log_parts.append('shard=%s' % shard)
+    if errmsg:
+        log_parts.append('err=%s' % errmsg)
+    app.logger.info('AUTH %s', ' '.join(log_parts))
 
-    response = make_response(result)
+    response = make_response(auth_status)
     response.headers['Cache-Control'] = 'no-cache'
     response.headers['Content-Type'] = 'text/plain'
     response.headers['Expires'] = '-1'
diff --git a/authserv/app_nginx.py b/authserv/app_nginx.py
index 905c3c9..f9dae60 100644
--- a/authserv/app_nginx.py
+++ b/authserv/app_nginx.py
@@ -40,10 +40,12 @@ def do_nginx_http_auth():
         app.logger.exception('Unexpected exception in authenticate()')
         abort(500)
 
-    app.logger.info(
-        'NGINX_AUTH %s %s %s shard=%s%s',
-        username, service, auth_status, shard,
-        (' err=%s' % errmsg) if errmsg else '')
+    log_parts = [username, service, auth_status]
+    if shard:
+        log_parts.append('-> shard=%s' % shard)
+    if errmsg:
+        log_parts.append('err=%s' % errmsg)
+    app.logger.info('NGINX_AUTH %s', ' '.join(log_parts))
 
     response = make_response('')
     if auth_status == 'OK':
-- 
GitLab