Commit dec67fa9 authored by ale's avatar ale

leave logging setup to wsgi runner

parent 366f0ae5
......@@ -9,7 +9,6 @@ from flask import Flask, redirect, request, session, render_template, make_respo
from sso_server import login_service
app = Flask('sso_server')
log = logging.getLogger(__name__)
SSO_COOKIE_NAME = '_sso_tkt'
......@@ -99,8 +98,9 @@ def login():
# Form submission, validate CSRF, username and password.
csrf_token = session.pop('_csrf', None)
if not csrf_token or csrf_token != request.form.get('_csrf'):
log.error('CSRF failure, session=%s, form=%s', csrf_token,
request.form.get('_csrf'))
app.logger.error(
'CSRF failure, session=%s, form=%s', csrf_token,
request.form.get('_csrf'))
return show_login_page(params, 'Invalid session')
username = _tostr(request.form.get('username'))
password = _tostr(request.form.get('password'))
......@@ -108,6 +108,8 @@ def login():
if app.config.get('SSO_ENABLE_OTP'):
otp = _tostr(request.form.get('otp'))
if not app.login_service.authenticate(username, password, otp):
app.logger.error(
'authentication failure for user %s', username)
# Authentication failed, show login page again.
return show_login_page(params, 'Authentication failed')
......@@ -122,8 +124,9 @@ def login():
params.destination,
params.groups)
except login_service.Error, e:
log.error('unauthorized access: user=%s, service=%s, dest=%s, '
'err=%s', username, params.service, params.destination, str(e))
app.logger.error(
'unauthorized access for user %s: service=%s, dest=%s, '
'err=%s', username, params.service, params.destination, str(e))
return show_unauthorized_page(e)
# Keep track of the active services.
......
......@@ -131,7 +131,6 @@ class LoginService(object):
"""
self._validate_service_access(service, destination)
groups = self._validate_group_access(username, required_groups)
print 'authorize:', type(username), type(service), type(destination), groups, self.service_ticket_ttl
ticket = sso.Ticket(username, service, self.domain, groups,
self.service_ticket_ttl)
return self.signer.sign(ticket)
......
......@@ -3,6 +3,5 @@
import os
from sso_server import application
application.setup_syslog()
app = application.create_app(
os.getenv('APP_CONFIG', '/etc/sso/config'))
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment