Log keystore.Open on successful login

7c359bdb · ale · a7e8bbce · 7c359bdb
Commit 7c359bdb authored 6 years ago by ale
--- a/server/http.go
+++ b/server/http.go
@@ -146,15 +146,17 @@ func New(loginService *LoginService, authClient authclient.Client, config *Confi
 }

 func (h *Server) loginCallback(w http.ResponseWriter, req *http.Request, username, password string, userinfo *auth.UserInfo) error {
-	log.Printf("successful login for user %s", username)
-
 	// Open the keystore for this user with the password used to
 	// authenticate. Set the TTL to the duration of the
 	// authenticated session.
+	var kmsg string
 	if h.keystore != nil {
 		var shard string
 		if userinfo != nil {
 			shard = userinfo.Shard
+			kmsg = fmt.Sprintf(" (unlocked key on shard %s)", shard)
+		} else {
+			kmsg = " (unlocked key)"
 		}
 		if err := h.keystore.Open(req.Context(), shard, username, password, int(h.authSessionLifetime.Seconds())); err != nil {
 			log.Printf("failed to unlock keystore for user %s: %v", username, err)
@@ -162,6 +164,8 @@ func (h *Server) loginCallback(w http.ResponseWriter, req *http.Request, usernam
 		}
 	}

+	log.Printf("successful login for user %s%s", username, kmsg)
+
 	// Create cookie-based session for the authenticated user.
 	session := newAuthSession(h.authSessionLifetime, username, userinfo)
 	httpSession, _ := h.authSessionStore.Get(req, authSessionKey) // nolint