CBG-3694: Improved logging for failed session auth #7081

bbrks · 2024-08-16T16:05:35Z

2024-08-16T16:33:10.880+01:00 [INF] HTTP: c:#006 db:db POST http://localhost/db/_session (as GUEST)
2024-08-16T16:33:10.882+01:00 [WRN] c:#006 db:db Couldn't create session for user "<ud>pupshaw</ud>": Incorrect password -- rest.(*handler).getUserFromSessionRequestBody() at session_api.go:94
2024-08-16T16:33:10.882+01:00 [INF] HTTP: c:#006 db:db #006:     --> 401 Invalid login  (1.6 ms)
    session_test.go:241: Set-Cookie: 
2024-08-16T16:33:10.882+01:00 [WRN] c:#007 db:db Session not found: <ud>123456abcdef</ud> -- auth.(*Authenticator).AuthenticateCookie() at session.go:43
2024-08-16T16:33:10.882+01:00 [INF] HTTP: c:#007 db:db GET http://localhost/db/
2024-08-16T16:33:10.882+01:00 [INF] HTTP: c:#007 db:db #007:     --> 401 Session Invalid  (0.1 ms)

Depends on CBG-3692: Improved logging for failed basic auth login #7080 for user.AuthenticateWithReason()

Integration Tests

n/a

The base branch was changed.

…h failure cases

* Improve (session) TestLogin to cover happy path and basic session auth failure cases * Log warnings when we're unable to create a session for a user * Cover invalid sessions with logs * Switch to info log level

* CBG-3692: Improved logging for failed basic auth login (#7080) * Add test to cover disabled non-guest user * Add AuthenticateWithReason to User interface/impl * Use AuthenticateWithReason to populate better warning message on basic auth failure * Keep old message format * Coverage for incorrect password logging * Switch to info log level * Update auth/user.go Co-authored-by: Tor Colvin <[email protected]> --------- Co-authored-by: Tor Colvin <[email protected]> * CBG-3693: Improved logging for no-user/no auto-register case in JWT auth (#7082) * CBG-3694: Improved logging for failed session auth (#7081) * Improve (session) TestLogin to cover happy path and basic session auth failure cases * Log warnings when we're unable to create a session for a user * Cover invalid sessions with logs * Switch to info log level --------- Co-authored-by: Tor Colvin <[email protected]>

bbrks changed the title ~~CBG-3694: Improved logging for create session failures~~ CBG-3694: Improved logging for failed session auth Aug 19, 2024

torcolvin self-assigned this Aug 19, 2024

torcolvin previously approved these changes Aug 19, 2024

View reviewed changes

torcolvin assigned bbrks and unassigned torcolvin Aug 19, 2024

Base automatically changed from CBG-3692 to main August 20, 2024 11:50

bbrks added 4 commits August 20, 2024 12:57

Improve (session) TestLogin to cover happy path and basic session aut…

4b96ce9

…h failure cases

Log warnings when we're unable to create a session for a user

20eef27

Cover invalid sessions with logs

175ce98

Switch to info log level

7297b9f

bbrks force-pushed the CBG-3694 branch from 93aae85 to 7297b9f Compare August 20, 2024 11:58

gregns1 approved these changes Aug 20, 2024

View reviewed changes

gregns1 enabled auto-merge (squash) August 20, 2024 12:05

gregns1 merged commit fa2ebaf into main Aug 20, 2024
39 of 40 checks passed

gregns1 deleted the CBG-3694 branch August 20, 2024 12:25

bbrks mentioned this pull request Sep 26, 2024

[3.2.1 Backport] CBG-4176: Improved Auth Failed Logging #7131

Merged

1 task

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CBG-3694: Improved logging for failed session auth #7081

CBG-3694: Improved logging for failed session auth #7081

bbrks commented Aug 16, 2024 •

edited

Loading

CBG-3694: Improved logging for failed session auth #7081

CBG-3694: Improved logging for failed session auth #7081

Conversation

bbrks commented Aug 16, 2024 • edited Loading

Integration Tests

bbrks commented Aug 16, 2024 •

edited

Loading