better logging

This commit is contained in:
TuxCoder 2020-06-21 11:52:37 +02:00
parent 78c51b7206
commit 04ecd27532
2 changed files with 10 additions and 2 deletions

View file

@ -16,12 +16,15 @@ import http
import crypt import crypt
import ory_hydra_client import ory_hydra_client
from datetime import datetime from datetime import datetime
import logging
from ..model import db, User, SecurityUser, UserSignUp from ..model import db, User, SecurityUser, UserSignUp
from ..form.auth import ConsentForm, LoginForm, RegistrationForm from ..form.auth import ConsentForm, LoginForm, RegistrationForm
from ..auth_providers import AUTH_PROVIDER_LIST from ..auth_providers import AUTH_PROVIDER_LIST
logger = logging.getLogger(__name__)
auth_views = Blueprint('auth', __name__, url_prefix='/auth') auth_views = Blueprint('auth', __name__, url_prefix='/auth')
@ -36,8 +39,12 @@ def consent():
try: try:
consent_request = current_app.hydra_api.get_consent_request( consent_request = current_app.hydra_api.get_consent_request(
request.args['consent_challenge']) request.args['consent_challenge'])
except ory_hydra_client.exceptions.ApiException: except ory_hydra_client.exceptions.ApiValueError:
return redirect(url_for('frontend.index')) logger.info(f' ory exception {e}')
#return redirect(url_for('frontend.index'))
except ory_hydra_client.exceptions.ApiException as e:
logger.fatal(f'ory exception {e}',e)
raise e
requested_scope = consent_request.requested_scope requested_scope = consent_request.requested_scope
requested_audiences = consent_request.requested_access_token_audience requested_audiences = consent_request.requested_access_token_audience

View file

@ -32,6 +32,7 @@ def before_request():
try: try:
resp = current_app.oauth.session.get('/userinfo') resp = current_app.oauth.session.get('/userinfo')
if not current_user.is_authenticated or resp.status_code is not 200: if not current_user.is_authenticated or resp.status_code is not 200:
logger.info('user not logged in redirect')
return redirect_login() return redirect_login()
except TokenExpiredError: except TokenExpiredError:
return redirect_login() return redirect_login()