flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity

Merge pull request #422 from ThomasWaldmann/logging

Browse Source 
improve logging
This commit is contained in:
TW 2019-04-09 21:18:47 +02:00 committed by GitHub
commit 00ca1a236c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/nsupdate/api/views.py
View File

@ -146,6 +146,8 @@ def check_api_auth(username, password):
try: try:
host = Host.get_by_fqdn(fqdn) host = Host.get_by_fqdn(fqdn)
except ValueError: except ValueError:
# logging this at debug level because otherwise it fills our logs...
logger.debug('%s - received bad credentials (auth username == dyndns hostname not in our hosts DB)' % (fqdn, ))
return None return None
if host is not None: if host is not None:
ok = check_password(password, host.update_secret) ok = check_password(password, host.update_secret)
@ -154,6 +156,9 @@ def check_api_auth(username, password):
host.register_api_auth_result(msg, fault=not ok) host.register_api_auth_result(msg, fault=not ok)
if ok: if ok:
return host return host
# in case this fills our logs and we never see valid credentials, we can just kill
# the DB entry and this will fail earlier and get logged at debug level, see above.
logger.warning('%s - received bad credentials (password does not match)' % (fqdn, ))
return None return None
@ -206,7 +211,8 @@ class NicUpdateView(View):
hostname = request.GET.get('hostname') hostname = request.GET.get('hostname')
auth = request.META.get('HTTP_AUTHORIZATION') auth = request.META.get('HTTP_AUTHORIZATION')
if auth is None: if auth is None:
logger.warning('%s - received no auth' % (hostname, )) # logging this at debug level because otherwise it fills our logs...
logger.debug('%s - received no auth' % (hostname, ))
return basic_challenge("authenticate to update DNS", 'badauth') return basic_challenge("authenticate to update DNS", 'badauth')
username, password = basic_authenticate(auth) username, password = basic_authenticate(auth)
if '.' not in username: # username MUST be the fqdn if '.' not in username: # username MUST be the fqdn
@ -214,7 +220,6 @@ class NicUpdateView(View):
return Response('notfqdn') return Response('notfqdn')
host = check_api_auth(username, password) host = check_api_auth(username, password)
if host is None: if host is None:
logger.warning('%s - received bad credentials, username: %s' % (hostname, username, ))
return basic_challenge("authenticate to update DNS", 'badauth') return basic_challenge("authenticate to update DNS", 'badauth')
logger.info("authenticated by update secret for host %s" % username) logger.info("authenticated by update secret for host %s" % username)
if hostname is None: if hostname is None: