From f681aab895b536d0eef33f330f49e75517fbaf7f Mon Sep 17 00:00:00 2001 From: David Baker Date: Thu, 24 Nov 2016 10:11:45 +0000 Subject: [PATCH 1/2] Log the args that we have on UI auth completion This will be super helpful for debugging if we have more registration woes. --- synapse/handlers/auth.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index a2866af43..91b3bde2f 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -162,7 +162,13 @@ class AuthHandler(BaseHandler): for f in flows: if len(set(f) - set(creds.keys())) == 0: - logger.info("Auth completed with creds: %r", creds) + # it's very useful to know what args are stored, but this can + # include the password in the case of registering, so only log + # the keys. + logger.info( + "Auth completed with creds: %r. Client dict has keys: %r", + creds, clientdict.keys() + ) defer.returnValue((True, creds, clientdict, session['id'])) ret = self._auth_dict_for_flows(flows, session) From c9d4e7b71646806d785e9831a2566799334af597 Mon Sep 17 00:00:00 2001 From: David Baker Date: Thu, 24 Nov 2016 10:54:59 +0000 Subject: [PATCH 2/2] Clarify that creds doesn not contain passwords. --- synapse/handlers/auth.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 91b3bde2f..51e7616fc 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -164,7 +164,9 @@ class AuthHandler(BaseHandler): if len(set(f) - set(creds.keys())) == 0: # it's very useful to know what args are stored, but this can # include the password in the case of registering, so only log - # the keys. + # the keys (confusingly, clientdict may contain a password + # param, creds is just what the user authed as for UI auth + # and is not sensitive). logger.info( "Auth completed with creds: %r. Client dict has keys: %r", creds, clientdict.keys()