forked from MirrorHub/synapse
Log login requests
Carefully though, to avoid logging passwords
This commit is contained in:
parent
99354b430e
commit
59e7e62c4b
1 changed files with 10 additions and 0 deletions
|
@ -166,6 +166,16 @@ class LoginRestServlet(ClientV1RestServlet):
|
||||||
Returns:
|
Returns:
|
||||||
(int, object): HTTP code/response
|
(int, object): HTTP code/response
|
||||||
"""
|
"""
|
||||||
|
# Log the request we got, but only certain fields to minimise the chance of
|
||||||
|
# logging someone's password (even if they accidentally put it in the wrong
|
||||||
|
# field)
|
||||||
|
logger.info(
|
||||||
|
"Got login request with identifier: %r, medium: %r, address: %r, user: %r",
|
||||||
|
login_submission.get('identifier'),
|
||||||
|
login_submission.get('medium'),
|
||||||
|
login_submission.get('address'),
|
||||||
|
login_submission.get('user'),
|
||||||
|
);
|
||||||
login_submission_legacy_convert(login_submission)
|
login_submission_legacy_convert(login_submission)
|
||||||
|
|
||||||
if "identifier" not in login_submission:
|
if "identifier" not in login_submission:
|
||||||
|
|
Loading…
Reference in a new issue