diff --git a/src/backend/InvenTree/users/api.py b/src/backend/InvenTree/users/api.py index 49fed42d40..f0941c3572 100644 --- a/src/backend/InvenTree/users/api.py +++ b/src/backend/InvenTree/users/api.py @@ -1,7 +1,6 @@ """DRF API definition for the 'users' app.""" import datetime -import logging from django.contrib.auth import authenticate, get_user, login, logout from django.contrib.auth.models import Group, User @@ -10,6 +9,7 @@ from django.shortcuts import redirect from django.urls import include, path, re_path, reverse from django.views.generic.base import RedirectView +import structlog from allauth.account import app_settings from allauth.account.adapter import get_adapter from allauth_2fa.utils import user_has_valid_totp_device @@ -48,7 +48,7 @@ from users.serializers import ( RoleSerializer, ) -logger = logging.getLogger('inventree') +logger = structlog.get_logger('inventree') class OwnerList(ListAPI): @@ -239,6 +239,7 @@ class Login(LoginView): _data.update(request.POST.copy()) if not _data.get('mfa', None): + logger.info('No MFA requested - Proceeding') return super().post(request, *args, **kwargs) # Check if login credentials valid @@ -246,10 +247,12 @@ class Login(LoginView): request, username=_data.get('username'), password=_data.get('password') ) if user is None: + logger.info('Invalid login - Aborting') return HttpResponse(status=401) # Check if user has mfa set up if not user_has_valid_totp_device(user): + logger.info('No MFA set up - Proceeding') return super().post(request, *args, **kwargs) # Stage login and redirect to 2fa @@ -261,6 +264,7 @@ class Login(LoginView): 'email': None, 'redirect_url': reverse('platform'), } + logger.info('Redirecting to 2fa - Proceeding') return redirect(reverse('two-factor-authenticate')) def process_login(self): @@ -275,6 +279,7 @@ class Login(LoginView): 'LOGIN_ENFORCE_MFA' ): logout(self.request) + logger.info('User was logged out because MFA is required - Aborting') raise exceptions.PermissionDenied('MFA required for this user') return ret