Log the hostname the reCAPTCHA was completed on

This could be useful information to have in the logs. Also comment about how & why we don't verify the hostname.
author: David Baker <dave@matrix.org> 2016-07-22 17:00:56 +0100
committer: David Baker <dave@matrix.org> 2016-07-22 17:00:56 +0100
commit: dad2da7e54a4f0e92185e4f8553fb51b037c0bd3 (patch)
tree: ae0a297aea9640a083e0c2ba9be179c690a559ec
parent: Merge pull request #944 from matrix-org/rav/devices_returns_list (diff)
download: synapse-dad2da7e54a4f0e92185e4f8553fb51b037c0bd3.tar.xz
1 files changed, 11 insertions, 2 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index 8f83923ddb..6fff7e7d03 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -279,8 +279,17 @@ class AuthHandler(BaseHandler):
             data = pde.response
             resp_body = simplejson.loads(data)
 
-        if 'success' in resp_body and resp_body['success']:
-            defer.returnValue(True)
+        if 'success' in resp_body:
+            # Note that we do NOT check the hostname here: we explicitly
+            # intend the CAPTCHA to be presented by whatever client the
+            # user is using, we just care that they have completed a CAPTCHA.
+            logger.info(
+                "%s reCAPTCHA from hostname %s",
+                "Successful" if resp_body['success'] else "Failed",
+                resp_body['hostname']
+            )
+            if resp_body['success']:
+                defer.returnValue(True)
         raise LoginError(401, "", errcode=Codes.UNAUTHORIZED)
 
     @defer.inlineCallbacks
author	David Baker <dave@matrix.org>	2016-07-22 17:00:56 +0100
committer	David Baker <dave@matrix.org>	2016-07-22 17:00:56 +0100
commit	dad2da7e54a4f0e92185e4f8553fb51b037c0bd3 (patch)
tree	ae0a297aea9640a083e0c2ba9be179c690a559ec
parent	Merge pull request #944 from matrix-org/rav/devices_returns_list (diff)
download	synapse-dad2da7e54a4f0e92185e4f8553fb51b037c0bd3.tar.xz