diff options
| author | Erik Johnston <erikj@jki.re> | 2016-12-05 16:40:58 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-12-05 16:40:58 +0000 |
| commit | 338df4f409558704c2aa816d6f1d4fe7df0f6a6c (patch) | |
| tree | a34c059fdefae5fe2dcc65d3aed8ad622a8a6d2e /synapse | |
| parent | Merge pull request #1668 from pik/bug-console-filter (diff) | |
| parent | Clarify that creds doesn not contain passwords. (diff) | |
| download | synapse-338df4f409558704c2aa816d6f1d4fe7df0f6a6c.tar.xz | |
Merge pull request #1649 from matrix-org/dbkr/log_ui_auth_args
Log the args that we have on UI auth completion
Diffstat (limited to 'synapse')
| -rw-r--r-- | synapse/handlers/auth.py | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 9d8e6f19bc..3b146f09d6 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -162,7 +162,15 @@ class AuthHandler(BaseHandler): for f in flows: if len(set(f) - set(creds.keys())) == 0: - logger.info("Auth completed with creds: %r", creds) + # it's very useful to know what args are stored, but this can + # include the password in the case of registering, so only log + # the keys (confusingly, clientdict may contain a password + # param, creds is just what the user authed as for UI auth + # and is not sensitive). + logger.info( + "Auth completed with creds: %r. Client dict has keys: %r", + creds, clientdict.keys() + ) defer.returnValue((True, creds, clientdict, session['id'])) ret = self._auth_dict_for_flows(flows, session) |