diff options
Diffstat (limited to 'synapse/api/auth.py')
| -rw-r--r-- | synapse/api/auth.py | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py index a182ce22db..39d4ac33b4 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -195,6 +195,7 @@ class Auth: if user_id: request.authenticated_entity = user_id opentracing.set_tag("authenticated_entity", user_id) + opentracing.set_tag("target_user", user_id) opentracing.set_tag("appservice_id", app_service.id) if ip_addr and self._track_appservice_user_ips: @@ -218,8 +219,9 @@ class Auth: # Deny the request if the user account has expired. if self._account_validity.enabled and not allow_expired: - user_id = user.to_string() - if await self.store.is_account_expired(user_id, self.clock.time_msec()): + if await self.store.is_account_expired( + user_info.user_id, self.clock.time_msec() + ): raise AuthError( 403, "User account has expired", errcode=Codes.EXPIRED_ACCOUNT ) @@ -228,7 +230,7 @@ class Auth: if access_token and ip_addr: await self.store.insert_client_ip( - user_id=user.to_string(), + user_id=user_info.token_owner, access_token=access_token, ip=ip_addr, user_agent=user_agent, @@ -242,8 +244,10 @@ class Auth: errcode=Codes.GUEST_ACCESS_FORBIDDEN, ) - request.authenticated_entity = user.to_string() - opentracing.set_tag("authenticated_entity", user.to_string()) + request.authenticated_entity = user_info.token_owner + request.target_user = user_info.user_id + opentracing.set_tag("authenticated_entity", user_info.token_owner) + opentracing.set_tag("target_user", user_info.user_id) if device_id: opentracing.set_tag("device_id", device_id) @@ -254,6 +258,7 @@ class Auth: shadow_banned, device_id, app_service=app_service, + authenticated_entity=user_info.token_owner, ) except KeyError: raise MissingClientTokenError() |