Error handler should not capture exceptions in DEBUG mode

[silentninja]

Description

Based on the conclusion from the discussion.

Improve backend's debugability via two changes:

1. when backend is in debug-mode, add a pretty-printed stacktrace alongside the current error JSON;
2. stop wrapping unhandled exceptions in 4999 errors.

For some context, we're catching backend exceptions and wrapping them in custom errors so as to provide a uniform error interface to API clients. As it is now it has detrimental effects on debugging, because the resulting error messages don't include stacktraces. Above changes aim to address that.

[dmos62]

Made changes to top post to include changes decided upon in linked discussion.

[vorakunal]

May I work on this issue?

[kgodey]

Go ahead @vorakunal, thanks!

[kgodey]

@vorakunal Are you still working on this?

[kgodey]

Unassigned due to inactivity.

[aadityasinha-dotcom]

Can I work on this issue?

[kgodey]

Yes, go ahead @aadityasinha-dotcom. Thanks for your interest!

[DavidKratochvila]

I'd like to try to solve this issue, if it's still available.

[kgodey]

Sure, go ahead @DavidKratochvila

[IyadElwy]

@kgodey @silentninja
I'm currently looking into this issue.
I've tried a couple of things but here's an example of an error before and after my changes.

Before:

[
    {
        "code": 4004,
        "message": "CSRF Failed: CSRF token missing or incorrect.",
        "details": {
            "exception": "CSRF Failed: CSRF token missing or incorrect."
        }
    }
]

After:

[
    {
        "code": 4004,
        "message": "CSRF Failed: CSRF token missing or incorrect.",
        "details": {
            "exception": "CSRF Failed: CSRF token missing or incorrect."
        },
        "stacktrace": [
            "  File \"/usr/local/lib/python3.9/site-packages/rest_framework/views.py\", line 497, in dispatch",
            "    self.initial(request, *args, **kwargs)",
            "  File \"/usr/local/lib/python3.9/site-packages/rest_framework/views.py\", line 414, in initial",
            "    self.perform_authentication(request)",
            "  File \"/usr/local/lib/python3.9/site-packages/rest_framework/views.py\", line 324, in perform_authentication",
            "    request.user",
            "  File \"/usr/local/lib/python3.9/site-packages/rest_framework/request.py\", line 227, in user",
            "    self._authenticate()",
            "  File \"/usr/local/lib/python3.9/site-packages/rest_framework/request.py\", line 380, in _authenticate",
            "    user_auth_tuple = authenticator.authenticate(self)",
            "  File \"/usr/local/lib/python3.9/site-packages/rest_framework/authentication.py\", line 130, in authenticate",
            "    self.enforce_csrf(request)",
            "  File \"/usr/local/lib/python3.9/site-packages/rest_framework/authentication.py\", line 148, in enforce_csrf",
            "    raise exceptions.PermissionDenied('CSRF Failed: %s' % reason)",
            "rest_framework.exceptions.PermissionDenied: CSRF Failed: CSRF token missing or incorrect."
        ]
    }
]

This way, when running on Debug mode the developer gets a lot more to work with, which was the intended goal after all. I'm still working on making it better but would appreciate anyone telling me if I'm on the right track and or giving any feedback in general.

[IyadElwy]

You could assign me to the issue and I'll continue working on it.
I think a good addition to the stacktrace would be numbering so I added line numbers for a better visualization.

[
    {
        "code": 4004,
        "message": "CSRF Failed: CSRF token missing or incorrect.",
        "details": {
            "exception": "CSRF Failed: CSRF token missing or incorrect."
        },
        "stacktrace": [
            "1. File \"/usr/local/lib/python3.9/site-packages/rest_framework/views.py\", line 497, in dispatch",
            "2. self.initial(request, *args, **kwargs)",
            "3. File \"/usr/local/lib/python3.9/site-packages/rest_framework/views.py\", line 414, in initial",
            "4. self.perform_authentication(request)",
            "5. File \"/usr/local/lib/python3.9/site-packages/rest_framework/views.py\", line 324, in perform_authentication",
            "6. request.user",
            "7. File \"/usr/local/lib/python3.9/site-packages/rest_framework/request.py\", line 227, in user",
            "8. self._authenticate()",
            "9. File \"/usr/local/lib/python3.9/site-packages/rest_framework/request.py\", line 380, in _authenticate",
            "10. user_auth_tuple = authenticator.authenticate(self)",
            "11. File \"/usr/local/lib/python3.9/site-packages/rest_framework/authentication.py\", line 130, in authenticate",
            "12. self.enforce_csrf(request)",
            "13. File \"/usr/local/lib/python3.9/site-packages/rest_framework/authentication.py\", line 148, in enforce_csrf",
            "14. raise exceptions.PermissionDenied('CSRF Failed: %s' % reason)",
            "15. rest_framework.exceptions.PermissionDenied: CSRF Failed: CSRF token missing or incorrect."
        ]
    }
]

I added a Draft PR so that anyone could add comments, etc.

[silentninja]

@IyadElwy That looks pretty neat and you are certainly on the right track. Thanks! for the PR, I will take a look at it.