From f57768fdea4372cbf4c2e5e7840270011264d10b Mon Sep 17 00:00:00 2001
From: Jim Ewald <jewald@parallax.com>
Date: Wed, 21 Mar 2018 07:38:51 -0700
Subject: [PATCH] Add logging details for authetication errors.

---
 Failures.py                     | 14 +++++++-------
 app/Authenticate/controllers.py |  8 ++++----
 app/__init__.py                 |  4 +++-
 3 files changed, 14 insertions(+), 12 deletions(-)

diff --git a/Failures.py b/Failures.py
index c97b29c..1f2a780 100644
--- a/Failures.py
+++ b/Failures.py
@@ -12,7 +12,7 @@ def unknown_user_id(id_user):
 
 
 def unknown_user_email(email):
-    logging.debug('Failures: Unknown user: %s', email)
+    logging.debug('Failures: Unknown user email: %s', email)
     return {
                'success': False,
                'message': 'Unknown user',
@@ -41,8 +41,8 @@ def email_already_in_use(email):
            }, 500
 
 
-def email_not_confirmed():
-    logging.debug('Failures: Email not confirmed')
+def email_not_confirmed(email):
+    logging.debug('Failures: Email %s not confirmed', email)
     return {
                'success': False,
                'message': 'Email not confirmed',
@@ -50,8 +50,8 @@ def email_not_confirmed():
            }, 401
 
 
-def user_blocked():
-    logging.debug('Failures: User blocked')
+def user_blocked(email):
+    logging.debug('Failures: User %s blocked', email)
     return {
                'success': False,
                'message': 'User is blocked',
@@ -113,8 +113,8 @@ def rate_exceeded(time):
            }, 500
 
 
-def wrong_password():
-    logging.debug('Failures: Wrong password')
+def wrong_password(email):
+    logging.debug('Failures: Wrong password for %s', email)
     return {
                'success': False,
                'message': 'Wrong password',
diff --git a/app/Authenticate/controllers.py b/app/Authenticate/controllers.py
index efc02a6..5a315ec 100644
--- a/app/Authenticate/controllers.py
+++ b/app/Authenticate/controllers.py
@@ -41,9 +41,9 @@ def post(self):
         if user is None:
             return Failures.unknown_user_email(email)
         if not user.confirmed:
-            return Failures.email_not_confirmed()
+            return Failures.email_not_confirmed(email)
         if user.blocked:
-            return Failures.user_blocked()
+            return Failures.user_blocked(email)
         if user.auth_source != 'local':
             return Failures.wrong_auth_source(user.auth_source)
 
@@ -53,11 +53,11 @@ def post(self):
         if not user_services.check_password(user.id, password):
             rate_limiting_services.consume_tokens(user.id, 'failed-password', 1)
             db.session.commit()
-            return Failures.wrong_password()
+            return Failures.wrong_password(email)
 
         db.session.commit()
 
-        logging.info('Authenticate-controller: Authenticate: success: %s', user.id)
+        logging.info('Authenticate-controller: Authenticate: success: %s', email)
 
         return {'success': True, 'user': {
             'id': user.id,
diff --git a/app/__init__.py b/app/__init__.py
index 3a17c7f..5f213b3 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -24,11 +24,13 @@
 app = Flask(__name__)
 
 # Application version (major,minor,patch-level)
-version = "1.1.5"
+version = "1.1.6"
 
 """
 Change Log
 
+1.1.6       Add email address detail for various authentication failures
+
 1.1.5       Refactor _convert_email_uri(email) to properly handle a null
             email address.