Improve request logging

2021-11-29 01:19:01 +00:00 · 2021-11-29 01:19:01 +00:00 · 065afd966d
commit 065afd966d
parent 07559714ff
3 changed files with 26 additions and 13 deletions
--- a/apiserver/apiserver/api/throttles.py
+++ b/apiserver/apiserver/api/throttles.py
@ -0,0 +1,25 @@
+import logging
+logger = logging.getLogger(__name__)
+
+from rest_framework import throttling
+
+class LoggingThrottle(throttling.BaseThrottle):
+    def allow_request(self, request, view):
+        if request.user.id:
+            user = '{} ({})'.format(request.user, request.user.member.id)
+        else:
+            user = None
+
+        method = request._request.method
+        path = request._request.path
+
+        if request.data:
+            data = request.data.dict()
+            for key in ['password', 'password1', 'password2', 'old_password', 'new_password1', 'new_password2']:
+                if key in data:
+                    data[key] = '[CENSORED]'
+        else:
+            data = None
+
+        logging.info('Request User: %s | %s %s | Data: %s', user, method, path, data)
+        return True
--- a/apiserver/apiserver/api/views.py
+++ b/apiserver/apiserver/api/views.py
@ -437,9 +437,6 @@ class PingView(views.APIView):
    permission_classes = [AllowMetadata | IsAuthenticated]

    def post(self, request):
-        d = request.data.dict()
-        if d:
-            logger.info(str(d))
        return Response(200)


@ -739,15 +736,6 @@ class VettingViewSet(Base, List):
 class RegistrationView(RegisterView):
    serializer_class = serializers.MyRegisterSerializer

-    def post(self, request):
-        data = request.data.copy()
-        data.pop('password1', None)
-        data.pop('password2', None)
-        logger.info(dict(data))
-
-        return super().post(request)
-
-
 class PasswordChangeView(PasswordChangeView):
    permission_classes = [AllowMetadata | IsAuthenticated]
    serializer_class = serializers.MyPasswordChangeSerializer
--- a/apiserver/apiserver/settings.py
+++ b/apiserver/apiserver/settings.py
@ -55,7 +55,6 @@ SESSION_COOKIE_SECURE = True
 CSRF_COOKIE_SECURE = True
 SECURE_REFERRER_POLICY = 'same-origin'

-
 # Application definition

 INSTALLED_APPS = [
@ -209,6 +208,7 @@ REST_FRAMEWORK = {
    'PAGE_SIZE': 300,
    'DEFAULT_RENDERER_CLASSES': DEFAULT_RENDERER_CLASSES,
    'DEFAULT_AUTHENTICATION_CLASSES': DEFAULT_AUTHENTICATION_CLASSES,
+    'DEFAULT_THROTTLE_CLASSES': ['apiserver.api.throttles.LoggingThrottle'],
 }

 #DEFAULT_LOGGING = None