Docker/Maybe
Docker/Maybe
1
0
Fork 0
mirror of https://github.com/maybe-finance/maybe.git synced 2025-07-19 21:29:38 +02:00
Code Issues Releases Activity Actions 1

Logger cleanup

Browse source
This commit is contained in:
Josh Pigford 2025-03-05 13:44:56 -06:00
parent f7fa8fa085
commit cffafd23f0
3 changed files with 3 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

27
app/controllers/concerns/authentication.rb
View file

@ -16,19 +16,12 @@ module Authentication
private private
def authenticate_user! def authenticate_user!
Rails.logger.info "Authentication#authenticate_user! - Checking for session cookie"
if session_record = find_session_by_cookie if session_record = find_session_by_cookie
Rails.logger.info "Authentication#authenticate_user! - Found valid session: #{session_record.id} for user: #{session_record.user_id}"
Current.session = session_record Current.session = session_record
else else
Rails.logger.info "Authentication#authenticate_user! - No valid session found"
if self_hosted_first_login? if self_hosted_first_login?
Rails.logger.info "Authentication#authenticate_user! - Self-hosted first login detected, redirecting to registration"
redirect_to new_registration_url redirect_to new_registration_url
else else
Rails.logger.info "Authentication#authenticate_user! - Redirecting to login page"
redirect_to new_session_url redirect_to new_session_url
end end
end end
@ -36,35 +29,17 @@ module Authentication
def find_session_by_cookie def find_session_by_cookie
cookie_value = cookies.signed[:session_token] cookie_value = cookies.signed[:session_token]
Rails.logger.info "Authentication#find_session_by_cookie - Looking for session with cookie value: #{cookie_value.present? ? 'present' : 'missing'}"
if cookie_value.present? if cookie_value.present?
session = Session.find_by(id: cookie_value) Session.find_by(id: cookie_value)
Rails.logger.info "Authentication#find_session_by_cookie - Session found: #{session.present? ? 'yes' : 'no'}"
if session.present?
Rails.logger.info "Authentication#find_session_by_cookie - Session belongs to user: #{session.user_id}"
end
session
else else
Rails.logger.info "Authentication#find_session_by_cookie - No session cookie found"
nil nil
end end
end end
def create_session_for(user) def create_session_for(user)
Rails.logger.info "Authentication#create_session_for - Creating session for user: #{user.id}"
session = user.sessions.create! session = user.sessions.create!
Rails.logger.info "Authentication#create_session_for - Session created with ID: #{session.id}"
Rails.logger.info "Authentication#create_session_for - Setting session cookie"
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true } cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
Rails.logger.info "Authentication#create_session_for - Cookie set, verifying..."
cookie_value = cookies.signed[:session_token]
Rails.logger.info "Authentication#create_session_for - Cookie verification: #{cookie_value == session.id ? 'successful' : 'failed'}"
session session
end end

35
app/controllers/mfa_controller.rb
View file

@ -3,74 +3,43 @@ class MfaController < ApplicationController
skip_authentication only: [ :verify, :verify_code ] skip_authentication only: [ :verify, :verify_code ]
def new def new
Rails.logger.info "MfaController#new - User: #{Current.user.id} accessing MFA setup"
redirect_to root_path if Current.user.otp_required? redirect_to root_path if Current.user.otp_required?
Current.user.setup_mfa! unless Current.user.otp_secret.present? Current.user.setup_mfa! unless Current.user.otp_secret.present?
end end
def create def create
Rails.logger.info "MfaController#create - User: #{Current.user.id} attempting to enable MFA"
if Current.user.verify_otp?(params[:code]) if Current.user.verify_otp?(params[:code])
Rails.logger.info "MfaController#create - MFA verification successful for user: #{Current.user.id}"
Current.user.enable_mfa! Current.user.enable_mfa!
@backup_codes = Current.user.otp_backup_codes @backup_codes = Current.user.otp_backup_codes
Rails.logger.info "MfaController#create - Generated backup codes for user: #{Current.user.id}"
render :backup_codes render :backup_codes
else else
Rails.logger.info "MfaController#create - MFA verification failed for user: #{Current.user.id}"
Current.user.disable_mfa! Current.user.disable_mfa!
redirect_to new_mfa_path, alert: t(".invalid_code") redirect_to new_mfa_path, alert: t(".invalid_code")
end end
end end
def verify def verify
Rails.logger.info "MfaController#verify - Attempting to verify MFA for user_id from session: #{session[:mfa_user_id]}"
@user = User.find_by(id: session[:mfa_user_id]) @user = User.find_by(id: session[:mfa_user_id])
if @user if @user.nil?
Rails.logger.info "MfaController#verify - Found user: #{@user.id} for MFA verification"
else
Rails.logger.info "MfaController#verify - No user found for MFA verification, redirecting to login"
redirect_to new_session_path redirect_to new_session_path
end end
end end
def verify_code def verify_code
Rails.logger.info "MfaController#verify_code - Attempting to verify MFA code for user_id from session: #{session[:mfa_user_id]}"
@user = User.find_by(id: session[:mfa_user_id]) @user = User.find_by(id: session[:mfa_user_id])
if @user
Rails.logger.info "MfaController#verify_code - Found user: #{@user.id} for MFA verification"
else
Rails.logger.info "MfaController#verify_code - No user found for MFA verification"
end
if @user&.verify_otp?(params[:code]) if @user&.verify_otp?(params[:code])
Rails.logger.info "MfaController#verify_code - MFA code verification successful for user: #{@user.id}"
session.delete(:mfa_user_id) session.delete(:mfa_user_id)
Rails.logger.info "MfaController#verify_code - Deleted mfa_user_id from session"
@session = create_session_for(@user) @session = create_session_for(@user)
Rails.logger.info "MfaController#verify_code - Created session: #{@session.id} for user: #{@user.id}" redirect_to root_path
# Log cookie information
Rails.logger.info "MfaController#verify_code - Cookie details:"
Rails.logger.info " - session_token present: #{cookies.signed[:session_token].present?}"
Rails.logger.info " - session_token value: #{cookies.signed[:session_token]}"
Rails.logger.info " - all cookies: #{cookies.to_h.keys.join(', ')}"
# Simply redirect to root path with data-turbo="false"
Rails.logger.info "MfaController#verify_code - Redirecting to root_path with data-turbo=false"
redirect_to root_path, data: { turbo: false }
else else
Rails.logger.info "MfaController#verify_code - MFA code verification failed for user: #{@user&.id}"
flash.now[:alert] = t(".invalid_code") flash.now[:alert] = t(".invalid_code")
render :verify, status: :unprocessable_entity render :verify, status: :unprocessable_entity
end end
end end
def disable def disable
Rails.logger.info "MfaController#disable - User: #{Current.user.id} disabling MFA"
Current.user.disable_mfa! Current.user.disable_mfa!
redirect_to settings_security_path, notice: t(".success") redirect_to settings_security_path, notice: t(".success")
end end

10
app/controllers/sessions_controller.rb
View file

@ -5,34 +5,24 @@ class SessionsController < ApplicationController
layout "auth" layout "auth"
def new def new
Rails.logger.info "SessionsController#new - Rendering login form"
end end
def create def create
Rails.logger.info "SessionsController#create - Attempting to authenticate user with email: #{params[:email]}"
if user = User.authenticate_by(email: params[:email], password: params[:password]) if user = User.authenticate_by(email: params[:email], password: params[:password])
Rails.logger.info "SessionsController#create - Authentication successful for user: #{user.id}"
if user.otp_required? if user.otp_required?
Rails.logger.info "SessionsController#create - MFA required for user: #{user.id}, redirecting to MFA verification"
session[:mfa_user_id] = user.id session[:mfa_user_id] = user.id
redirect_to verify_mfa_path redirect_to verify_mfa_path
else else
Rails.logger.info "SessionsController#create - MFA not required for user: #{user.id}, creating session"
@session = create_session_for(user) @session = create_session_for(user)
Rails.logger.info "SessionsController#create - Session created: #{@session.id}, redirecting to root_path"
redirect_to root_path redirect_to root_path
end end
else else
Rails.logger.info "SessionsController#create - Authentication failed for email: #{params[:email]}"
flash.now[:alert] = t(".invalid_credentials") flash.now[:alert] = t(".invalid_credentials")
render :new, status: :unprocessable_entity render :new, status: :unprocessable_entity
end end
end end
def destroy def destroy
Rails.logger.info "SessionsController#destroy - Destroying session: #{@session.id} for user: #{Current.user.id}"
@session.destroy @session.destroy
redirect_to new_session_path, notice: t(".logout_successful") redirect_to new_session_path, notice: t(".logout_successful")
end end