Skip to content

Commit

Permalink
Merge pull request #709 from Crown-Commercial-Service/csrf
Browse files Browse the repository at this point in the history 
Log reason for CSRF failure
  • Loading branch information
@bjgill
bjgill authored Nov 11, 2021
2 parents 4db4113 + d3c3075 commit 5b4d87b
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 7 deletions.
2 changes: 1 addition & 1 deletion dmutils/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@
from .flask_init import init_app


__version__ = '60.1.0'
__version__ = '60.1.1'
7 changes: 4 additions & 3 deletions dmutils/errors/frontend.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,13 @@ def csrf_handler(csrf_error):
)
elif 'user_id' not in session:
current_app.logger.info(
u'csrf.session_expired: Redirecting user to log in page'
'csrf.session_expired: Redirecting user to log in page',
extra={'error': csrf_error.description},
)
else:
current_app.logger.info(
u'csrf.invalid_token: Aborting request, user_id: {user_id}',
extra={'user_id': session['user_id']}
'csrf.invalid_token: Aborting request, user_id: {user_id}',
extra={'user_id': session['user_id'], 'error': csrf_error.description}
)

flash('Your session has expired. Please log in again.', "error")
Expand Down
9 changes: 6 additions & 3 deletions tests/test_errors.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,18 +35,21 @@ def test_csrf_handler_redirects_to_login(user_session, app, cookie_probe_expect_
# Our user is logged in
session['user_id'] = 1234

response = csrf_handler(CSRFError())
response = csrf_handler(CSRFError('reason'))

assert response.status_code == 302
assert response.location == '/user/login?next=%2F'

if user_session:
assert app.logger.info.call_args_list == [
mock.call('csrf.invalid_token: Aborting request, user_id: {user_id}', extra={'user_id': 1234})
mock.call(
'csrf.invalid_token: Aborting request, user_id: {user_id}',
extra={'user_id': 1234, 'error': 'reason'},
)
]
else:
assert app.logger.info.call_args_list == [
mock.call('csrf.session_expired: Redirecting user to log in page')
mock.call('csrf.session_expired: Redirecting user to log in page', extra={'error': 'reason'})
]


Expand Down

0 comments on commit 5b4d87b

Please sign in to comment.