From a94ba22f5f895b02f8dd9e3caa7ba0816b5050f6 Mon Sep 17 00:00:00 2001
From: Robert Sparks <rjsparks@nostrum.com>
Date: Fri, 11 Aug 2023 14:14:36 -0500
Subject: [PATCH] chore: log direct auth attempts (#6132)

---
 ietf/api/views.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ietf/api/views.py b/ietf/api/views.py
index b56544c43..f6221b5e2 100644
--- a/ietf/api/views.py
+++ b/ietf/api/views.py
@@ -423,8 +423,14 @@ def directauth(request):
 
         # Note well that we are using user.username, not what was passed to the API.
         if user_query.count() == 1 and authenticate(username = user_query.first().username, password = password):
+            user = user_query.get()
+            if user_query.filter(person__isnull=True).count() == 1: # Can't inspect user.person direclty here
+                log.log(f"Direct auth of personless user {user.pk}:{user.username}")
+            else:
+                log.log(f"Direct auth: {user.pk}:{user.person.plain_name()}")
             return HttpResponse(json.dumps(dict(result="success")), content_type='application/json')
 
+        log.log(f"Direct auth failure: {username}")
         return HttpResponse(json.dumps(dict(result="failure", reason="authentication failed")), content_type='application/json') 
 
     else: