[server] Do not log 'logged in' before actually logging in

Ericsson · Dec 3, 2020 · ac65c59 · ac65c59
1 parent 45a5292
commit ac65c59
Showing 1 changed file with 12 additions and 4 deletions.
diff --git a/web/server/codechecker_server/api/authentication.py b/web/server/codechecker_server/api/authentication.py
@@ -85,28 +85,36 @@ def performLogin(self, auth_method, auth_string):
 
         if auth_method == "Username:Password":
             user_name, _ = auth_string.split(':', 1)
-            LOG.info("'%s' logged in.", user_name)
+            LOG.debug("'%s' logging in...", user_name)
 
             session = self.__manager.create_session(auth_string)
 
             if session:
+                LOG.info("'%s' logged in.", user_name)
                 return session.token
             else:
                 raise codechecker_api_shared.ttypes.RequestFailed(
                     codechecker_api_shared.ttypes.ErrorCode.AUTH_DENIED,
-                    "Invalid credentials supplied. Refusing authentication!")
+                    f"Invalid credentials supplied for user '{user_name}'."
+                    " Refusing authentication!")
 
         raise codechecker_api_shared.ttypes.RequestFailed(
             codechecker_api_shared.ttypes.ErrorCode.AUTH_DENIED,
             "Could not negotiate via common authentication method.")
 
     @timeit
     def destroySession(self):
-        LOG.info("'%s' logged out.", self.getLoggedInUser())
+        user_name = self.getLoggedInUser()
+        LOG.debug("'%s' logging out...", user_name)
+
         token = None
         if self.__auth_session:
             token = self.__auth_session.token
-        return self.__manager.invalidate(token)
+
+        is_logged_out = self.__manager.invalidate(token)
+        if is_logged_out:
+            LOG.info("'%s' logged out.", user_name)
+        return is_logged_out
 
     # ============= Authorization, permission management =============