From 9d62040d7a2d3bc6034fbb4b8ff28397ce3b5d54 Mon Sep 17 00:00:00 2001
From: Bryan Newbold <bnewbold@robocracy.org>
Date: Wed, 3 Apr 2019 10:58:29 -0700
Subject: better warn/error logging

---
 python/fatcat_web/auth.py       | 10 +++++-----
 python/fatcat_web/web_config.py |  2 +-
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/python/fatcat_web/auth.py b/python/fatcat_web/auth.py
index 1953151b..20c11855 100644
--- a/python/fatcat_web/auth.py
+++ b/python/fatcat_web/auth.py
@@ -20,6 +20,7 @@ def handle_token_login(token):
         m = pymacaroons.Macaroon.deserialize(token)
     except pymacaroons.exceptions.MacaroonDeserializationException:
         # TODO: what kind of Exceptions?
+        app.logger.warn("auth fail: MacaroonDeserializationException")
         return abort(400)
     # extract editor_id
     editor_id = None
@@ -28,6 +29,7 @@ def handle_token_login(token):
         if caveat.startswith(b"editor_id = "):
             editor_id = caveat[12:].decode('utf-8')
     if not editor_id:
+        app.logger.warn("auth fail: editor_id missing in macaroon")
         abort(400)
     # fetch editor info
     editor = api.get_editor(editor_id)
@@ -93,12 +95,11 @@ def handle_ia_xauth(email, password):
         try:
             flash("Internet Archive email/password didn't match: {}".format(resp.json()['values']['reason']))
         except:
-            print("IA XAuth fail: {}".format(resp.content))
+            app.logger.warn("IA XAuth fail: {}".format(resp.content))
         return render_template('auth_ia_login.html', email=email), resp.status_code
     elif resp.status_code != 200:
         flash("Internet Archive login failed (internal error?)")
-        # TODO: log.warn
-        print("IA XAuth fail: {}".format(resp.content))
+        app.logger.warn("IA XAuth fail: {}".format(resp.content))
         return render_template('auth_ia_login.html', email=email), resp.status_code
 
     # Successful login; now fetch info...
@@ -112,8 +113,7 @@ def handle_ia_xauth(email, password):
         })
     if resp.status_code != 200:
         flash("Internet Archive login failed (internal error?)")
-        # TODO: log.warn
-        print("IA XAuth fail: {}".format(resp.content))
+        app.logger.warn("IA XAuth fail: {}".format(resp.content))
         return render_template('auth_ia_login.html', email=email), resp.status_code
     ia_info = resp.json()['values']
 
diff --git a/python/fatcat_web/web_config.py b/python/fatcat_web/web_config.py
index 9aad8998..1b9a7c9f 100644
--- a/python/fatcat_web/web_config.py
+++ b/python/fatcat_web/web_config.py
@@ -41,7 +41,7 @@ class Config(object):
 
     # CSRF on by default, but only for WTF forms (not, eg, search, lookups, GET
     # forms)
-    WTF_CSRF_CHECK_DEFAULT = True
+    WTF_CSRF_CHECK_DEFAULT = False
     WTF_CSRF_TIME_LIMIT = None
 
     if FATCAT_DOMAIN == "dev.fatcat.wiki":
-- 
cgit v1.2.3