newrelic: fix tracking of api auth failure errors.

Fixes user params not being recorded on SessionLoader::AuthenticationFailed errors.
2019-08-27 21:19:56 -05:00
parent 57e20b4e28
commit 0cf9f845d0
3 changed files with 12 additions and 6 deletions
--- a/app/logical/danbooru_logger.rb
+++ b/app/logical/danbooru_logger.rb
@@ -20,10 +20,14 @@ class DanbooruLogger
    end
  end

-  def self.initialize(request, session, user)
-    add_attributes("request.params", request.parameters)
-    add_attributes("session.params", session.to_h)
-    add_attributes("user", { id: user.id, name: user.name, level: user.level_string, ip: request.remote_ip })
+  def self.add_session_attributes(request, session, user)
+    request_params = request.parameters.with_indifferent_access.except(*Rails.application.config.filter_parameters, :controller, :action)
+    session_params = session.to_h.with_indifferent_access.slice(:session_id, :started_at)
+    user_params = { id: user.id, name: user.name, level: user.level_string, ip: request.remote_ip, safe_mode: CurrentUser.safe_mode? }
+
+    add_attributes("request.params", request_params)
+    add_attributes("session.params", session_params)
+    add_attributes("user", user_params)
  end

  def self.add_attributes(prefix, hash)
--- a/app/logical/session_loader.rb
+++ b/app/logical/session_loader.rb
@@ -29,7 +29,8 @@ class SessionLoader
    set_safe_mode
    set_started_at_session
    CurrentUser.user.unban! if CurrentUser.user.ban_expired?
-    DanbooruLogger.initialize(request, session, CurrentUser.user)
+  ensure
+    DanbooruLogger.add_session_attributes(request, session, CurrentUser.user)
  end

  def has_api_authentication?
@@ -58,6 +59,7 @@ private
  def authenticate_basic_auth
    credentials = ::Base64.decode64(request.authorization.split(' ', 2).last || '')
    login, api_key = credentials.split(/:/, 2)
+    DanbooruLogger.add_attributes("request.params", login: login)
    authenticate_api_key(login, api_key)
  end

--- a/config/initializers/filter_parameter_logging.rb
+++ b/config/initializers/filter_parameter_logging.rb
@@ -1,4 +1,4 @@
 # Be sure to restart your server when you modify this file.

 # Configure sensitive parameters which will be filtered from the log file.
-Rails.application.config.filter_parameters += [:password]
+Rails.application.config.filter_parameters += [:password, :password_hash, :api_key]