Enhance logging for username/phone access control in Telegram authentication
- Updated the logging statement in `get_authenticated_username` to include the normalized phone number when access is denied, improving traceability. - Introduced a new variable `failed_phone` to store the normalized phone number for better debugging and error reporting. - Ensured that the logging format reflects the additional information for enhanced clarity during authentication failures.
This commit is contained in:
@@ -123,14 +123,18 @@ def get_authenticated_username(
|
|||||||
)
|
)
|
||||||
if username and config.can_access_miniapp(username):
|
if username and config.can_access_miniapp(username):
|
||||||
return username
|
return username
|
||||||
|
failed_phone: str | None = None
|
||||||
if telegram_user_id is not None:
|
if telegram_user_id is not None:
|
||||||
user = get_user_by_telegram_id(session, telegram_user_id)
|
user = get_user_by_telegram_id(session, telegram_user_id)
|
||||||
if user and user.phone and config.can_access_miniapp_by_phone(user.phone):
|
if user and user.phone and config.can_access_miniapp_by_phone(user.phone):
|
||||||
return username or (user.full_name or "") or f"id:{telegram_user_id}"
|
return username or (user.full_name or "") or f"id:{telegram_user_id}"
|
||||||
|
if user and user.phone:
|
||||||
|
failed_phone = config.normalize_phone(user.phone)
|
||||||
log.warning(
|
log.warning(
|
||||||
"username/phone not in allowlist (username=%s, telegram_id=%s)",
|
"username/phone not in allowlist (username=%s, telegram_id=%s, phone=%s)",
|
||||||
username,
|
username,
|
||||||
telegram_user_id,
|
telegram_user_id,
|
||||||
|
failed_phone if failed_phone else "—",
|
||||||
)
|
)
|
||||||
raise HTTPException(status_code=403, detail=t(lang, "api.access_denied"))
|
raise HTTPException(status_code=403, detail=t(lang, "api.access_denied"))
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user