From 37666883a6b90f811f40fc6bf622a89165981df5 Mon Sep 17 00:00:00 2001
From: Max Resnick <max@ofmax.li>
Date: Tue, 23 Apr 2024 22:20:11 -0700
Subject: feat: light access logging

---
 internal/authz/middleware.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'internal')

diff --git a/internal/authz/middleware.go b/internal/authz/middleware.go
index 9031c99..f4838ec 100644
--- a/internal/authz/middleware.go
+++ b/internal/authz/middleware.go
@@ -21,6 +21,7 @@ var (
 
 func Authentication(authMap TokenMap, next http.Handler) http.Handler {
 	return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
+		slog.Info("access request recv")
 		u, p, ok := req.BasicAuth()
 		if !ok {
 			rw.Header().Set("WWW-Authenticate", `Basic realm="git"`)
@@ -30,6 +31,7 @@ func Authentication(authMap TokenMap, next http.Handler) http.Handler {
 		urn := fmt.Sprintf("uid:%s", u)
 		hash, ok := authMap[urn]
 		if !ok {
+			slog.Info("failed access", "urn", urn)
 			http.Error(rw, "Bad Request", http.StatusForbidden)
 			return
 		}
@@ -39,10 +41,12 @@ func Authentication(authMap TokenMap, next http.Handler) http.Handler {
 			return
 		}
 		if err := bcrypt.CompareHashAndPassword([]byte(hash), token); err != nil {
+			slog.Info("bad token for user", "urn", urn)
 			http.Error(rw, "Bad Request", http.StatusForbidden)
 			return
 		}
 		ctx := context.WithValue(req.Context(), AuthzUrnKey, urn)
+		slog.Info("access request granted", "urn", urn)
 		next.ServeHTTP(rw, req.WithContext(ctx))
 	})
 }
-- 
cgit v1.2.3