From 4c723781b5e36b7e1f2002a7147c7b47ac9152ee Mon Sep 17 00:00:00 2001
From: Iain Sproat <68657+iainsproat@users.noreply.github.com>
Date: Tue, 11 Apr 2023 18:43:46 +0100
Subject: [PATCH] feat(server): authentication middleware should log auth
 context creation status (#1508)

* feat(server): authentication middleware should log auth context creation status
- this uses the pino http logger provided via prior express middleware, ensuring a request ID is associated with the log messages
- userID, scopes and roles will be logged
* Appends the authContext to the req.log, which makes it available on all subsequent calls
---
 packages/server/modules/shared/middleware/index.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/packages/server/modules/shared/middleware/index.ts b/packages/server/modules/shared/middleware/index.ts
index 61e668660..6d2e53ad2 100644
--- a/packages/server/modules/shared/middleware/index.ts
+++ b/packages/server/modules/shared/middleware/index.ts
@@ -89,12 +89,14 @@ export async function authContextMiddleware(
 ) {
   const token = getTokenFromRequest(req)
   const authContext = await createAuthContextFromToken(token)
+  req.log = req.log.child({ authContext })
   if (!authContext.auth && authContext.err) {
     let message = 'Unknown Auth context error'
     let status = 500
     message = authContext.err?.message || message
     if (authContext.err instanceof UnauthorizedError) status = 401
     if (authContext.err instanceof ForbiddenError) status = 403
+    req.log.warn('Auth context creation failed.')
     return res.status(status).json({ error: message })
   }
   req.context = authContext