feat: add debug mode to security configuration

- Introduced a new debug flag in the Security struct to enable detailed logging. - Updated CloudflareAccess and OAuth2Server to utilize the debug flag for conditional logging. - Enhanced logging in Debug methods to include a prefix for better context in log messages.
tphakala · Jan 9, 2025 · b1cbffa · b1cbffa
1 parent 034475e
commit b1cbffa
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 5 deletions.
diff --git a/internal/conf/config.go b/internal/conf/config.go
@@ -250,6 +250,7 @@ type AllowCloudflareBypass struct {
 // SecurityConfig handles all security-related settings and validations
 // for the application, including authentication, TLS, and access control.
 type Security struct {
+	Debug bool // true to enable debug mode
 
 	// Host is the primary hostname used for TLS certificates
 	// and OAuth redirect URLs. Required when using AutoTLS or

diff --git a/internal/security/cloudflare.go b/internal/security/cloudflare.go
@@ -42,6 +42,7 @@ type CloudflareAccess struct {
 
 func NewCloudflareAccess() *CloudflareAccess {
 	settings := conf.GetSettings()
+	debug := settings.Security.Debug
 	cfBypass := settings.Security.AllowCloudflareBypass
 
 	return &CloudflareAccess{
@@ -55,6 +56,7 @@ func NewCloudflareAccess() *CloudflareAccess {
 			lastFetch: time.Time{},
 		},
 		settings: &cfBypass,
+		debug:    debug,
 	}
 }
 
@@ -279,10 +281,11 @@ func (ca *CloudflareAccess) GetLogoutURL() string {
 
 func (ca *CloudflareAccess) Debug(format string, v ...interface{}) {
 	if !ca.debug {
+		prefix := "[security/cloudflare] "
 		if len(v) == 0 {
-			log.Print(format)
+			log.Print(prefix + format)
 		} else {
-			log.Printf(format, v...)
+			log.Printf(prefix+format, v...)
 		}
 	}
 }
diff --git a/internal/security/oauth.go b/internal/security/oauth.go
@@ -44,7 +44,7 @@ type OAuth2Server struct {
 
 func NewOAuth2Server() *OAuth2Server {
 	settings := conf.GetSettings()
-	debug := settings.Debug
+	debug := settings.Security.Debug
 
 	server := &OAuth2Server{
 		Settings:     settings,
@@ -256,10 +256,11 @@ func (s *OAuth2Server) StartAuthCleanup(interval time.Duration) {
 
 func (s *OAuth2Server) Debug(format string, v ...interface{}) {
 	if s.debug {
+		prefix := "[security/oauth] "
 		if len(v) == 0 {
-			log.Print(format)
+			log.Print(prefix + format)
 		} else {
-			log.Printf(format, v...)
+			log.Printf(prefix+format, v...)
 		}
 	}
 }