Add Debug Logs on Account Recovery (#206)

* Add debug logs * Removed PII logs * Address comments * Move exception type to front of log message
leaderboardsgg · Dec 24, 2023 · f5215cd · f5215cd
1 parent d0f0a12
commit f5215cd
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 3 deletions.
diff --git a/LeaderboardBackend/Controllers/AccountController.cs b/LeaderboardBackend/Controllers/AccountController.cs
@@ -190,6 +190,7 @@ [FromServices] IAccountConfirmationService confirmationService
     ///     Sends an account recovery email.
     /// </summary>
     /// <param name="recoveryService">IAccountRecoveryService dependency.</param>
+    /// <param name="logger"></param>
     /// <param name="request">The account recovery request.</param>
     /// <response code="200">This endpoint returns 200 OK regardless of whether the email was sent successfully or not.</response>
     /// <response code="400">The request object was malformed.</response>
@@ -200,13 +201,19 @@ [FromServices] IAccountConfirmationService confirmationService
     [FeatureGate(Features.ACCOUNT_RECOVERY)]
     public async Task<ActionResult> RecoverAccount(
         [FromServices] IAccountRecoveryService recoveryService,
+        [FromServices] ILogger<AccountController> logger,
         [FromBody] RecoverAccountRequest request
     )
     {
         User? user = await _userService.GetUserByNameAndEmail(request.Username, request.Email);
 
-        if (user is not null)
+        if (user is null)
         {
+            logger.LogWarning("Account recovery attempt failed. User not found: {username}", request.Username);
+        }
+        else
+        {
+            logger.LogInformation("Sending account recovery email to user: {id}", user.Id);
             await recoveryService.CreateRecoveryAndSendEmail(user);
         }
 

diff --git a/LeaderboardBackend/Services/Impl/AccountRecoveryService.cs b/LeaderboardBackend/Services/Impl/AccountRecoveryService.cs
@@ -14,24 +14,28 @@ public class AccountRecoveryService : IAccountRecoveryService
     private readonly IEmailSender _emailSender;
     private readonly IClock _clock;
     private readonly AppConfig _appConfig;
+    private readonly ILogger<AccountRecoveryService> _logger;
 
     public AccountRecoveryService(
         ApplicationContext applicationContext,
         IEmailSender emailSender,
         IClock clock,
-        IOptions<AppConfig> appConfig
+        IOptions<AppConfig> appConfig,
+        ILogger<AccountRecoveryService> logger
     )
     {
         _applicationContext = applicationContext;
         _emailSender = emailSender;
         _clock = clock;
         _appConfig = appConfig.Value;
+        _logger = logger;
     }
 
     public async Task<CreateRecoveryResult> CreateRecoveryAndSendEmail(User user)
     {
         if (user.Role is not UserRole.Confirmed && user.Role is not UserRole.Administrator)
         {
+            _logger.LogWarning("Can't send account recovery email; user {id} not confirmed/admin", user.Id);
             return new BadRole();
         }
 
@@ -55,8 +59,14 @@ await _emailSender.EnqueueEmailAsync(
                 GenerateAccountRecoveryEmailBody(user, recovery)
             );
         }
-        catch
+        catch (Exception e)
         {
+            _logger.LogError(
+                "{type}: Recovery email failed to send for user {id}, {username}",
+                e.GetType().ToString(),
+                user.Id,
+                user.Username
+            );
             return new EmailFailed();
         }