From 854bc7cfaf9880c4f841e6e948dc53885e522871 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= <sybren@stuvel.eu>
Date: Wed, 14 Feb 2018 13:52:52 +0100
Subject: [PATCH] Sentry: include extra user information

We perform authentication of the user while handling the request,
but Sentry calls get_user_info() in a before-request handler. This means
that Sentry would miss user info in many cases. This fixes that.
---
 pillar/api/utils/authentication.py |  3 ++-
 pillar/auth/__init__.py            |  6 ++++--
 pillar/sentry_extra.py             | 14 ++++++++++++++
 3 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/pillar/api/utils/authentication.py b/pillar/api/utils/authentication.py
index f75b96f9..41188483 100644
--- a/pillar/api/utils/authentication.py
+++ b/pillar/api/utils/authentication.py
@@ -155,7 +155,7 @@ def validate_this_token(token, oauth_subclient=None):
     :rtype: dict
     """
 
-    from pillar.auth import UserClass, AnonymousUser
+    from pillar.auth import UserClass, AnonymousUser, user_authenticated
 
     g.current_user = None
     _delete_expired_tokens()
@@ -183,6 +183,7 @@ def validate_this_token(token, oauth_subclient=None):
         return None
 
     g.current_user = UserClass.construct(token, db_user)
+    user_authenticated.send(None)
 
     return db_user
 
diff --git a/pillar/auth/__init__.py b/pillar/auth/__init__.py
index 93e9cd56..aef00a70 100644
--- a/pillar/auth/__init__.py
+++ b/pillar/auth/__init__.py
@@ -4,14 +4,15 @@ import collections
 import logging
 import typing
 
+import blinker
+import bson
 from flask import session, g
 import flask_login
 from werkzeug.local import LocalProxy
 
 from pillar import current_app
 
-import bson
-
+user_authenticated = blinker.Signal('Sent whenever a user was authenticated')
 log = logging.getLogger(__name__)
 
 # Mapping from user role to capabilities obtained by users with that role.
@@ -211,6 +212,7 @@ def login_user(oauth_token: str, *, load_from_db=False):
         user = UserClass(oauth_token)
     flask_login.login_user(user, remember=True)
     g.current_user = user
+    user_authenticated.send(None)
 
 
 def logout_user():
diff --git a/pillar/sentry_extra.py b/pillar/sentry_extra.py
index 01b033fe..c78f8770 100644
--- a/pillar/sentry_extra.py
+++ b/pillar/sentry_extra.py
@@ -11,6 +11,20 @@ class PillarSentry(Sentry):
     and for preventing the auth tokens to be logged as user ID.
     """
 
+    def init_app(self, app, *args, **kwargs):
+        super().init_app(app, *args, **kwargs)
+
+        # We perform authentication of the user while handling the request,
+        # so Sentry calls get_user_info() too early.
+
+    def get_user_context_again(self, ):
+        from flask import request
+
+        try:
+            self.client.user_context(self.get_user_info(request))
+        except Exception as e:
+            self.client.logger.exception(str(e))
+
     def get_user_info(self, request):
         user_info = super().get_user_info(request)