Skip to content

Log REMOTE_USER (patron identifier) in uwsgi access logs#3146

Open
jonathangreen wants to merge 4 commits intomainfrom
feature/log-remote-user-in-uwsgi
Open

Log REMOTE_USER (patron identifier) in uwsgi access logs#3146
jonathangreen wants to merge 4 commits intomainfrom
feature/log-remote-user-in-uwsgi

Conversation

@jonathangreen
Copy link
Member

@jonathangreen jonathangreen commented Mar 17, 2026
edited
Loading

Description

Sets REMOTE_USER on the WSGI environ and updates the uwsgi log format to include it. This makes the patron identifier (library card barcode) visible in uwsgi access logs, aiding in troubleshooting authentication issues.

  • For Basic auth, sets REMOTE_USER to the submitted username before authentication, so it appears in logs even on failed 401 requests
  • For non-Basic auth flows (e.g., bearer tokens), sets REMOTE_USER from patron.authorization_identifier after successful authentication
  • Replaces the hardcoded - in the uwsgi log format with %(var.REMOTE_USER)

Motivation and Context

This would have helped while troubleshooting CM authentication errors. Without the patron identifier in access logs, it's difficult to correlate failed requests to specific patrons when investigating issues.

How Has This Been Tested?

  • New tests added for REMOTE_USER behavior covering basic auth (success and failure) and non-basic auth flows
  • tox -e py312-docker -- --no-cov tests/manager/api/controller/test_base.py

Checklist

  • I have updated the documentation accordingly.
  • All new and existing tests passed.

@jonathangreen
Set REMOTE_USER in WSGI environ and include it in uwsgi log format
b13d51c 
Set REMOTE_USER from the Basic auth username on the WSGI environ so
uwsgi can log the patron identifier. Update the uwsgi log format to
include %(var.REMOTE_USER) in place of the hardcoded dash. Only applies
to Basic auth requests to avoid logging sensitive bearer tokens.
@jonathangreen jonathangreen added the feature New feature label Mar 17, 2026
@jonathangreen jonathangreen requested review from a team March 17, 2026 17:59
@codecov
Copy link

codecov bot commented Mar 17, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.26%. Comparing base (60760e8) to head (05f159b).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #3146   +/-   ##
=======================================
  Coverage   93.26%   93.26%           
=======================================
  Files         493      493           
  Lines       45579    45583    +4     
  Branches     6252     6254    +2     
=======================================
+ Hits        42511    42515    +4     
  Misses       1982     1982           
  Partials     1086     1086

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

feature New feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jonathangreen