From cbb5dd99d895e25fe74ce35bd63492bfa11894f7 Mon Sep 17 00:00:00 2001 From: Teriuihi Date: Mon, 5 Aug 2024 00:45:48 +0200 Subject: [PATCH] Refactor logging for better granularity Updated logging levels in multiple classes to differentiate between debug and trace information. Improved log messages to support parameterized logs, ensuring sensitive or variable information is handled appropriately without concatenation. --- .../com/alttd/forms/contact/ContactController.java | 5 ++++- .../java/com/alttd/forms/contact/StoreFormQuery.java | 4 ++++ .../com/alttd/forms/mail/mail_forms/MailForm.java | 6 +++--- .../com/alttd/forms/mail/verification/Verify.java | 11 +++++++++++ .../java/com/alttd/forms/verify_mail/FormQuery.java | 9 +++++---- .../com/alttd/forms/verify_mail/VerifyController.java | 7 +++++-- 6 files changed, 32 insertions(+), 10 deletions(-) diff --git a/src/main/java/com/alttd/forms/contact/ContactController.java b/src/main/java/com/alttd/forms/contact/ContactController.java index e8eb500..2ab5012 100644 --- a/src/main/java/com/alttd/forms/contact/ContactController.java +++ b/src/main/java/com/alttd/forms/contact/ContactController.java @@ -18,14 +18,17 @@ public class ContactController { @PostMapping("/submitContactForm") public CompletableFuture> submitForm(@Valid @RequestBody ContactFormData formData) { - logger.debug(formData.toString()); + logger.debug("submitForm"); + logger.trace(formData.toString()); CompletableFuture storeFormForVerificationCode = new StoreFormQuery().storeFormForVerificationCode(formData.email, formData); return storeFormForVerificationCode.thenCompose(code -> Verify.verifyEmail(formData.email, code).thenApply(verificationResult -> { if (verificationResult == VerificationResult.VERIFICATION_SENT) { //TODO if this is ok tell the user they have x min to verify if they fail to do so they have to remake the form + logger.trace("Contact form stored and requested verification from user"); return ResponseEntity.ok("User Data received and email verification sent."); } else { + logger.trace("Failed to send verification email"); return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR) .body("Failed to send verification email. Reason: " + verificationResult.name()); } diff --git a/src/main/java/com/alttd/forms/contact/StoreFormQuery.java b/src/main/java/com/alttd/forms/contact/StoreFormQuery.java index aa7c746..3c06ab0 100644 --- a/src/main/java/com/alttd/forms/contact/StoreFormQuery.java +++ b/src/main/java/com/alttd/forms/contact/StoreFormQuery.java @@ -61,13 +61,17 @@ public class StoreFormQuery { } public CompletableFuture storeFormForVerificationCode(String eMail, Form form) { + logger.debug("storeFormForVerificationCode"); Connection connection = DatabaseConnection.getConnection(); + logger.trace("Connection: {}", connection); return CompletableFuture.supplyAsync(() -> { Optional optionalFormId = insertForm(connection, form); + logger.trace("Form id: {}", optionalFormId); if (optionalFormId.isEmpty()) { throw new RuntimeException("Failed to store form"); } Optional verificationCode = insertVerificationCodeForForm(connection, eMail, optionalFormId.get()); + logger.trace("Verification code: {}", verificationCode); if (verificationCode.isEmpty()) { throw new RuntimeException("Failed to set verification code"); } diff --git a/src/main/java/com/alttd/forms/mail/mail_forms/MailForm.java b/src/main/java/com/alttd/forms/mail/mail_forms/MailForm.java index 3d81d03..4ce0f2d 100644 --- a/src/main/java/com/alttd/forms/mail/mail_forms/MailForm.java +++ b/src/main/java/com/alttd/forms/mail/mail_forms/MailForm.java @@ -19,7 +19,7 @@ public class MailForm { Properties mailProperties = MailSettings.getMailProperties(); Optional accountDetails = MailSettings.getAccountDetails(); if (accountDetails.isEmpty()) { - logger.error("No account details, can't send email to " + receiver + " with data " + form.toString()); + logger.error("No account details, can't send email to {} with data {}", receiver, form.toString()); return; } PasswordAuthentication passwordAuthentication = accountDetails.get(); @@ -37,9 +37,9 @@ public class MailForm { message.setContent(form.toHtml(), "text/html"); try { Transport.send(message); - logger.debug("Send mail to " + receiver + " containing " + form) ; + logger.debug("Send mail to {} containing {}", receiver, form); } catch (MessagingException e) { - logger.error("Unable to send mail to " + receiver + " with data " + form, e); + logger.error("Unable to send mail to {} with data {}", receiver, form, e); } } catch (MessagingException e) { logger.error("Failed to create MimeMessage", e); diff --git a/src/main/java/com/alttd/forms/mail/verification/Verify.java b/src/main/java/com/alttd/forms/mail/verification/Verify.java index d5d9f79..c7b4551 100644 --- a/src/main/java/com/alttd/forms/mail/verification/Verify.java +++ b/src/main/java/com/alttd/forms/mail/verification/Verify.java @@ -16,31 +16,42 @@ public class Verify { private static final Logger logger = LoggerFactory.getLogger(Verify.class); public static CompletableFuture verifyEmail(String address, int code) { + logger.debug("verifyEmail"); Properties mailProperties = MailSettings.getMailProperties(); + logger.debug("mailProperties: {}", mailProperties); Optional accountDetails = MailSettings.getAccountDetails(); if (accountDetails.isEmpty()) { + logger.debug("accountDetails is empty"); return CompletableFuture.completedFuture(VerificationResult.NO_MAIL_ACCOUNT); } PasswordAuthentication passwordAuthentication = accountDetails.get(); + logger.trace("accountDetails: {}", passwordAuthentication); Session session = MailSettings.getSession(mailProperties, passwordAuthentication); //TODO rate limit sending mail from IP and to specific e-mail addresses (max 1 per minute and max 10 per day) //TODO include a link to all emails that people can click to block us from sending mail to them so no one can use us to spam ppl try { + logger.trace("Creating mail"); Message message = new MimeMessage(session); message.setFrom(new InternetAddress(passwordAuthentication.getUserName())); + logger.trace("Set from"); message.setRecipients( Message.RecipientType.TO, InternetAddress.parse(address) ); + logger.trace("Set recipients"); message.setSubject("Altitude Email Verification"); message.setText("Please verify your email by entering the following code on the page you made the form in\n" + code); //TODO pretty html stuff + logger.trace("Set code: {}", code); //TODO include the form they filled in (also in pretty html stuff) return CompletableFuture.supplyAsync(() -> { try { + logger.trace("Sending mail"); Transport.send(message); + logger.trace("Sending mail succeeded"); return VerificationResult.VERIFICATION_SENT; } catch (MessagingException e) { + logger.error("Failed to send mail", e); return VerificationResult.FAILED_TO_SEND; } }); diff --git a/src/main/java/com/alttd/forms/verify_mail/FormQuery.java b/src/main/java/com/alttd/forms/verify_mail/FormQuery.java index 9444433..6c3191b 100644 --- a/src/main/java/com/alttd/forms/verify_mail/FormQuery.java +++ b/src/main/java/com/alttd/forms/verify_mail/FormQuery.java @@ -26,12 +26,12 @@ public class FormQuery { stmt.setString(2, eMail); ResultSet resultSet = stmt.executeQuery(); if (!resultSet.next()) { - logger.warn("A user tried to enter an invalid code: " + verificationCode + " with email: " + eMail); + logger.warn("A user tried to enter an invalid code: {} with email: {}", verificationCode, eMail); return Optional.empty(); } return Optional.of(resultSet.getInt("formId")); } catch (SQLException e) { - logger.error("Failed select form query for verification code: " + verificationCode + " with e-mail " + eMail, e); + logger.error("Failed select form query for verification code: {} with e-mail {}", verificationCode, eMail, e); throw e; } } @@ -43,7 +43,7 @@ public class FormQuery { stmt.setInt(1, formId); ResultSet resultSet = stmt.executeQuery(); if (!resultSet.next()) { - logger.warn("Could not find form with id: " + formId); + logger.warn("Could not find form with id: {}", formId); return Optional.empty(); } String json = resultSet.getString("form_json"); @@ -55,7 +55,7 @@ public class FormQuery { return Optional.empty(); } } catch (SQLException e) { - logger.error("Failed select form query for form with id: " + formId, e); + logger.error("Failed select form query for form with id: {}", formId, e); throw e; } } @@ -87,6 +87,7 @@ public class FormQuery { } if (formId.isEmpty()) { + logger.trace("Unable to find form with code: {} and email {}", code, eMail); return new FormQueryResult(Optional.empty(), "Unable to find form for a user with this code and e-mail"); } diff --git a/src/main/java/com/alttd/forms/verify_mail/VerifyController.java b/src/main/java/com/alttd/forms/verify_mail/VerifyController.java index 503e895..7608d12 100644 --- a/src/main/java/com/alttd/forms/verify_mail/VerifyController.java +++ b/src/main/java/com/alttd/forms/verify_mail/VerifyController.java @@ -27,17 +27,20 @@ public class VerifyController { @PostMapping("/form") public CompletableFuture> validateEmailFromForm(@Valid @RequestBody VerificationData verificationData) { - logger.debug(verificationData.toString()); + logger.debug("validateEmailFromForm"); + logger.trace("verificationData: {}", verificationData); return new FormQuery().getFormForCode(verificationData.code, verificationData.eMail).thenApply(result -> result.form() .map(form -> { try { HttpRequest request = HttpRequest.newBuilder() - .uri(new URI("http://51.222.255.92:8001/api/contact/submitContactForm"))//TODO get uri from form + .uri(new URI("https://forms.alttd.com:8002/api/contact/submitContactForm"))//TODO get uri from form .header("Content-Type", "application/json;charset=UTF-8") .POST(HttpRequest.BodyPublishers.ofString(form.toJsonString(), StandardCharsets.UTF_8)) .build(); + logger.trace("request: {}", request); HttpClient client = HttpClient.newHttpClient(); HttpResponse response = client.send(request, HttpResponse.BodyHandlers.ofString()); + logger.trace("response: {}", response); if (response.statusCode() < 200 || response.statusCode() > 200) { logger.error(String.format("Failed to send form to Discord. Got status code [%d], with body\n%s", response.statusCode(), response.body())); //TODO handle failure