feat: [logging] Enhance logging for production and staging environments

pparage · pparage · commit 0b4b96138177 · 2026-02-23T15:18:13.000+01:00
Add comprehensive logging configuration with per-app loggers and environment-aware formatting. - Add loggers for api, authentication, django.request, django.security, and django.db.backends - Add verbose formatter used automatically in DEBUG mode - Add DJANGO_DB_LOG_LEVEL env var for database query logging - Add logging to API views (login, user CRUD) and auth views (signup, login) - All app loggers respect DJANGO_LOG_LEVEL env var Fixes #44
diff --git a/api/views.py b/api/views.py
@@ -22,6 +22,8 @@
 from testing.models import TlsScanHistory
 from testing_platform import tools
 
+import logging
+
 from .serializers import (
     DomainNameAndServiceSerializer,
     DomainNameSerializer,
@@ -32,6 +34,8 @@
     UserSerializer,
 )
 
+logger = logging.getLogger(__name__)
+
 
 class LoginApiView(APIView):
     authentication_classes = [JWTAuthentication]
@@ -43,6 +47,7 @@ def post(self, request):
         user = authenticate(username=username, password=password)
 
         if user is not None:
+            logger.info("API login successful for user '%s'", username)
             refresh = RefreshToken.for_user(user)
             access_token = str(refresh.access_token)
             refresh_token = str(refresh)
@@ -67,6 +72,7 @@ def post(self, request):
 
             return response
 
+        logger.warning("API login failed for user '%s'", username)
         return Response(status=status.HTTP_401_UNAUTHORIZED)
 
 
@@ -199,6 +205,7 @@ def post(self, request, *args, **kwargs):
         )
         new_user.set_password(password)
         new_user.save()
+        logger.info("API user created: '%s'", new_user.username)
         return Response(UserSerializer(new_user).data, status=status.HTTP_201_CREATED)
 
 
@@ -231,6 +238,7 @@ def delete(self, request, id=None):
         """
         user = User.objects.filter(id=id)
         user.delete()
+        logger.info("API user deleted: id=%s", id)
         return Response(status=status.HTTP_204_NO_CONTENT)
 
 
diff --git a/authentication/views.py b/authentication/views.py
@@ -1,3 +1,4 @@
+import logging
 import socket
 
 from django.contrib import messages
@@ -17,6 +18,8 @@
     UserUpdateForm,
 )
 
+logger = logging.getLogger(__name__)
+
 
 def signup(request):
     if request.method == "POST":
@@ -28,6 +31,7 @@ def signup(request):
             raw_password = clean_form.get("password1")
             user = authenticate(username=username, password=raw_password)
             login(request, user)
+            logger.info("New user registered: '%s'", username)
             messages.success(request, "Your signed up successfully!")
             return redirect("/")
     else:
@@ -63,9 +67,10 @@ def login_user(request):
             user = authenticate(request=request, username=username, password=password)
             if user is not None:
                 login(request, user)
-                # messages.success(request, "Logged in successfully")
+                logger.info("User logged in: '%s'", username)
                 return HttpResponseRedirect("/")
             else:
+                logger.warning("Failed login attempt for user '%s'", username)
                 return render(request, "login.html", {"form": form})
     else:
         form = LoginForm()
diff --git a/testing_platform/settings.py b/testing_platform/settings.py
@@ -9,6 +9,7 @@
 For the full list of settings and their values, see
 https://docs.djangoproject.com/en/3.2/ref/settings/
 """
+
 import os
 import sys
 from datetime import timedelta
@@ -136,7 +137,9 @@
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
 ]
-_cors_origins = os.environ.get("CORS_ALLOWED_ORIGINS", "http://localhost:3000,http://127.0.0.1:3000")
+_cors_origins = os.environ.get(
+    "CORS_ALLOWED_ORIGINS", "http://localhost:3000,http://127.0.0.1:3000"
+)
 CORS_ALLOWED_ORIGINS = [o.strip() for o in _cors_origins.split(",") if o.strip()]
 
 
@@ -237,12 +240,18 @@
 
 DMARC_API_KEY = os.environ.get("DMARC_API_KEY", "")
 
+LOG_LEVEL = os.getenv("DJANGO_LOG_LEVEL", "INFO")
+
 LOGGING = {
     "version": 1,
     "disable_existing_loggers": False,
     "formatters": {
         "simple": {
-            "format": "{levelname} {asctime} {module} {process:d} {thread:d} {message}",
+            "format": "{levelname} {asctime} {module} {message}",
+            "style": "{",
+        },
+        "verbose": {
+            "format": "{levelname} {asctime} {name} {module} {process:d} {thread:d} {message}",
             "style": "{",
         },
     },
@@ -251,7 +260,7 @@
             "class": "logging.StreamHandler",
             "level": "DEBUG",
             "stream": sys.stdout,
-            "formatter": "simple",
+            "formatter": "verbose" if DEBUG else "simple",
         },
     },
     "root": {
@@ -261,7 +270,32 @@
     "loggers": {
         "testing": {
             "handlers": ["console"],
-            "level": os.getenv("DJANGO_LOG_LEVEL", "INFO"),
+            "level": LOG_LEVEL,
+            "propagate": False,
+        },
+        "api": {
+            "handlers": ["console"],
+            "level": LOG_LEVEL,
+            "propagate": False,
+        },
+        "authentication": {
+            "handlers": ["console"],
+            "level": LOG_LEVEL,
+            "propagate": False,
+        },
+        "django.request": {
+            "handlers": ["console"],
+            "level": "WARNING",
+            "propagate": False,
+        },
+        "django.security": {
+            "handlers": ["console"],
+            "level": "WARNING",
+            "propagate": False,
+        },
+        "django.db.backends": {
+            "handlers": ["console"],
+            "level": os.getenv("DJANGO_DB_LOG_LEVEL", "WARNING"),
             "propagate": False,
         },
     },
