Log if cookie login failed with token mismatch or session unavailability

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 365a01c4595353fe10a0fcca0f97f9897672185e..a0e0e5c1dc8fd8e8c3ed2357db3e213c9b8ded4b 100644 (file)
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -865,6 +865,10 @@ class Session implements IUserSession, Emitter {
                $tokens = $this->config->getUserKeys($uid, 'login_token');
                // test cookies token against stored tokens
                if (!in_array($currentToken, $tokens, true)) {
+                       $this->logger->error('Tried to log in {uid} but could not verify token', [
+                               'app' => 'core',
+                               'uid' => $uid,
+                       ]);
                        return false;
                }
                // replace successfully used token with a new one
@@ -876,6 +880,10 @@ class Session implements IUserSession, Emitter {
                        $sessionId = $this->session->getId();
                        $token = $this->tokenProvider->renewSessionToken($oldSessionId, $sessionId);
                } catch (SessionNotAvailableException $ex) {
+                       $this->logger->warning('Could not renew session token for {uid} because the session is unavailable', [
+                               'app' => 'core',
+                               'uid' => $uid,
+                       ]);
                        return false;
                } catch (InvalidTokenException $ex) {
                        $this->logger->warning('Renewing session token failed', ['app' => 'core']);