[WEB-5225]feat: enhance authentication logging with detailed error and info message

[pablohashescobar]

Description

• Added logging for various authentication events in the Adapter and its subclasses, including email validation, user existence checks, and password strength validation.
• Implemented error handling for GitHub OAuth email retrieval, ensuring proper logging of unexpected responses and missing primary emails.
• Updated logging configuration in local and production settings to include a dedicated logger for authentication events.

Type of Change

• Bug fix (non-breaking change which fixes an issue)

Test Scenarios

• check all authentication views

References

WEB-5225

Summary by CodeRabbit

• Chores
  • Improved authentication observability: added contextual logging across credential and OAuth flows (email/password validation, signup/signin failures, token/response errors, GitHub email and org checks).
  • Added a dedicated authentication logger to runtime logging configuration.
  • Minor cleanup: removed an unused import.

[cursor]

You have run out of free Bugbot PR reviews for this billing cycle. This will reset on November 20.

To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

[makeplane]

Linked to Plane Work Item(s)

• [WEB-5225] fix sentry errors and add logging for all authentication

This comment was auto-generated by Plane

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 599e815 and 0fdbf0d.

📒 Files selected for processing (1)

• apps/api/plane/api/views/project.py

💤 Files with no reviewable changes (1)

• apps/api/plane/api/views/project.py

---

📝 Walkthrough

Walkthrough

Adds structured logging across the authentication subsystem (adapters and providers) and registers a new plane.authentication logger in local and production settings; no public method signatures were changed and core control flow remains the same.

Changes

Cohort / File(s)	Summary
Logger Configuration apps/api/plane/settings/local.py, apps/api/plane/settings/production.py	Added plane.authentication logger entry with level INFO, using the console handler and propagate: False.
Adapter — Base apps/api/plane/authentication/adapter/base.py	Initialized a logger on Adapter and added logs in validation/error branches: missing email, invalid email, weak password, and disabled signup without invite.
Adapter — OAuth apps/api/plane/authentication/adapter/oauth.py	Added warning logs in RequestException handlers for get_user_token and get_user_response, capturing request/response context before existing error handling.
Provider — Email Credentials apps/api/plane/authentication/provider/credentials/email.py	Added warnings in set_user_data for existing-email on signup, non-existent user on signin, and failed password checks; logs include email context.
Provider — GitHub OAuth apps/api/plane/authentication/provider/oauth/github.py	Added response validation and error logs for GitHub emails API (non-list response, missing primary email), logged RequestException context, org-membership failure warnings, and an info log when an email is found.
Other import cleanup apps/api/plane/api/views/project.py	Removed an unused import of ProjectUserProperty; no behavioral changes.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I hop through code with ears held high,

I add a zap of logs to spy,
Warnings whisper, errors hum,
Now auth's more chatty—here I come! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The pull request title accurately summarizes the main change: adding enhanced logging to authentication with detailed error and info messages.
Description check	✅ Passed	The description covers the main changes, includes a Type of Change selection, and references the related issue, though Test Scenarios section is minimal.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-api-sentry-errors

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull Request Overview

This PR enhances authentication logging by adding detailed error and informational messages throughout the authentication flow. The changes focus on improving observability and debugging capabilities by logging key authentication events such as email validation failures, user existence checks, password strength validation, and OAuth-related errors.

Key changes:

• Added dedicated logger configuration for authentication events in both local and production settings
• Implemented comprehensive logging in authentication adapters and providers to capture error conditions and important events
• Enhanced GitHub OAuth email retrieval with proper error handling and validation

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
apps/api/plane/settings/production.py	Added logger configuration for plane.authentication
apps/api/plane/settings/local.py	Added logger configuration for plane.authentication
apps/api/plane/authentication/provider/oauth/github.py	Added error handling and logging for GitHub OAuth email retrieval and organization validation
apps/api/plane/authentication/provider/credentials/email.py	Added logging for user existence checks and authentication failures
apps/api/plane/authentication/adapter/oauth.py	Added logging for OAuth token and user response retrieval errors
apps/api/plane/authentication/adapter/base.py	Added logger initialization and logging for email validation, password strength checks, and signup validation

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[coderabbitai]

Actionable comments posted: 13

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 80bd1b6 and 599e815.

📒 Files selected for processing (6)

• apps/api/plane/authentication/adapter/base.py (7 hunks)
• apps/api/plane/authentication/adapter/oauth.py (2 hunks)
• apps/api/plane/authentication/provider/credentials/email.py (3 hunks)
• apps/api/plane/authentication/provider/oauth/github.py (2 hunks)
• apps/api/plane/settings/local.py (1 hunks)
• apps/api/plane/settings/production.py (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (2)

apps/api/plane/authentication/provider/oauth/github.py (2)

packages/logger/src/config.ts (1)

• logger (14-14)

apps/api/plane/authentication/adapter/error.py (1)

• AuthenticationException (70-85)

apps/api/plane/authentication/provider/credentials/email.py (1)

packages/logger/src/config.ts (1)

• logger (14-14)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Lint API
• GitHub Check: Analyze (javascript)

🔇 Additional comments (4)

apps/api/plane/settings/local.py (1)

79-83: LGTM! Logger configuration is correct.

The new plane.authentication logger is properly configured with INFO level and console handler, consistent with other loggers in the file.

apps/api/plane/settings/production.py (1)

89-93: LGTM! Production logger configuration is correct.

The plane.authentication logger configuration is consistent with the local settings and appropriate for production use.

apps/api/plane/authentication/adapter/base.py (1)

4-4: LGTM! Logger initialization is correct.

The logging module import and logger initialization using plane.authentication are properly implemented.

Also applies to: 33-33

apps/api/plane/authentication/provider/oauth/github.py (1)

153-156: Consider whether user_login qualifies as PII for your use case.

Depending on your organization's privacy policy, GitHub usernames (user_login) might be considered PII. If so, this should not be logged.

If user_login is considered PII in your context, apply this diff:

             if not self.is_user_in_organization(user_info_response.get("login")):
-                self.logger.warning("User is not in organization", extra={
-                    "organization_id": self.organization_id,
-                    "user_login": user_info_response.get("login"),
-                })
+                self.logger.warning("User is not in required organization", extra={
+                    "organization_id": self.organization_id,
+                })
                 raise AuthenticationException(