g-k · July 9, 2018 17:54
diff --git a/FxA customs server logs b/FxA customs server logs
 ** does EIS only want error logs, blocks, or also success (much larger log volume)? Going to say prob. errors only / no new l$
 ** which endpoints?
  POST /blockEmail
  POST /blockIp
  POST /check
  POST /checkAuthenticated
  POST /checkIpOnly
  POST /failedLoginAttempt
  POST /passwordReset

  https://github.com/mozilla/fxa-customs-server/blob/master/docs/api.md
 ** what data does each endpoint have?
  POST /blockEmail (email; unused)
  POST /blockIp (ip; unused)
  POST /check (email, ip, optional phone #, action)
  POST /checkAuthenticated (ip, UID, action)
  POST /checkIpOnly (ip, action)
  POST /failedLoginAttempt (email, ip)
  POST /passwordReset (email)

 ** which log statements? (all in customs server.js)
   mozilla/fxa-customs-server - [master] »
   git grep -n log\\.
   ...
   # sentry config
   # lib/server.js:38:    log.info({ op: 'sentryEnabled' })
   # lib/server.js:40:    log.info({ op: 'sentryDisabled' })
   # api error:
   # lib/server.js:102:    log.error({ op: 'error', message: err.message })
   # mc err
   # lib/server.js:106:    log.error({ op: 'memcachedError', err: err })

   # whitelisted IPs and emails
   # lib/server.js:173:        log.info({

   # in /check
   # missing params error log: lib/server.js:210:        log.error({ op: 'request.check', email: email, ip: ip, action: action, err: err })
   # check result; have email, ip, action, and block result: lib/server.js:301:            log.info({
   # error log from reporting IP or sending response for lib/server.js:320:            log.error({ op: 'request.check', email: email, ip: ip, action: action, err: err })

   # in /checkAuthenticated
   # missing params error log: lib/server.js:343:        log.error({op:'request.checkAuthenticated', action: action, ip: ip, uid: uid, err: err})
   # check authenticated result: have block, can add uid and action lib/server.js:367:            log.info({ op: 'request.checkAuthenticated', block: result.block })
   # error log from sending result: lib/server.js:375:            log.error({ op: 'request.checkAuthenticated', err: err })

   # in /checkIpOnly
   # missing params error: lib/server.js:395:      log.error({ op:'request.checkAuthenticated', action: action, ip: ip, err: err })
   # result have ip, action, block: lib/server.js:433:        log.info({
   # err have ip, action lib/server.js:450:        log.error({ op: 'request.checkIpOnly', ip: ip, action: action, err: err })

   # in /failedLoginAttempt
   # missing params err: lib/server.js:464:        log.error({ op: 'request.failedLoginAttempt', email: email, ip: ip, err: err })
   # success result lib/server.js:490:            log.info({ op: 'request.failedLoginAttempt', email: email, ip: ip, errno: errno })
   # err lib/server.js:494:            log.error({ op: 'request.failedLoginAttempt', email: email, ip: ip, err: err })

   # in /passwordReset
   # missing email param: lib/server.js:508:        log.error({ op: 'request.passwordReset', email: email, err: err })
   # success: lib/server.js:524:            log.info({ op: 'request.passwordReset', email: email })
   # failure/err: lib/server.js:528:            log.error({ op: 'request.passwordReset', email: email, err: err })

   # in /blockEmail
   # missing email param: lib/server.js:542:        log.error({ op: 'request.blockEmail', email: email, err: err })
   # success: lib/server.js:551:            log.info({ op: 'request.blockEmail', email: email })
   # error: lib/server.js:557:            log.error({ op: 'request.blockEmail', email: email, err: err })

   # in /blockIp
   # missing ip param: lib/server.js:571:        log.error({ op: 'request.blockIp', ip: ip, err: err })
   # success: lib/server.js:579:            log.info({ op: 'request.blockIp', ip: ip })
   # error: lib/server.js:585:            log.error({ op: 'request.blockIp', ip: ip, err: err })
	** does EIS only want error logs, blocks, or also success (much larger log volume)? Going to say prob. errors only / no new l$
	** which endpoints?
	POST /blockEmail
	POST /blockIp
	POST /check
	POST /checkAuthenticated
	POST /checkIpOnly
	POST /failedLoginAttempt
	POST /passwordReset

	https://github.com/mozilla/fxa-customs-server/blob/master/docs/api.md
	** what data does each endpoint have?
	POST /blockEmail (email; unused)
	POST /blockIp (ip; unused)
	POST /check (email, ip, optional phone #, action)
	POST /checkAuthenticated (ip, UID, action)
	POST /checkIpOnly (ip, action)
	POST /failedLoginAttempt (email, ip)
	POST /passwordReset (email)

	** which log statements? (all in customs server.js)
	mozilla/fxa-customs-server - [master] »
	git grep -n log\\.
	...
	# sentry config
	# lib/server.js:38: log.info({ op: 'sentryEnabled' })
	# lib/server.js:40: log.info({ op: 'sentryDisabled' })
	# api error:
	# lib/server.js:102: log.error({ op: 'error', message: err.message })
	# mc err
	# lib/server.js:106: log.error({ op: 'memcachedError', err: err })

	# whitelisted IPs and emails
	# lib/server.js:173: log.info({

	# in /check
	# missing params error log: lib/server.js:210: log.error({ op: 'request.check', email: email, ip: ip, action: action, err: err })
	# check result; have email, ip, action, and block result: lib/server.js:301: log.info({
	# error log from reporting IP or sending response for lib/server.js:320: log.error({ op: 'request.check', email: email, ip: ip, action: action, err: err })

	# in /checkAuthenticated
	# missing params error log: lib/server.js:343: log.error({op:'request.checkAuthenticated', action: action, ip: ip, uid: uid, err: err})
	# check authenticated result: have block, can add uid and action lib/server.js:367: log.info({ op: 'request.checkAuthenticated', block: result.block })
	# error log from sending result: lib/server.js:375: log.error({ op: 'request.checkAuthenticated', err: err })

	# in /checkIpOnly
	# missing params error: lib/server.js:395: log.error({ op:'request.checkAuthenticated', action: action, ip: ip, err: err })
	# result have ip, action, block: lib/server.js:433: log.info({
	# err have ip, action lib/server.js:450: log.error({ op: 'request.checkIpOnly', ip: ip, action: action, err: err })

	# in /failedLoginAttempt
	# missing params err: lib/server.js:464: log.error({ op: 'request.failedLoginAttempt', email: email, ip: ip, err: err })
	# success result lib/server.js:490: log.info({ op: 'request.failedLoginAttempt', email: email, ip: ip, errno: errno })
	# err lib/server.js:494: log.error({ op: 'request.failedLoginAttempt', email: email, ip: ip, err: err })

	# in /passwordReset
	# missing email param: lib/server.js:508: log.error({ op: 'request.passwordReset', email: email, err: err })
	# success: lib/server.js:524: log.info({ op: 'request.passwordReset', email: email })
	# failure/err: lib/server.js:528: log.error({ op: 'request.passwordReset', email: email, err: err })

	# in /blockEmail
	# missing email param: lib/server.js:542: log.error({ op: 'request.blockEmail', email: email, err: err })
	# success: lib/server.js:551: log.info({ op: 'request.blockEmail', email: email })
	# error: lib/server.js:557: log.error({ op: 'request.blockEmail', email: email, err: err })

	# in /blockIp
	# missing ip param: lib/server.js:571: log.error({ op: 'request.blockIp', ip: ip, err: err })
	# success: lib/server.js:579: log.info({ op: 'request.blockIp', ip: ip })
	# error: lib/server.js:585: log.error({ op: 'request.blockIp', ip: ip, err: err })