Remove logs meant for auth debugging (#1144)

* Use separate limits def * Add param prefix
DataBiosphere · Jan 27, 2025 · 322e75b · 322e75b
1 parent 352e229
commit 322e75b
Show file tree

Hide file tree

Showing 2 changed files with 116 additions and 113 deletions.
diff --git a/service/src/main/java/bio/terra/tanagra/app/authentication/AuthInterceptor.java b/service/src/main/java/bio/terra/tanagra/app/authentication/AuthInterceptor.java
@@ -51,7 +51,7 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
     SpringAuthentication.clearCurrentUser();
 
     if (HttpMethods.OPTIONS.equals(request.getMethod())) {
-      LOGGER.info("Authorization not required for OPTIONS methods requests");
+      // Authorization not required for OPTIONS methods requests
       return true;
     }
 
@@ -65,13 +65,11 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
     if (apiOp != null) {
       for (String tag : apiOp.tags()) {
         if (OPENAPI_TAG_AUTH_NOT_REQUIRED.equals(tag)) {
-          LOGGER.info(
-              "Authorization not required by endpoint: {}", request.getRequestURL().toString());
+          // Authorization not required by endpoint
           return true;
         }
       }
     }
-    LOGGER.info("Authorization required by endpoint: {}", request.getRequestURL().toString());
 
     UserId userId;
     try {
@@ -123,7 +121,6 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
     }
 
     SpringAuthentication.setCurrentUser(userId);
-    LOGGER.info("User authenticated: subject={}, email={}", userId.getSubject(), userId.getEmail());
 
     // Any further checks on the user (e.g. check email domain name) should go here.
     // Return SC_FORBIDDEN, not SC_UNAUTHORIZED, if they fail.