From 893c8251091d27e88563c481a2153c374f1cad13 Mon Sep 17 00:00:00 2001
From: Sietse Snel <s.t.snel@uu.nl>
Date: Fri, 6 Dec 2024 13:03:53 +0100
Subject: [PATCH] YDA-6041: log CSRF errors

So that technical admins can see that a redirect occurred because
of a CSRF error.
---
 general/general.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/general/general.py b/general/general.py
index 20cad295..5242c76e 100644
--- a/general/general.py
+++ b/general/general.py
@@ -3,9 +3,11 @@
 __copyright__ = 'Copyright (c) 2021-2024, Utrecht University'
 __license__   = 'GPLv3, see LICENSE'
 
-from flask import Blueprint, redirect, render_template, Response, url_for
+from flask import Blueprint, redirect, render_template, request, Response, session, url_for
 from flask_wtf.csrf import CSRFError
 
+from util import log_error
+
 general_bp = Blueprint('general_bp', __name__,
                        template_folder='templates/general',
                        static_folder='static/general',
@@ -19,6 +21,8 @@ def index() -> Response:
 
 @general_bp.app_errorhandler(CSRFError)
 def csrf_error(e: Exception) -> Response:
+    username = session.get("login_username", "N/A")
+    log_error(f"CSRF error occurred for user {username} on path {request.path}.")
     return redirect(url_for('user_bp.login'))