From ca40d31dacaa720e655c1ea7cd92da9cc3775585 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Sun, 5 Jun 2022 18:50:44 +0200
Subject: [PATCH] *: make user logging more consistent

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/policies/process.py            | 4 ++--
 authentik/stages/identification/stage.py | 8 ++++----
 authentik/stages/password/stage.py       | 2 +-
 authentik/stages/user_login/stage.py     | 2 +-
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/authentik/policies/process.py b/authentik/policies/process.py
index 645d019a1..6a8bb0c04 100644
--- a/authentik/policies/process.py
+++ b/authentik/policies/process.py
@@ -88,7 +88,7 @@ class PolicyProcess(PROCESS_CLASS):
         LOGGER.debug(
             "P_ENG(proc): Running policy",
             policy=self.binding.policy,
-            user=self.request.user,
+            user=self.request.user.username,
             # this is used for filtering in access checking where logs are sent to the admin
             process="PolicyProcess",
         )
@@ -124,7 +124,7 @@ class PolicyProcess(PROCESS_CLASS):
             # this is used for filtering in access checking where logs are sent to the admin
             process="PolicyProcess",
             passing=policy_result.passing,
-            user=self.request.user,
+            user=self.request.user.username,
         )
         return policy_result
 
diff --git a/authentik/stages/identification/stage.py b/authentik/stages/identification/stage.py
index 728668c3e..dfbe8de03 100644
--- a/authentik/stages/identification/stage.py
+++ b/authentik/stages/identification/stage.py
@@ -162,10 +162,10 @@ class IdentificationStageView(ChallengeStageView):
         if not query:
             self.logger.debug("Empty user query", query=query)
             return None
-        users = User.objects.filter(query, is_active=True)
-        if users.exists():
-            self.logger.debug("Found user", user=users.first(), query=query)
-            return users.first()
+        user = User.objects.filter(query, is_active=True).first()
+        if user:
+            self.logger.debug("Found user", user=user.username, query=query)
+            return user
         return None
 
     def get_challenge(self) -> Challenge:
diff --git a/authentik/stages/password/stage.py b/authentik/stages/password/stage.py
index db70586d1..fc6845de6 100644
--- a/authentik/stages/password/stage.py
+++ b/authentik/stages/password/stage.py
@@ -56,7 +56,7 @@ def authenticate(
             continue
         # Annotate the user object with the path of the backend.
         user.backend = backend_path
-        LOGGER.debug("Successful authentication", user=user, backend=backend_path)
+        LOGGER.debug("Successful authentication", user=user.username, backend=backend_path)
         return user
 
     # The credentials supplied are invalid to all backends, fire signal
diff --git a/authentik/stages/user_login/stage.py b/authentik/stages/user_login/stage.py
index 00c9d9c70..f243d5b59 100644
--- a/authentik/stages/user_login/stage.py
+++ b/authentik/stages/user_login/stage.py
@@ -47,7 +47,7 @@ class UserLoginStageView(StageView):
         self.logger.debug(
             "Logged in",
             backend=backend,
-            user=user,
+            user=user.username,
             flow_slug=self.executor.flow.slug,
             session_duration=self.executor.current_stage.session_duration,
         )