Changeset

5084:dda2af7ed02f

mod_sasl2_fast: Add more debug logging
author Matthew Wild <mwild1@gmail.com>
date Mon, 07 Nov 2022 10:21:42 +0000
parents 5083:4837232474ca
children 5085:e384b91d0aa7
files mod_sasl2_fast/mod_sasl2_fast.lua
diffstat 1 files changed, 2 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mod_sasl2_fast/mod_sasl2_fast.lua	Mon Nov 07 10:21:18 2022 +0000
+++ b/mod_sasl2_fast/mod_sasl2_fast.lua	Mon Nov 07 10:21:42 2022 +0000
@@ -47,6 +47,7 @@
 				if hash.equals(expected_hash, token_hash) then
 					local current_time = now();
 					if token.expires_at < current_time then
+						log("debug", "Token found, but it has expired (%ds ago). Cleaning up...", current_time - token.expires_at);
 						token_store:set(username, key, nil);
 						return nil, "credentials-expired";
 					end
@@ -61,6 +62,7 @@
 					if invalidate then
 						token_store:set(username, key, nil);
 					elseif current_time - token.issued_at > fast_token_min_ttl then
+						log("debug", "FAST token due for rotation (age: %d)", current_time - token.issued_at);
 						rotation_needed = true;
 					end
 					return true, username, hmac_f(token.secret, "Responder"..cb_data), rotation_needed;