jwag956
commented
1 month ago Have you tried defining your own unauthz_handler: https://flask-security-too.readthedocs.io/en/stable/api.html#flask_security.Security.unauthz_handler
you get which decorator and what args (and you of course have the entire request context) - log what you need then call default_unauthz_handler() to finish the request.
mmillmore
We have faced situations where we have a silly error in our code (e.g. wrong permission name), and are struggling to find what is going wrong because it's hard to spot, and the errors that come out of the system are (intentionally) opaque. It would be good if we had a flag we could set to turn on more verbose logging of what is going on, e.g. this user doesn't have the right permission, and show their permission list. When a user can't log in, in debug mode tell us if the user is not found or the password is wrong, and so on