To make auditing and debugging easier, it is helpful to include the
current authenticated user in the request log. We do this by setting a
uWSGI log variable in the application and overriding the uWSGI log
format to use this variable instead of the REMOTE_USER of the request.
Unfortunately, uWSGI is weird and we lose some information when we
override the log format, like the app ID and whatever "req" specifies in
the logs. This shouldn't affect anything we're doing, but it's
unfortunate nonetheless.
Also, when there is no user logged in or the Python application is
bypassed, the user will be "-" instead of the empty string.
To make auditing and debugging easier, it is helpful to include the current authenticated user in the request log. We do this by setting a uWSGI log variable in the application and overriding the uWSGI log format to use this variable instead of the REMOTE_USER of the request.
Unfortunately, uWSGI is weird and we lose some information when we override the log format, like the app ID and whatever "req" specifies in the logs. This shouldn't affect anything we're doing, but it's unfortunate nonetheless.
Also, when there is no user logged in or the Python application is bypassed, the user will be "-" instead of the empty string.