Add DEBUG_AUTH flag to settings

example-config/home/feudal/config/django_settings.py

@@ -7,6 +7,8 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
+DEBUG_AUTH = False
+
 ALLOWED_HOSTS = [
     'hdf-portal.data.kit.edu',
 ]

feudal/backend/auth/v1/views/clients.py

 # pylint: disable=too-many-return-statements
 
 import logging
-import re
 
 from django.contrib.auth.models import Group
 from django.http import HttpResponse
+from django.conf import settings
 from django.contrib.auth import authenticate
 from django.contrib.sessions.models import Session
 
 from .... import models
 
 LOGGER = logging.getLogger(__name__)
-AUTH_DEBUGGING = False
 
 ALLOW = HttpResponse('allow')
 DENY = HttpResponse('deny')
@@ -144,25 +143,23 @@ def resource_auth_decision(request, decision):
     permission = request.POST.get('permission', [])
     resource = request.POST.get('resource', '')
     name = request.POST.get('name', '')
-    if not AUTH_DEBUGGING:
-        return decision
-
-    if decision == ALLOW:
-        LOGGER.debug(
-            "[resource] ALLOW %s %s '%s' for %s",
-            permission,
-            resource,
-            name,
-            user,
-        )
-    else:
-        LOGGER.error(
-            "[recource] DENY %s %s '%s' for %s",
-            permission,
-            resource,
-            name,
-            user,
-        )
+    if settings.DEBUG_AUTH:
+        if decision == ALLOW:
+            LOGGER.debug(
+                "[resource] ALLOW %s %s '%s' for %s",
+                permission,
+                resource,
+                name,
+                user,
+            )
+        else:
+            LOGGER.error(
+                "[recource] DENY %s %s '%s' for %s",
+                permission,
+                resource,
+                name,
+                user,
+            )
     return decision
 
 def resource_endpoint(request):