Skip to content

Commit

Permalink
fix: need some way to see what is happening (#25805)
Browse files Browse the repository at this point in the history
  • Loading branch information
@pauldambra
pauldambra authored Oct 24, 2024
1 parent 23f33fa commit 1c51c9e
Showing 1 changed file with 14 additions and 2 deletions.
16 changes: 14 additions & 2 deletions posthog/api/user.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
from typing import Any, Optional, cast

import jwt
import posthoganalytics
import requests
import structlog
from django.conf import settings
Expand All @@ -23,6 +24,7 @@
from django_otp import login as otp_login
from django_otp.util import random_hex
from loginas.utils import is_impersonated_session
from prometheus_client import Counter
from rest_framework import exceptions, mixins, serializers, viewsets
from posthog.api.utils import action
from rest_framework.exceptions import NotFound
Expand Down Expand Up @@ -64,6 +66,9 @@
from posthog.user_permissions import UserPermissions
from posthog.utils import get_js_url

REDIRECT_TO_SITE_COUNTER = Counter("posthog_redirect_to_site", "Redirect to site")
REDIRECT_TO_SITE_FAILED_COUNTER = Counter("posthog_redirect_to_site_failed", "Redirect to site failed")

logger = structlog.get_logger(__name__)


Expand Down Expand Up @@ -487,14 +492,21 @@ def hedgehog_config(self, request, **kwargs):

@authenticate_secondarily
def redirect_to_site(request):
REDIRECT_TO_SITE_COUNTER.inc()
team = request.user.team
app_url = request.GET.get("appUrl") or (team.app_urls and team.app_urls[0])

if not app_url:
return HttpResponse(status=404)

if not team or not unparsed_hostname_in_allowed_url_list(team.app_urls, app_url):
logger.info(
REDIRECT_TO_SITE_FAILED_COUNTER.inc()
posthoganalytics.capture(
request.user.distinct_id,
"redirect_to_site_failed",
{"app_url": app_url, "app_urls": team.app_urls, "team_id": team.id},
)
logger.error(
"can_only_redirect_to_permitted_domain", permitted_domains=team.app_urls, app_url=app_url, team_id=team.id
)
return HttpResponse(f"Can only redirect to a permitted domain.", status=403)
Expand Down Expand Up @@ -535,7 +547,7 @@ def redirect_to_website(request):
return HttpResponse(status=404)

if not team or urllib.parse.urlparse(app_url).hostname not in PERMITTED_FORUM_DOMAINS:
logger.info(
logger.error(
"can_only_redirect_to_permitted_domain", permitted_domains=team.app_urls, app_url=app_url, team_id=team.id
)
return HttpResponse(f"Can only redirect to a permitted domain.", status=403)
Expand Down

0 comments on commit 1c51c9e

Please sign in to comment.