From afb38b685c0f976a5aba8887c3a69097939af569 Mon Sep 17 00:00:00 2001
From: Christoph Haas <christoph.h@sprinternet.at>
Date: Wed, 17 Sep 2025 22:33:54 +0200
Subject: [PATCH] improve logging of LDAP login process (#529)

---
 internal/app/auth/auth.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/internal/app/auth/auth.go b/internal/app/auth/auth.go
index c6e5232..07c97e8 100644
--- a/internal/app/auth/auth.go
+++ b/internal/app/auth/auth.go
@@ -364,6 +364,7 @@ func (a *Authenticator) passwordAuthentication(
 			}
 			ldapUserInfo, err = ldapAuth.ParseUserInfo(rawUserInfo)
 			if err != nil {
+				slog.Error("failed to parse ldap user info", "identifier", identifier, "error", err)
 				continue
 			}
 
@@ -376,10 +377,13 @@ func (a *Authenticator) passwordAuthentication(
 	}
 
 	if userSource == "" {
+		slog.Warn("no user source found for user", "identifier", identifier, "ldapProviderCount", a.ldapAuthenticators)
 		return nil, errors.New("user not found")
 	}
 
 	if userSource == domain.UserSourceLdap && ldapProvider == nil {
+		slog.Warn("no ldap provider found for user",
+			"identifier", identifier, "ldapProviderCount", a.ldapAuthenticators)
 		return nil, errors.New("ldap provider not found")
 	}