feat: add logs for http handlers

2022-05-23 11:52:51 +05:30 · 2022-05-23 11:52:51 +05:30 · b35d86fd40
commit b35d86fd40
parent 2bc4c74930
15 changed files with 109 additions and 25 deletions
--- a/server/email/email.go
+++ b/server/email/email.go
@ -4,13 +4,14 @@ import (
 	"bytes"
 	"crypto/tls"
 	"encoding/json"
-	"log"
 	"strconv"
 	"text/template"

+	log "github.com/sirupsen/logrus"
+	gomail "gopkg.in/mail.v2"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/envstore"
-	gomail "gopkg.in/mail.v2"
 )

 // addEmailTemplate is used to add html template in email body
@ -46,7 +47,7 @@ func SendMail(to []string, Subject, bodyMessage string) error {
 		d.TLSConfig = &tls.Config{InsecureSkipVerify: true}
 	}
 	if err := d.DialAndSend(m); err != nil {
-		log.Printf("smtp error: %s", err)
+		log.Debug("SMTP Failed:", err)
 		return err
 	}
 	return nil
--- a/server/env/env.go
+++ b/server/env/env.go
@ -33,7 +33,7 @@ func InitRequiredEnv() error {

 	err := godotenv.Load(envPath)
 	if err != nil {
-		log.Printf("using OS env instead of %s file", envPath)
+		log.Info("using OS env instead of %s file", envPath)
 	}

 	dbURL := os.Getenv(constants.EnvKeyDatabaseURL)
--- a/server/env/persist_env.go
+++ b/server/env/persist_env.go
@ -183,7 +183,7 @@ func PersistEnv() error {
 			env.EnvData = encryptedConfig
 			_, err = db.Provider.UpdateEnv(env)
 			if err != nil {
-				log.Debug("error updating config in db:", err)
+				log.Debug("Failed to Update Config:", err)
 				return err
 			}
 		}
--- a/server/handlers/app.go
+++ b/server/handlers/app.go
@ -1,14 +1,15 @@
 package handlers

 import (
-	"log"
 	"net/http"
 	"strings"

+	"github.com/gin-gonic/gin"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/utils"
-	"github.com/gin-gonic/gin"
 )

 // State is the struct that holds authorizer url and redirect url
@ -23,6 +24,7 @@ func AppHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		hostname := utils.GetHost(c)
 		if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage) {
+			log.Debug("Login page is disabled")
 			c.JSON(400, gin.H{"error": "login page is not enabled"})
 			return
 		}
@ -43,6 +45,7 @@ func AppHandler() gin.HandlerFunc {
 		} else {
 			// validate redirect url with allowed origins
 			if !utils.IsValidOrigin(redirect_uri) {
+				log.Debug("Invalid redirect_uri")
 				c.JSON(400, gin.H{"error": "invalid redirect url"})
 				return
 			}
@ -52,7 +55,7 @@ func AppHandler() gin.HandlerFunc {
 		if pusher := c.Writer.Pusher(); pusher != nil {
 			// use pusher.Push() to do server push
 			if err := pusher.Push("/app/build/bundle.js", nil); err != nil {
-				log.Printf("Failed to push: %v", err)
+				log.Debug("Failed to push file path", err)
 			}
 		}
 		c.HTML(http.StatusOK, "app.tmpl", gin.H{
--- a/server/handlers/authorize.go
+++ b/server/handlers/authorize.go
@ -6,14 +6,16 @@ import (
 	"strings"
 	"time"

+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/sessionstore"
 	"github.com/authorizerdev/authorizer/server/token"
-	"github.com/gin-gonic/gin"
-	"github.com/google/uuid"
 )

 // AuthorizeHandler is the handler for the /authorize route
@ -48,6 +50,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 		}

 		if responseMode != "query" && responseMode != "web_message" {
+			log.Debug("Invalid response_mode")
 			gc.JSON(400, gin.H{"error": "invalid response mode"})
 		}

@ -63,6 +66,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			if isQuery {
 				gc.Redirect(http.StatusFound, loginURL)
 			} else {
+				log.Debug("Failed to get client_id")
 				gc.HTML(http.StatusOK, template, gin.H{
 					"target_origin": redirectURI,
 					"authorization_response": map[string]interface{}{
@ -80,6 +84,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			if isQuery {
 				gc.Redirect(http.StatusFound, loginURL)
 			} else {
+				log.Debug("Invalid client_id")
 				gc.HTML(http.StatusOK, template, gin.H{
 					"target_origin": redirectURI,
 					"authorization_response": map[string]interface{}{
@ -97,6 +102,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			if isQuery {
 				gc.Redirect(http.StatusFound, loginURL)
 			} else {
+				log.Debug("Failed to get state")
 				gc.HTML(http.StatusOK, template, gin.H{
 					"target_origin": redirectURI,
 					"authorization_response": map[string]interface{}{
@ -121,6 +127,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			if isQuery {
 				gc.Redirect(http.StatusFound, loginURL)
 			} else {
+				log.Debug("Invalid response_type")
 				gc.HTML(http.StatusOK, template, gin.H{
 					"target_origin": redirectURI,
 					"authorization_response": map[string]interface{}{
@ -139,6 +146,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 				if isQuery {
 					gc.Redirect(http.StatusFound, loginURL)
 				} else {
+					log.Debug("Failed to get code_challenge")
 					gc.HTML(http.StatusBadRequest, template, gin.H{
 						"target_origin": redirectURI,
 						"authorization_response": map[string]interface{}{
--- a/server/handlers/jwks.go
+++ b/server/handlers/jwks.go
@ -3,9 +3,11 @@ package handlers
 import (
 	"encoding/json"

+	"github.com/gin-gonic/gin"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/envstore"
-	"github.com/gin-gonic/gin"
 )

 func JWKsHandler() gin.HandlerFunc {
@ -14,6 +16,7 @@ func JWKsHandler() gin.HandlerFunc {
 		jwk := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJWK)
 		err := json.Unmarshal([]byte(jwk), &data)
 		if err != nil {
+			log.Debug("Failed to parse JWK", err)
 			c.JSON(500, gin.H{
 				"error": err.Error(),
 			})
--- a/server/handlers/logout.go
+++ b/server/handlers/logout.go
@ -4,10 +4,12 @@ import (
 	"net/http"
 	"strings"

+	"github.com/gin-gonic/gin"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/crypto"
 	"github.com/authorizerdev/authorizer/server/sessionstore"
-	"github.com/gin-gonic/gin"
 )

 // Handler to logout user
@ -17,6 +19,7 @@ func LogoutHandler() gin.HandlerFunc {
 		// get fingerprint hash
 		fingerprintHash, err := cookie.GetSession(gc)
 		if err != nil {
+			log.Debug("Failed to get session", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{
 				"error": err.Error(),
 			})
@ -25,6 +28,7 @@ func LogoutHandler() gin.HandlerFunc {

 		decryptedFingerPrint, err := crypto.DecryptAES(fingerprintHash)
 		if err != nil {
+			log.Debug("Failed to decrypt fingerprint", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{
 				"error": err.Error(),
 			})
--- a/server/handlers/oauth_callback.go
+++ b/server/handlers/oauth_callback.go
@ -5,12 +5,16 @@ import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
-	"log"
 	"net/http"
 	"strconv"
 	"strings"
 	"time"

+	"github.com/coreos/go-oidc/v3/oidc"
+	"github.com/gin-gonic/gin"
+	log "github.com/sirupsen/logrus"
+	"golang.org/x/oauth2"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
@ -20,9 +24,6 @@ import (
 	"github.com/authorizerdev/authorizer/server/sessionstore"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
-	"github.com/coreos/go-oidc/v3/oidc"
-	"github.com/gin-gonic/gin"
-	"golang.org/x/oauth2"
 )

 // OAuthCallbackHandler handles the OAuth callback for various oauth providers
@ -33,6 +34,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {

 		sessionState := sessionstore.GetState(state)
 		if sessionState == "" {
+			log.Debug("Invalid oauth state")
 			c.JSON(400, gin.H{"error": "invalid oauth state"})
 		}
 		sessionstore.GetState(state)
@ -40,6 +42,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 		sessionSplit := strings.Split(state, "___")

 		if len(sessionSplit) < 3 {
+			log.Debug("Invalid redirect url")
 			c.JSON(400, gin.H{"error": "invalid redirect url"})
 			return
 		}
@ -60,18 +63,22 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 		case constants.SignupMethodFacebook:
 			user, err = processFacebookUserInfo(code)
 		default:
+			log.Info("Invalid oauth provider")
 			err = fmt.Errorf(`invalid oauth provider`)
 		}

 		if err != nil {
+			log.Debug("Failed to process user info: ", err)
 			c.JSON(400, gin.H{"error": err.Error()})
 			return
 		}

 		existingUser, err := db.Provider.GetUserByEmail(user.Email)
+		log := log.WithField("user", user.Email)

 		if err != nil {
 			if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableSignUp) {
+				log.Debug("Failed to signup as disabled")
 				c.JSON(400, gin.H{"error": "signup is disabled for this instance"})
 				return
 			}
@ -86,6 +93,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 			}

 			if hasProtectedRole {
+				log.Debug("Invalid role")
 				c.JSON(400, gin.H{"error": "invalid role"})
 				return
 			}
@ -96,6 +104,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 			user, _ = db.Provider.AddUser(user)
 		} else {
 			if user.RevokedTimestamp != nil {
+				log.Debug("User access revoked")
 				c.JSON(400, gin.H{"error": "user access has been revoked"})
 			}

@ -137,6 +146,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 				}

 				if hasProtectedRole {
+					log.Debug("Invalid role. User is using protected unassigned role")
 					c.JSON(400, gin.H{"error": "invalid role"})
 					return
 				} else {
@ -148,6 +158,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {

 			user, err = db.Provider.UpdateUser(user)
 			if err != nil {
+				log.Debug("Failed to update user: ", err)
 				c.JSON(500, gin.H{"error": err.Error()})
 				return
 			}
@ -155,6 +166,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {

 		authToken, err := token.CreateAuthToken(c, user, inputRoles, scopes)
 		if err != nil {
+			log.Debug("Failed to create auth token: ", err)
 			c.JSON(500, gin.H{"error": err.Error()})
 		}

@ -194,6 +206,7 @@ func processGoogleUserInfo(code string) (models.User, error) {
 	ctx := context.Background()
 	oauth2Token, err := oauth.OAuthProviders.GoogleConfig.Exchange(ctx, code)
 	if err != nil {
+		log.Debug("Failed to exchange code for token: ", err)
 		return user, fmt.Errorf("invalid google exchange code: %s", err.Error())
 	}

@ -202,16 +215,19 @@ func processGoogleUserInfo(code string) (models.User, error) {
 	// Extract the ID Token from OAuth2 token.
 	rawIDToken, ok := oauth2Token.Extra("id_token").(string)
 	if !ok {
+		log.Debug("Failed to extract ID Token from OAuth2 token.")
 		return user, fmt.Errorf("unable to extract id_token")
 	}

 	// Parse and verify ID Token payload.
 	idToken, err := verifier.Verify(ctx, rawIDToken)
 	if err != nil {
+		log.Debug("Failed to verify ID Token: ", err)
 		return user, fmt.Errorf("unable to verify id_token: %s", err.Error())
 	}

 	if err := idToken.Claims(&user); err != nil {
+		log.Debug("Failed to parse ID Token claims: ", err)
 		return user, fmt.Errorf("unable to extract claims")
 	}

@ -222,11 +238,13 @@ func processGithubUserInfo(code string) (models.User, error) {
 	user := models.User{}
 	token, err := oauth.OAuthProviders.GithubConfig.Exchange(oauth2.NoContext, code)
 	if err != nil {
+		log.Debug("Failed to exchange code for token:", err)
 		return user, fmt.Errorf("invalid github exchange code: %s", err.Error())
 	}
 	client := http.Client{}
 	req, err := http.NewRequest("GET", constants.GithubUserInfoURL, nil)
 	if err != nil {
+		log.Debug("Failed to create github user info request:", err)
 		return user, fmt.Errorf("error creating github user info request: %s", err.Error())
 	}
 	req.Header = http.Header{
@ -235,12 +253,14 @@ func processGithubUserInfo(code string) (models.User, error) {

 	response, err := client.Do(req)
 	if err != nil {
+		log.Debug("Failed to request github user info:", err)
 		return user, err
 	}

 	defer response.Body.Close()
 	body, err := ioutil.ReadAll(response.Body)
 	if err != nil {
+		log.Debug("Failed to read github user info response body:", err)
 		return user, fmt.Errorf("failed to read github response body: %s", err.Error())
 	}

@ -273,23 +293,26 @@ func processFacebookUserInfo(code string) (models.User, error) {
 	user := models.User{}
 	token, err := oauth.OAuthProviders.FacebookConfig.Exchange(oauth2.NoContext, code)
 	if err != nil {
+		log.Debug("Invalid facebook exchange code:", err)
 		return user, fmt.Errorf("invalid facebook exchange code: %s", err.Error())
 	}
 	client := http.Client{}
 	req, err := http.NewRequest("GET", constants.FacebookUserInfoURL+token.AccessToken, nil)
 	if err != nil {
+		log.Debug("Error creating facebook user info request:", err)
 		return user, fmt.Errorf("error creating facebook user info request: %s", err.Error())
 	}

 	response, err := client.Do(req)
 	if err != nil {
-		log.Println("error processing facebook user info:", err)
+		log.Debug("Failed to process facebook user:", err)
 		return user, err
 	}

 	defer response.Body.Close()
 	body, err := ioutil.ReadAll(response.Body)
 	if err != nil {
+		log.Debug("Failed to read facebook response:", err)
 		return user, fmt.Errorf("failed to read facebook response body: %s", err.Error())
 	}

--- a/server/handlers/oauth_login.go
+++ b/server/handlers/oauth_login.go
@ -4,12 +4,14 @@ import (
 	"net/http"
 	"strings"

+	"github.com/gin-gonic/gin"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/oauth"
 	"github.com/authorizerdev/authorizer/server/sessionstore"
 	"github.com/authorizerdev/authorizer/server/utils"
-	"github.com/gin-gonic/gin"
 )

 // OAuthLoginHandler set host in the oauth state that is useful for redirecting to oauth_callback
@ -26,6 +28,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 		scopeString := strings.TrimSpace(c.Query("scope"))

 		if redirectURI == "" {
+			log.Debug("redirect_uri is empty")
 			c.JSON(400, gin.H{
 				"error": "invalid redirect uri",
 			})
@ -33,6 +36,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 		}

 		if state == "" {
+			log.Debug("state is empty")
 			c.JSON(400, gin.H{
 				"error": "invalid state",
 			})
@ -53,6 +57,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 			// use protected roles verification for admin login only.
 			// though if not associated with user, it will be rejected from oauth_callback
 			if !utils.IsValidRoles(append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...), rolesSplit) {
+				log.Debug("Invalid roles: ", roles)
 				c.JSON(400, gin.H{
 					"error": "invalid role",
 				})
@ -69,6 +74,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 		switch provider {
 		case constants.SignupMethodGoogle:
 			if oauth.OAuthProviders.GoogleConfig == nil {
+				log.Debug("Google OAuth provider is not configured")
 				isProviderConfigured = false
 				break
 			}
@ -79,6 +85,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 			c.Redirect(http.StatusTemporaryRedirect, url)
 		case constants.SignupMethodGithub:
 			if oauth.OAuthProviders.GithubConfig == nil {
+				log.Debug("Github OAuth provider is not configured")
 				isProviderConfigured = false
 				break
 			}
@ -88,6 +95,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 			c.Redirect(http.StatusTemporaryRedirect, url)
 		case constants.SignupMethodFacebook:
 			if oauth.OAuthProviders.FacebookConfig == nil {
+				log.Debug("Facebook OAuth provider is not configured")
 				isProviderConfigured = false
 				break
 			}
@ -96,6 +104,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 			url := oauth.OAuthProviders.FacebookConfig.AuthCodeURL(oauthStateString)
 			c.Redirect(http.StatusTemporaryRedirect, url)
 		default:
+			log.Debug("Invalid oauth provider: ", provider)
 			c.JSON(422, gin.H{
 				"message": "Invalid oauth provider",
 			})
--- a/server/handlers/revoke.go
+++ b/server/handlers/revoke.go
@ -4,10 +4,12 @@ import (
 	"net/http"
 	"strings"

+	"github.com/gin-gonic/gin"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/sessionstore"
-	"github.com/gin-gonic/gin"
 )

 // Revoke handler to revoke refresh token
@ -15,6 +17,7 @@ func RevokeHandler() gin.HandlerFunc {
 	return func(gc *gin.Context) {
 		var reqBody map[string]string
 		if err := gc.BindJSON(&reqBody); err != nil {
+			log.Debug("Error binding JSON: ", err)
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "error_binding_json",
 				"error_description": err.Error(),
@ -26,6 +29,7 @@ func RevokeHandler() gin.HandlerFunc {
 		clientID := strings.TrimSpace(reqBody["client_id"])

 		if clientID == "" {
+			log.Debug("Client ID is empty")
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "client_id_required",
 				"error_description": "The client id is required",
@ -34,6 +38,7 @@ func RevokeHandler() gin.HandlerFunc {
 		}

 		if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) {
+			log.Debug("Client ID is invalid")
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "invalid_client_id",
 				"error_description": "The client id is invalid",
--- a/server/handlers/token.go
+++ b/server/handlers/token.go
@ -7,13 +7,15 @@ import (
 	"strings"
 	"time"

+	"github.com/gin-gonic/gin"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/sessionstore"
 	"github.com/authorizerdev/authorizer/server/token"
-	"github.com/gin-gonic/gin"
 )

 // TokenHandler to handle /oauth/token requests
@ -22,6 +24,7 @@ func TokenHandler() gin.HandlerFunc {
 	return func(gc *gin.Context) {
 		var reqBody map[string]string
 		if err := gc.BindJSON(&reqBody); err != nil {
+			log.Debug("Error binding JSON: ", err)
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "error_binding_json",
 				"error_description": err.Error(),
@ -43,6 +46,7 @@ func TokenHandler() gin.HandlerFunc {
 		isAuthorizationCodeGrant := grantType == "authorization_code"

 		if !isRefreshTokenGrant && !isAuthorizationCodeGrant {
+			log.Debug("Invalid grant type")
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "invalid_grant_type",
 				"error_description": "grant_type is invalid",
@ -50,6 +54,7 @@ func TokenHandler() gin.HandlerFunc {
 		}

 		if clientID == "" {
+			log.Debug("Client ID is empty")
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "client_id_required",
 				"error_description": "The client id is required",
@ -58,6 +63,7 @@ func TokenHandler() gin.HandlerFunc {
 		}

 		if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) {
+			log.Debug("Client ID is invalid")
 			gc.JSON(http.StatusBadRequest, gin.H{
 				"error":             "invalid_client_id",
 				"error_description": "The client id is invalid",
@ -70,6 +76,7 @@ func TokenHandler() gin.HandlerFunc {
 		if isAuthorizationCodeGrant {

 			if codeVerifier == "" {
+				log.Debug("Code verifier is empty")
 				gc.JSON(http.StatusBadRequest, gin.H{
 					"error":             "invalid_code_verifier",
 					"error_description": "The code verifier is required",
@ -78,6 +85,7 @@ func TokenHandler() gin.HandlerFunc {
 			}

 			if code == "" {
+				log.Debug("Code is empty")
 				gc.JSON(http.StatusBadRequest, gin.H{
 					"error":             "invalid_code",
 					"error_description": "The code is required",
@ -92,6 +100,7 @@ func TokenHandler() gin.HandlerFunc {
 			encryptedCode = strings.ReplaceAll(encryptedCode, "=", "")
 			sessionData := sessionstore.GetState(encryptedCode)
 			if sessionData == "" {
+				log.Debug("Invalid code verifier")
 				gc.JSON(http.StatusBadRequest, gin.H{
 					"error":             "invalid_code_verifier",
 					"error_description": "The code verifier is invalid",
@ -104,6 +113,7 @@ func TokenHandler() gin.HandlerFunc {
 			sessionDataSplit := strings.Split(sessionData, "@")

 			if sessionDataSplit[0] != code {
+				log.Debug("Invalid code verifier.Unable to split session data")
 				gc.JSON(http.StatusBadRequest, gin.H{
 					"error":             "invalid_code_verifier",
 					"error_description": "The code verifier is invalid",
@ -114,6 +124,7 @@ func TokenHandler() gin.HandlerFunc {
 			// validate session
 			claims, err := token.ValidateBrowserSession(gc, sessionDataSplit[1])
 			if err != nil {
+				log.Debug("Error validating session: ", err)
 				gc.JSON(http.StatusUnauthorized, gin.H{
 					"error":             "unauthorized",
 					"error_description": "Invalid session data",
@ -128,6 +139,7 @@ func TokenHandler() gin.HandlerFunc {
 		} else {
 			// validate refresh token
 			if refreshToken == "" {
+				log.Debug("Refresh token is empty")
 				gc.JSON(http.StatusBadRequest, gin.H{
 					"error":             "invalid_refresh_token",
 					"error_description": "The refresh token is invalid",
@ -136,6 +148,7 @@ func TokenHandler() gin.HandlerFunc {

 			claims, err := token.ValidateRefreshToken(gc, refreshToken)
 			if err != nil {
+				log.Debug("Error validating refresh token: ", err)
 				gc.JSON(http.StatusUnauthorized, gin.H{
 					"error":             "unauthorized",
 					"error_description": err.Error(),
@ -156,6 +169,7 @@ func TokenHandler() gin.HandlerFunc {

 		user, err := db.Provider.GetUserByID(userID)
 		if err != nil {
+			log.Debug("Error getting user: ", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{
 				"error":             "unauthorized",
 				"error_description": "User not found",
@ -165,6 +179,7 @@ func TokenHandler() gin.HandlerFunc {

 		authToken, err := token.CreateAuthToken(gc, user, roles, scope)
 		if err != nil {
+			log.Debug("Error creating auth token: ", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{
 				"error":             "unauthorized",
 				"error_description": "User not found",
--- a/server/handlers/userinfo.go
+++ b/server/handlers/userinfo.go
@ -3,15 +3,18 @@ package handlers
 import (
 	"net/http"

+	"github.com/gin-gonic/gin"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/token"
-	"github.com/gin-gonic/gin"
 )

 func UserInfoHandler() gin.HandlerFunc {
 	return func(gc *gin.Context) {
 		accessToken, err := token.GetAccessToken(gc)
 		if err != nil {
+			log.Debug("Error getting access token: ", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{
 				"error": err.Error(),
 			})
@ -20,6 +23,7 @@ func UserInfoHandler() gin.HandlerFunc {

 		claims, err := token.ValidateAccessToken(gc, accessToken)
 		if err != nil {
+			log.Debug("Error validating access token: ", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{
 				"error": err.Error(),
 			})
@ -29,6 +33,7 @@ func UserInfoHandler() gin.HandlerFunc {
 		userID := claims["sub"].(string)
 		user, err := db.Provider.GetUserByID(userID)
 		if err != nil {
+			log.Debug("Error getting user: ", err)
 			gc.JSON(http.StatusUnauthorized, gin.H{
 				"error": err.Error(),
 			})
--- a/server/handlers/verify_email.go
+++ b/server/handlers/verify_email.go
@ -6,13 +6,15 @@ import (
 	"strings"
 	"time"

+	"github.com/gin-gonic/gin"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/sessionstore"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
-	"github.com/gin-gonic/gin"
 )

 // VerifyEmailHandler handles the verify email route.
@ -24,12 +26,14 @@ func VerifyEmailHandler() gin.HandlerFunc {
 		}
 		tokenInQuery := c.Query("token")
 		if tokenInQuery == "" {
+			log.Debug("Token is empty")
 			c.JSON(400, errorRes)
 			return
 		}

 		verificationRequest, err := db.Provider.GetVerificationRequestByToken(tokenInQuery)
 		if err != nil {
+			log.Debug("Error getting verification request: ", err)
 			errorRes["error_description"] = err.Error()
 			c.JSON(400, errorRes)
 			return
@ -39,6 +43,7 @@ func VerifyEmailHandler() gin.HandlerFunc {
 		hostname := utils.GetHost(c)
 		claim, err := token.ParseJWTToken(tokenInQuery, hostname, verificationRequest.Nonce, verificationRequest.Email)
 		if err != nil {
+			log.Debug("Error parsing token: ", err)
 			errorRes["error_description"] = err.Error()
 			c.JSON(400, errorRes)
 			return
@ -46,6 +51,7 @@ func VerifyEmailHandler() gin.HandlerFunc {

 		user, err := db.Provider.GetUserByEmail(claim["sub"].(string))
 		if err != nil {
+			log.Debug("Error getting user: ", err)
 			errorRes["error_description"] = err.Error()
 			c.JSON(400, errorRes)
 			return
@ -79,6 +85,7 @@ func VerifyEmailHandler() gin.HandlerFunc {
 		}
 		authToken, err := token.CreateAuthToken(c, user, roles, scope)
 		if err != nil {
+			log.Debug("Error creating auth token: ", err)
 			errorRes["error_description"] = err.Error()
 			c.JSON(500, errorRes)
 			return
--- a/server/middlewares/log.go
+++ b/server/middlewares/log.go
@ -23,7 +23,7 @@ func (fn GinLogWriteFunc) Write(data []byte) (int, error) {
 // NewGinLogrusWrite logrus writer for gin
 func NewGinLogrusWrite() io.Writer {
 	return GinLogWriteFunc(func(data []byte) (int, error) {
-		log.Debugf("%s", data)
+		log.Info("%s", data)
 		return 0, nil
 	})
 }
--- a/server/resolvers/delete_user.go
+++ b/server/resolvers/delete_user.go
@ -3,7 +3,8 @@ package resolvers
 import (
 	"context"
 	"fmt"
-	"log"
+
+	log "github.com/sirupsen/logrus"

 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/graph/model"
@ -33,7 +34,7 @@ func DeleteUserResolver(ctx context.Context, params model.DeleteUserInput) (*mod

 	err = db.Provider.DeleteUser(user)
 	if err != nil {
-		log.Println("error deleting user:", err)
+		log.Debug("Failed Deleting User:", err)
 		return res, err
 	}