From 846bff58e584e74546e075b6f9c26e9660b86e05 Mon Sep 17 00:00:00 2001
From: Till Prochaska <till.prochaska@occrp.org>
Date: Mon, 20 Nov 2023 11:33:12 +0100
Subject: [PATCH] Use keyword args to set Prometheus metric labels

As suggested by @stchris
---
 aleph/metrics/flask.py      | 14 ++++++++++++--
 aleph/views/sessions_api.py | 14 +++++++-------
 2 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/aleph/metrics/flask.py b/aleph/metrics/flask.py
index d5506020c3..35d28883b0 100644
--- a/aleph/metrics/flask.py
+++ b/aleph/metrics/flask.py
@@ -50,8 +50,18 @@ def after_request(response):
 
     duration = max(0, default_timer() - request.prometheus_start_time)
 
-    REQUEST.labels(method, status, api_endpoint, logged_in).inc()
-    REQUEST_DURATION.labels(method, status, api_endpoint).observe(duration)
+    REQUEST.labels(
+        method=method,
+        status=status,
+        api_endpoint=api_endpoint,
+        logged_in=logged_in,
+    ).inc()
+
+    REQUEST_DURATION.labels(
+        method=method,
+        status=status,
+        api_endpoint=api_endpoint,
+    ).observe(duration)
 
     return response
 
diff --git a/aleph/views/sessions_api.py b/aleph/views/sessions_api.py
index 28a8b44ad4..0e76fdf4c1 100644
--- a/aleph/views/sessions_api.py
+++ b/aleph/views/sessions_api.py
@@ -65,12 +65,12 @@ def password_login():
     data = parse_request("Login")
     role = Role.login(data.get("email"), data.get("password"))
     if role is None:
-        AUTH_ATTEMPS.labels("password", "failed").inc()
+        AUTH_ATTEMPS.labels(method="password", result="failed").inc()
         raise BadRequest(gettext("Invalid user or password."))
 
     role.touch()
     db.session.commit()
-    AUTH_ATTEMPS.labels("password", "success").inc()
+    AUTH_ATTEMPS.labels(method="password", result="success").inc()
     update_role(role)
     authz = Authz.from_role(role)
     return jsonify({"status": "ok", "token": authz.to_token()})
@@ -104,7 +104,7 @@ def oauth_callback():
     err = Unauthorized(gettext("Authentication has failed."))
     state = cache.get_complex(_oauth_session(request.args.get("state")))
     if state is None:
-        AUTH_ATTEMPS.labels("oauth", "failed").inc()
+        AUTH_ATTEMPS.labels(method="oauth", result="failed").inc()
         raise err
 
     try:
@@ -112,22 +112,22 @@ def oauth_callback():
         uri = state.get("redirect_uri")
         oauth_token = oauth.provider.authorize_access_token(redirect_uri=uri)
     except AuthlibBaseError as err:
-        AUTH_ATTEMPS.labels("oauth", "failed").inc()
+        AUTH_ATTEMPS.labels(method="oauth", result="failed").inc()
         log.warning("Failed OAuth: %r", err)
         raise err
     if oauth_token is None or isinstance(oauth_token, AuthlibBaseError):
-        AUTH_ATTEMPS.labels("oauth", "failed").inc()
+        AUTH_ATTEMPS.labels(method="oauth", result="failed").inc()
         log.warning("Failed OAuth: %r", oauth_token)
         raise err
 
     role = handle_oauth(oauth.provider, oauth_token)
     if role is None:
-        AUTH_ATTEMPS.labels("oauth", "failed").inc()
+        AUTH_ATTEMPS.labels(method="oauth", result="failed").inc()
         raise err
 
     db.session.commit()
     update_role(role)
-    AUTH_ATTEMPS.labels("oauth", "success").inc()
+    AUTH_ATTEMPS.labels(method="oauth", result="success").inc()
     log.debug("Logged in: %r", role)
     request.authz = Authz.from_role(role)
     token = request.authz.to_token()