In my FastAPI code, I have this:
from fastapi import HTTPException
# ...
if not user:
raise HTTPException(
detail="User does not exist", status_code=HTTPStatus.NOT_FOUND
)
This is following FastAPI documentation recommendation to raise HTTPException. However, this will log every failed authentication attempt with a log level of exception in my logs, and thus trigger Sentry alerts etc.
Is this the expected behaviour? I think that failed logins are pretty common and expected (e.g. if the user misspells their name). Shouldn't they be logged as INFO? Is there a way to change the log level of the raised HTTPException (and should I do that)?