This is a simple logging filter to ensure that user-entered passwords aren't recorded in the log or emailed to admins as part of the request data if an error occurs during registration/login.
1 2 3 4 5 6 7 8 9 10 11 | from logging import Filter
class PasswordObfuscationFilter(Filter):
"""Filters out passwords in log messages."""
def filter(self, record):
if hasattr(record, 'request') and record.request.POST.get('password', None):
qd = record.request.POST.copy()
qd['password'] = "%s (removed)" % ('x'*8)
record.request.POST = qd
return True
|
More like this
- Form field with fixed value by roam 3 days, 19 hours ago
- New Snippet! by Antoliny0919 1 week, 3 days ago
- Add Toggle Switch Widget to Django Forms by OgliariNatan 2 months, 4 weeks ago
- get_object_or_none by azwdevops 6 months, 3 weeks ago
- Mask sensitive data from logger by agusmakmun 8 months, 2 weeks ago
Comments
Please login first before commenting.