This is a simple logging filter to ensure that user-entered passwords aren't recorded in the log or emailed to admins as part of the request data if an error occurs during registration/login.
1 2 3 4 5 6 7 8 9 10 11 | from logging import Filter
class PasswordObfuscationFilter(Filter):
"""Filters out passwords in log messages."""
def filter(self, record):
if hasattr(record, 'request') and record.request.POST.get('password', None):
qd = record.request.POST.copy()
qd['password'] = "%s (removed)" % ('x'*8)
record.request.POST = qd
return True
|
More like this
- get_object_or_none by azwdevops 1 day, 15 hours ago
- Mask sensitive data from logger by agusmakmun 1 month, 3 weeks ago
- Template tag - list punctuation for a list of items by shapiromatron 1 year, 4 months ago
- JSONRequestMiddleware adds a .json() method to your HttpRequests by cdcarter 1 year, 4 months ago
- Serializer factory with Django Rest Framework by julio 1 year, 11 months ago
Comments
Please login first before commenting.