- Author:
- nikmolnar
- Posted:
- June 28, 2013
- Language:
- Python
- Version:
- 1.4
- Tags:
- filter log password logging obfuscation
- Score:
- 0 (after 0 ratings)
This is a simple logging filter to ensure that user-entered passwords aren't recorded in the log or emailed to admins as part of the request data if an error occurs during registration/login.
1 2 3 4 5 6 7 8 9 10 11 | from logging import Filter
class PasswordObfuscationFilter(Filter):
"""Filters out passwords in log messages."""
def filter(self, record):
if hasattr(record, 'request') and record.request.POST.get('password', None):
qd = record.request.POST.copy()
qd['password'] = "%s (removed)" % ('x'*8)
record.request.POST = qd
return True
|
Comments
Please login first before commenting.