This is a simple logging filter to ensure that user-entered passwords aren't recorded in the log or emailed to admins as part of the request data if an error occurs during registration/login.
1 2 3 4 5 6 7 8 9 10 11 | from logging import Filter
class PasswordObfuscationFilter(Filter):
"""Filters out passwords in log messages."""
def filter(self, record):
if hasattr(record, 'request') and record.request.POST.get('password', None):
qd = record.request.POST.copy()
qd['password'] = "%s (removed)" % ('x'*8)
record.request.POST = qd
return True
|
More like this
- codigo alto nivel by MrRocklion 1 month, 1 week ago
- Load template from specific app by Krzysiek555 1 month, 4 weeks ago
- PostgreSQL JSON subqueries by dolamroth 2 months ago
- "Magic Link" Management Command by webology 7 months ago
- Closest ORM models to a latitude/longitude point by simonw 7 months ago
Comments
Please login first before commenting.