This is a simple logging filter to ensure that user-entered passwords aren't recorded in the log or emailed to admins as part of the request data if an error occurs during registration/login.
1 2 3 4 5 6 7 8 9 10 11 | from logging import Filter
class PasswordObfuscationFilter(Filter):
"""Filters out passwords in log messages."""
def filter(self, record):
if hasattr(record, 'request') and record.request.POST.get('password', None):
qd = record.request.POST.copy()
qd['password'] = "%s (removed)" % ('x'*8)
record.request.POST = qd
return True
|
More like this
- Image compression before saving the new model / work with JPG, PNG by Schleidens 2 weeks ago
- Help text hyperlinks by sa2812 1 month, 1 week ago
- Stuff by NixonDash 3 months, 2 weeks ago
- Add custom fields to the built-in Group model by jmoppel 5 months, 2 weeks ago
- Month / Year SelectDateWidget based on django SelectDateWidget by pierreben 9 months ago
Comments
Please login first before commenting.