Filter specific fields from audited commands
Closed this issue · 1 comments
imetallica commented
It seems that there is not a way to hide secrets, for example, when a command %CreateUser{email: foo@123, password: 123123, password_confirmation: 123123}
is given:
This is what phoenix does, by default:
Parameters: %{"_csrf_token" => "URlELFdLASBAPzQzLD4IYDYrG1V1AAAA3s+B42ij0ngdDY1SBIc9Fw==", "_utf8" => "✓", "email" => "foo@123", "password" => "[FILTERED]", "password_confirmation" => "[FILTERED]"}
And this is what audit does:
[debug] QUERY OK db=5.9ms queue=0.1ms
INSERT INTO "command_audit" ("command_type","command_uuid","correlation_id","data","metadata","occurred_at") VALUES ($1,$2,$3,$4,$5,$6) ["Elixir.Accounts.User.Commands.CreateUser", "1918d8b1-dccb-4ae2-9a7b-2f37002dbb23", <<36, 209, 176, 66, 185, 241, 77, 1, 132, 82, 117, 247, 155, 104, 150, 135>>, "{\"password_confirmation\":\"123\",\"password\":\"123\",\"email\":\"foo@123\"}", "{}", {{2017, 12, 16}, {20, 27, 22, 68258}}]
The solution should be having some sensible defaults, and allow people to configure it further.
slashdotdash commented
@imetallica That's a useful feature request, thanks.
We could replicate Phoenix's parameter filtering by allowing you to specify command fields to omit:
config :commanded_audit_middleware,
:filter_fields, ["password", "password_confirmation", "secret"]
Any filtered fields would have their value replaced by "[FILTERED]"
.
The default filter could include "password", the same as Phoenix.
For reference here's the filter_values/2
function used by Phoenix Logger.