[Debug Log] Regular Expression Fails to Fully Redact Passwords Containing Quotation Marks

While troubleshooting the login issues with a missing LFM API key, I noticed that the current, although temporary, implementation of redacting passwords fails to handle cases where the password itself includes a quotation mark (").

This could lead to an unsuspecting user accidentally disclosing their password or part of it, depending on the placement of the quotation mark, when (carelessly ^^) sharing logs.

Steps to reproduce:

Enable Request Logs
Enter wrong login credentials with the password "visible
Go to Debug -> All - and copy the Authservice.Login entry
It will show [Body]: {"password":"[REDACTED]"visible","username":"Username"}

Affected code:

flo/flo/Shared/Services/AuthService.swift

Lines 69 to 74 in 759c812

    
           // FIXME: temporary solution 
        
           let debugResponse = response.debugDescription.replacingOccurrences( 
        
             of: #""password"\s*:\s*"[^"]*""#, 
        
             with: #""password":"[REDACTED]""#, 
        
             options: .regularExpression 
        
           )

yeah the current pattern is very problematic — still figuring out how to strip the body part since the more important is the headers

the regex is updated. i think it works now

closing this as of #27

	// FIXME: temporary solution
	let debugResponse = response.debugDescription.replacingOccurrences(
	of: #""password"\s:\s"[^"]*""#,
	with: #""password":"[REDACTED]""#,
	options: .regularExpression
	)