Obfuscating password from logs

2022-11-27 16:09:30 +01:00 · 2022-11-27 16:09:30 +01:00 · a97fb5df2f
commit a97fb5df2f
parent 34107e3d58
4 changed files with 33 additions and 2 deletions
--- a/src/common/logger.ts
+++ b/src/common/logger.ts
@ -75,6 +75,14 @@ export class LoggerInstance {
      message,
    ]
    if (details) {
+      if (typeof details === 'object') {
+        const toObfuscate = ['password']
+        toObfuscate.forEach((key) => {
+          if ((details as Record<string, unknown>)[key]) {
+            (details as Record<string, unknown>)[key] = '***'
+          }
+        })
+      }
      params.push(details)
      fmtString += ' - %O'
    }
--- a/src/common/scheduler.ts
+++ b/src/common/scheduler.ts
@ -21,7 +21,6 @@ export const work = async (
 ): Promise<SchedulerResult> => {
  Logger.instantiate('scheduler', v4(), LogLevel.DEBUG)

-  // TODO: obfuscate payload
  Logger.debug('Handling reservation', { payload })
  let reservation: Reservation
  try {
--- a/tests/common/logger.test.ts
+++ b/tests/common/logger.test.ts
@ -1,6 +1,10 @@
 import { Logger, LogLevel } from '../../src/common/logger'

 describe('Logger', () => {
+  beforeEach(() => {
+    jest.resetAllMocks()
+  })
+
  test('should create a single instance of LoggerInstance', () => {
    const a = Logger.instantiate('tag', 'abc', LogLevel.DEBUG)
    const b = Logger.getInstance()
@ -56,4 +60,25 @@ describe('Logger', () => {

    expect(consoleLogSpy).not.toHaveBeenCalled()
  })
+
+  test('should obfuscate password from message', () => {
+    const consoleLogSpy = jest.fn()
+    const consoleErrorSpy = jest.fn()
+    jest.spyOn(console, 'log').mockImplementation(consoleLogSpy)
+    jest.spyOn(console, 'error').mockImplementation(consoleErrorSpy)
+
+    Logger.instantiate('tag', 'abc', LogLevel.DEBUG)
+    Logger.info('first', { password: 'test' })
+
+    expect(consoleLogSpy).toHaveBeenCalledTimes(1)
+    expect(consoleLogSpy).toHaveBeenNthCalledWith(
+      1,
+      '<%s> [%s] %s: %s - %O',
+      'tag',
+      'abc',
+      'INFO',
+      'first',
+      { password: '***'},
+    )
+  })
 })
--- a/tests/common/request.test.ts
+++ b/tests/common/request.test.ts
@ -3,7 +3,6 @@ import dayjs from 'dayjs'
 import {
  validateJSONRequest,
  ValidationError,
-  ValidationErrorCode,
 } from '../../src/common/request'

 describe('request', () => {