IT4Change/Ocelot-Social
3
0
Fork 0
mirror of https://github.com/IT4Change/Ocelot-Social.git synced 2025-12-13 07:45:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(backend): mask jwt token in log (#8737)

Browse Source
This commit is contained in:
Moriz Wahl 2025-07-01 14:41:45 +02:00 committed by GitHub
parent c9b429878a
commit 8ae4e309c3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
backend/src/plugins/apolloLogger.spec.ts
View File

@ -61,7 +61,7 @@ describe('apollo logger', () => {
}) })
describe('login mutation', () => { describe('login mutation', () => {
it('logs the request and response', async () => { it('logs the request and response, masking password and token', async () => {
await mutate({ await mutate({
mutation: loginMutation, mutation: loginMutation,
variables: { variables: {
@ -81,7 +81,7 @@ describe('apollo logger', () => {
}), }),
) )
expect(loggerSpy).toBeCalledWith('Apollo Response', expect.any(String), expect.any(String)) expect(loggerSpy).toBeCalledWith('Apollo Response', expect.any(String), '{"login":"token"}')
expect(consoleSpy).toBeCalledTimes(2) expect(consoleSpy).toBeCalledTimes(2)
}) })

9
backend/src/plugins/apolloLogger.ts
View File

@ -30,7 +30,14 @@ export const loggerPlugin = {
ocelotLogger.error(...logResponse, JSON.stringify(requestContext.errors)) ocelotLogger.error(...logResponse, JSON.stringify(requestContext.errors))
return return
} }
logResponse.push(JSON.stringify(requestContext.response.data)) if (requestContext.response.data.login) {
// mask the token
const data = cloneDeep(requestContext.response.data)
data.login = 'token'
logResponse.push(JSON.stringify(data))
} else {
logResponse.push(JSON.stringify(requestContext.response.data))
}
ocelotLogger.debug(...logResponse) ocelotLogger.debug(...logResponse)
} }
}, },