Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(privacy): don't log email addresses and password hashes #239

Merged
merged 7 commits into from
Oct 27, 2019
Merged

fix(privacy): don't log email addresses and password hashes #239

merged 7 commits into from
Oct 27, 2019

Conversation

adrienjoly
Copy link
Member

@adrienjoly adrienjoly commented Oct 27, 2019
edited
Loading

What does this PR do / solve?

A user kindly reported that in order to better protect privacy of user-identifiable data in case of data leak, we should prevent the logging of email addresses and md5 hashes.

Overview of changes

  • update request.logToConsole() to scramble/anonymise values of email and md5 fields
  • call the same method in appropriate places where user data is logged
  • remove a useless log that contains user data

How to test this PR?

  1. run the server locally with docker-compose up
  2. open http://localhost:8080/login in a browser
  3. type an email address and password (even fake)
  4. the value of your email address and md5 should not be disclosed in the stdout logs of docker-compose up:
=== Sun, 27 Oct 2019 11:21:10 GMT POST /login (login.handleRequest) {"action":"login","email":"a*********@gmail.com","md5":"<MD5_HASH>"}
fetching user  { email: 'a*********@gmail.com' } ...

@adrienjoly adrienjoly self-assigned this Oct 27, 2019
@adrienjoly adrienjoly added this to 📥 Inbox / ideas in Development via automation Oct 27, 2019
@adrienjoly adrienjoly marked this pull request as ready for review October 27, 2019 11:27
@adrienjoly adrienjoly merged commit aa187e0 into master Oct 27, 2019
Development automation moved this from 📥 Inbox / ideas to ✔️ Done / pending QA Oct 27, 2019
@adrienjoly adrienjoly deleted the fix/privacy-in-auth-logs branch October 27, 2019 11:28
adrienjoly pushed a commit that referenced this pull request Oct 27, 2019
@semantic-release-bot
chore(release): 1.15.2 [skip ci]
37df41e 
## [1.15.2](v1.15.1...v1.15.2) (2019-10-27)

### Bug Fixes

* **privacy:** don't log email addresses and password hashes ([#239](#239)) ([aa187e0](aa187e0))
@adrienjoly adrienjoly moved this from ✔️ Done / pending QA to 🌲 In production in Development Oct 27, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@adrienjoly adrienjoly

Labels
security / privacy
Projects
Development
  
🌲 In production
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@adrienjoly