jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

redact the password so it is never displayed in logs

Browse Source
This commit is contained in:
Girish Ramakrishnan
2017-05-05 15:36:47 -07:00
parent 423c4446de
commit 8ae65661dd
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/routes/user.js
View File

@@ -153,6 +153,8 @@ function verifyPassword(req, res, next) {
if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(403, 'Password incorrect'));
if (error) return next(new HttpError(500, error));
req.body.password = '<redacted>'; // this will prevent logs from displaying plain text password
next();
});
}