banquise/pelican-panel-mirror
8
0
Fork 1
mirror of https://github.com/pelican-dev/panel.git synced 2025-08-03 16:32:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Filters sensitive credential fields from auth:fail logs (#1504)

Browse Source
This commit is contained in:
Rain 2025-07-17 16:45:38 -04:00 committed by GitHub
parent 5531bc0ba1
commit 1113ffe0f7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/Listeners/Auth/AuthenticationListener.php
View File

@ -8,6 +8,10 @@ use Illuminate\Auth\Events\Login;
class AuthenticationListener class AuthenticationListener
{ {
private const PROTECTED_FIELDS = [
'password', 'token', 'secret',
];
/** /**
* Handles an authentication event by logging the user and information about * Handles an authentication event by logging the user and information about
* the request. * the request.
@ -22,7 +26,9 @@ class AuthenticationListener
if ($event instanceof Failed) { if ($event instanceof Failed) {
foreach ($event->credentials as $key => $value) { foreach ($event->credentials as $key => $value) {
$activity = $activity->property($key, $value); if (!in_array($key, self::PROTECTED_FIELDS, true)) {
$activity = $activity->property($key, $value);
}
} }
} }