Clean a dictionary of credentials of potentially sensitive info before sending to less secure functions. Not comprehensive - intended for user_login_failed signal
(credentials)
| 75 | |
| 76 | @sensitive_variables("credentials") |
| 77 | def _clean_credentials(credentials): |
| 78 | """ |
| 79 | Clean a dictionary of credentials of potentially sensitive info before |
| 80 | sending to less secure functions. |
| 81 | |
| 82 | Not comprehensive - intended for user_login_failed signal |
| 83 | """ |
| 84 | SENSITIVE_CREDENTIALS = re.compile("api|token|key|secret|password|signature", re.I) |
| 85 | CLEANSED_SUBSTITUTE = "********************" |
| 86 | for key in credentials: |
| 87 | if SENSITIVE_CREDENTIALS.search(key): |
| 88 | credentials[key] = CLEANSED_SUBSTITUTE |
| 89 | return credentials |
| 90 | |
| 91 | |
| 92 | def _get_user_session_key(request): |