Remove passwords when displaying settings

9cbbb5cb · Benjamin Bertrand · d8cdcf5e · 9cbbb5cb
Commit 9cbbb5cb authored 7 years ago by Benjamin Bertrand
--- a/app/factory.py
+++ b/app/factory.py
@@ -83,9 +83,14 @@ def create_app(config=None):
        handler.setLevel(logging.DEBUG)
        app.logger.addHandler(handler)
    app.logger.info('CSEntry created!')
-    app.logger.info('Settings:\n{}'.format(
-        '\n'.join(['{}: {}'.format(key, value) for key, value in app.config.items()
-                   if key not in ('SECRET_KEY', 'LDAP_BIND_USER_PASSWORD')])))
+    # Remove variables that contain a password
+    settings_to_display = [f'{key}: {value}' for key, value in app.config.items()
+                           if key not in ('SECRET_KEY', 'LDAP_BIND_USER_PASSWORD',
+                                          'MAIL_CREDENTIALS', 'SQLALCHEMY_DATABASE_URI')]
+    # The repr() of make_url hides the password
+    settings_to_display.append(f'SQLALCHEMY_DATABASE_URI: {sa.engine.url.make_url(app.config["SQLALCHEMY_DATABASE_URI"])!r}')
+    settings_string = '\n'.join(settings_to_display)
+    app.logger.info(f'Settings:\n{settings_string}')

    bootstrap.init_app(app)
    db.init_app(app)