Ash Framework•3mo ago

Is it safe to log AuthController failures or can it leak private info?

When debugging auth problems it is helpful to log the errors in the failure function, can this lean any info or is it safe?

def failure(conn, activity, reason) do
    Logger.error(
      "Authentication activity #{inspect(activity)} failed with error: #{inspect(reason, pretty: true)}"
    )
# ....

def failure(conn, activity, reason) do
    Logger.error(
      "Authentication activity #{inspect(activity)} failed with error: #{inspect(reason, pretty: true)}"
    )
# ....

Solution:

Any time you see inspect in a logger call you're likely risking leaking private data

Jump to solution

2 Replies

ZachDaniel•3mo ago

Generally no

Solution

ZachDaniel•3mo ago

Any time you see inspect in a logger call you're likely risking leaking private data

Gaming

Programming

Is it safe to log AuthController failures or can it leak private info?

Did you find this page helpful?