lukas.pupkalipinski/BanGUI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TASK-011: Remove session token prefix from log output

Browse Source 
Replace sensitive token fragments in structured logs with:
- login(): Use session_id=session.id (database row ID) instead of token_prefix
- logout(): Use token_hash (SHA256 one-way hash, first 12 chars) instead of token_prefix

This prevents partial token material leakage into log aggregation systems while
maintaining useful session correlation via hashed tokens or database IDs.

Also updated Backend-Development.md to clarify logging conventions for
sensitive data handling.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
Lukas
2026-04-26 13:19:26 +02:00
parent 8698b89f6a
commit 5b24a9c142
3 changed files with 15 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
Docs/Tasks.md
View File

@@ -1,32 +1,3 @@
## TASK-010 — `fail2ban_start_command` split with `.split()` instead of `shlex.split()`
**Severity:** Low
### Where found
`backend/app/config.py``fail2ban_start_command` field description says "Split by whitespace to build the argument list". Usages in `backend/app/services/server_service.py` (or similar) call `.split()`.
### Why this is needed
`.split()` splits on any whitespace but does not respect shell quoting. A command like `"/opt/my tools/fail2ban-client" start` is split into three tokens instead of two, breaking execution when the path contains spaces.
### Goal
Use `shlex.split()` to tokenize the start command so quoted arguments are handled correctly.
### What to do
1. Find all call sites of `fail2ban_start_command.split()` and replace with `shlex.split(fail2ban_start_command)`.
2. Add a `@field_validator("fail2ban_start_command")` in `Settings` that calls `shlex.split(v)` and raises `ValueError` if it fails (mismatched quotes), so misconfiguration is caught at startup.
### Possible traps and issues
- `shlex.split()` raises `ValueError` for unmatched quotes — catch this in the validator and convert to a descriptive `ValueError`.
- The validator runs at startup and should include the problematic value in the error message.
### Docs changes needed
- `Backend-Development.md` — document the `fail2ban_start_command` format.
### Doc references
- [Backend-Development.md](Backend-Development.md) — configuration options
---
## TASK-011 — Session token prefix logged on login and logout
**Severity:** Low