BanGUI/backend/app/services at 667ab674ca3859f303e612355c7012c9288b7007 - BanGUI - Gitea: Git with a cup of tea

lukas.pupkalipinski/BanGUI

Files

History

Lukas 5b24a9c142 TASK-011: Remove session token prefix from log output

Replace sensitive token fragments in structured logs with:
- login(): Use session_id=session.id (database row ID) instead of token_prefix
- logout(): Use token_hash (SHA256 one-way hash, first 12 chars) instead of token_prefix

This prevents partial token material leakage into log aggregation systems while
maintaining useful session correlation via hashed tokens or database IDs.

Also updated Backend-Development.md to clarify logging conventions for
sensitive data handling.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

2026-04-26 13:19:26 +02:00

..

__init__.py

feat: Stage 1 — backend and frontend scaffolding

2026-02-28 21:15:01 +01:00

action_config_service.py

Refactor backend services and utilities

2026-04-25 18:39:30 +02:00

auth_service.py

TASK-011: Remove session token prefix from log output

2026-04-26 13:19:26 +02:00

ban_service.py

Fix import formatting and sorting

2026-04-25 18:54:57 +02:00

blocklist_service.py

TASK-009: Mitigate SSRF vulnerability in blocklist URL validation

2026-04-26 12:57:23 +02:00

config_file_helpers.py

Extract shared raw config file helpers and simplify raw_config_io_service

2026-04-18 20:18:54 +02:00

config_service.py

Refactor backend services and utilities

2026-04-25 18:39:30 +02:00

fail2ban_metadata_service.py

Refactor backend services and utilities

2026-04-25 18:39:30 +02:00

filter_config_service.py

Refactor backend services and jail configuration

2026-04-25 18:34:03 +02:00

geo_cache.py

Refactor geo caching and service layer tests

2026-04-25 18:15:31 +02:00

geo_service.py

T-04: Encapsulate geo_service module-level mutable state in GeoCache class

2026-04-23 16:18:09 +02:00

health_service.py

Refactor backend services and utilities

2026-04-25 18:39:30 +02:00

history_service.py

Fix: Consolidate divergent _since_unix implementations (T-09)

2026-04-25 18:44:59 +02:00

jail_config_service.py

Refactor backend services and utilities

2026-04-25 18:39:30 +02:00

jail_service.py

T-10: Fix get_geo_batch_lookup for proper injection with GeoCache instance

2026-04-25 18:53:47 +02:00

log_service.py

Refactor backend services and utilities

2026-04-25 18:39:30 +02:00

protocols.py

Fix import formatting and sorting

2026-04-25 18:54:57 +02:00

raw_config_io_service.py

Extract shared raw config file helpers and simplify raw_config_io_service

2026-04-18 20:18:54 +02:00

server_service.py

Refactor backend services and utilities

2026-04-25 18:39:30 +02:00

settings_service.py

Refactor map color threshold storage into dedicated settings service

2026-04-17 15:13:07 +02:00

setup_service.py

Add settings and history archive repository protocols and DI support

2026-04-17 20:54:08 +02:00