lywsvip/easynode
1
0
Fork 0
mirror of https://github.com/chaos-zhu/easynode.git synced 2026-07-01 01:14:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: 敏感日志过滤

Browse Source
This commit is contained in:
chaos-zhu
2026-05-24 10:43:00 +08:00
parent cd153d611a
commit 288d82d4c7
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
server/app/middlewares/useLog.js
View File

@@ -8,7 +8,8 @@ const SENSITIVE_HEADER_KEYS = ['authorization', 'cookie', 'token', 'uid']
const SENSITIVE_BODY_KEYS = [
'password', 'pwd', 'code', 'captcha', 'token',
'oldloginname', 'oldpwd', 'newloginname', 'newpwd',
'loginname', 'ciphertext', 'jwtexpires', 'mfa2token'
'loginname', 'ciphertext', 'jwtexpires', 'mfa2token',
'encryptedkey', 'privatekey', 'passphrase', 'secret'
]
const MAX_BODY_LOG_LEN = 1000 // 请求 body 最多记录长度
@@ -95,8 +96,9 @@ function formatResultForLog(result) {
return '[stream]'
}
// 其它对象,直接 stringify 截断
return safeStringify(result, MAX_RESULT_LOG_LEN)
// 其它对象,先脱敏再 stringify 截断
const masked = result && typeof result === 'object' ? maskSensitiveBody(result) : result
return safeStringify(masked, MAX_RESULT_LOG_LEN)
}
const useLog = () => {