From 8d5ce7e21938c874ac7118998aa0089b2041b652 Mon Sep 17 00:00:00 2001 From: Vinzent Date: Thu, 3 Oct 2024 17:05:40 +0200 Subject: [PATCH] fix: log sensitive data at level finer --- packages/gotrue/lib/src/broadcast_web.dart | 4 +++- packages/gotrue/lib/src/gotrue_client.dart | 8 +++++--- packages/postgrest/lib/src/postgrest.dart | 4 ++-- packages/postgrest/lib/src/postgrest_builder.dart | 5 +++-- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/packages/gotrue/lib/src/broadcast_web.dart b/packages/gotrue/lib/src/broadcast_web.dart index ffdb5218..a7abd5eb 100644 --- a/packages/gotrue/lib/src/broadcast_web.dart +++ b/packages/gotrue/lib/src/broadcast_web.dart @@ -6,6 +6,7 @@ import 'package:gotrue/src/types/types.dart'; import 'package:logging/logging.dart'; final _log = Logger('supabase.gotrue'); + BroadcastChannel getBroadcastChannel(String broadcastKey) { final broadcast = html.BroadcastChannel(broadcastKey); return ( @@ -17,7 +18,8 @@ BroadcastChannel getBroadcastChannel(String broadcastKey) { return json.decode(json.encode(dataMap)); }), postMessage: (message) { - _log.fine('Broadcasting message: $message'); + _log.finer('Broadcasting message: $message'); + _log.fine('Broadcasting event: ${message['event']}'); final jsMessage = js_util.jsify(message); broadcast.postMessage(jsMessage); }, diff --git a/packages/gotrue/lib/src/gotrue_client.dart b/packages/gotrue/lib/src/gotrue_client.dart index bf221a7c..ad6b04ae 100644 --- a/packages/gotrue/lib/src/gotrue_client.dart +++ b/packages/gotrue/lib/src/gotrue_client.dart @@ -1147,13 +1147,14 @@ class GoTrueClient { /// set currentSession and currentUser void _saveSession(Session session) { - _log.fine('Save session: $session'); + _log.finer('Saving session: $session'); + _log.fine('Saving session'); _currentSession = session; _currentUser = session.user; } void _removeSession() { - _log.fine('Remove session'); + _log.fine('Removing session'); _currentSession = null; _currentUser = null; } @@ -1170,8 +1171,9 @@ class GoTrueClient { _broadcastChannel = web.getBroadcastChannel(broadcastKey); _broadcastChannelSubscription = _broadcastChannel?.onMessage.listen((messageEvent) { - _log.info('Received broadcast message: $messageEvent'); final rawEvent = messageEvent['event']; + _log.finer('Received broadcast message: $messageEvent'); + _log.info('Received broadcast event: $rawEvent'); final event = switch (rawEvent) { // This library sends the js name of the event to be comptabile with // the js library, so we need to convert it back to the dart name diff --git a/packages/postgrest/lib/src/postgrest.dart b/packages/postgrest/lib/src/postgrest.dart index a05c17d3..9580f0f0 100644 --- a/packages/postgrest/lib/src/postgrest.dart +++ b/packages/postgrest/lib/src/postgrest.dart @@ -44,7 +44,7 @@ class PostgrestClient { } PostgrestClient setAuth(String? token) { - _log.fine("setAuth with: $token"); + _log.finer("setAuth with: $token"); if (token != null) { headers['Authorization'] = 'Bearer $token'; } else { @@ -98,7 +98,7 @@ class PostgrestClient { } Future dispose() async { - _log.fine("dispose client"); + _log.fine("dispose PostgrestClient"); if (!_hasCustomIsolate) { return _isolate.dispose(); } diff --git a/packages/postgrest/lib/src/postgrest_builder.dart b/packages/postgrest/lib/src/postgrest_builder.dart index e3f7d64d..e90348d5 100644 --- a/packages/postgrest/lib/src/postgrest_builder.dart +++ b/packages/postgrest/lib/src/postgrest_builder.dart @@ -216,7 +216,7 @@ class PostgrestBuilder implements Future { message: 'JSON object requested, multiple (or no) rows returned', ); - _log.fine('$exception for request $_url'); + _log.finer('$exception for request $_url'); throw exception; } else if (body.length == 1) { body = body.first; @@ -293,7 +293,8 @@ class PostgrestBuilder implements Future { ); } - _log.fine('$error for request $_url'); + _log.finer('$error from request: $_url'); + _log.fine('$error from request'); throw error; }