go-pkgz / auth / 25569788009

85%

master: 85%

Pull #279

github

fix(middleware): don't log admin password on basic-auth failure

The admin basic-auth rejection log line included the attempted password
verbatim, e.g. "[WARN] admin basic auth failed, user/passwd mismatch,
admin:hunter2". A mistyped legitimate password (often differs from the
real one by one character) or a misrouted password manager submission
ends up in plaintext logs that may be shipped to centralised logging,
crash bundles or third-party observability systems.

Drop the password from the log line; keep only the username so an
operator can still tell who failed.

Affects v1 (middleware/auth.go:238) and v2 (v2/middleware/auth.go:246).

Reported during a security audit alongside the v1 from-redirect issue
and the Apple iss/aud gap (those tracked separately).

1 of 1 new or added line in 1 file covered. (100.0%)

2798 of 3305 relevant lines covered (84.66%)

7.77 hits per line