How to remove sensitive info. in structs from exceptions?

In my production Phoenix config, I currently have

config :phoenix, :filter_parameters, [
  "password", "password_confirmation",
  "first_name", "last_name",
  "email"
]

However, when an exception occurs when handling a %User{} struct, whole struct is printed out, so the fields are leaked out and logged.

Is there way to plug into Phoenix’s exception handling and ensure these fields are never printed out? I’d like to keep the exception for debugging purposes, but ensure fields in specific structs are white/blacklisted.

Thanks!

1 Like

You can define a custom implementation for the Inspect protocol for your %User{} struct that masks the sensitive values.

For example:

  defmodule User do
    # [...]

    defimpl Inspect do
      def inspect(%User{} = u, opts) do
        u
        |> Map.put(:password, "***")
        |> Inspect.Any.inspect(opts)
      end
    end

  end

9 Likes

Awesome! Exactly what I needed. Thanks a lot :beers:

1 Like