plausible/analytics
1
1
Fork 0
mirror of https://github.com/plausible/analytics.git synced 2025-01-03 07:08:04 +03:00
Code Issues Packages Projects Releases Wiki Activity

Prevent sensitive information from being logged (#2300)

Browse Source
This commit is contained in:
Adam Rutkowski 2022-10-04 09:46:01 +02:00 committed by GitHub
parent 12a513f3cd
commit c8ffcc413f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/plausible_web/controllers/auth_controller.ex
View File

@ -145,9 +145,14 @@ defmodule PlausibleWeb.AuthController do
defp send_email_verification(user) do
code = Auth.issue_email_verification(user)
Logger.info("VERIFICATION CODE: #{code}")
email_template = PlausibleWeb.Email.activation_email(user, code)
Plausible.Mailer.send_email(email_template)
result = Plausible.Mailer.send_email(email_template)
Logger.debug(
"E-mail verification e-mail sent. In dev environment GET /sent-emails for details."
)
result
end
defp set_user_session(conn, user) do
@ -250,10 +255,13 @@ defmodule PlausibleWeb.AuthController do
if user do
token = Auth.Token.sign_password_reset(email)
url = PlausibleWeb.Endpoint.url() <> "/password/reset?token=#{token}"
Logger.debug("PASSWORD RESET LINK: " <> url)
email_template = PlausibleWeb.Email.password_reset_email(email, url)
Plausible.Mailer.deliver_later(email_template)
Logger.debug(
"Password reset e-mail sent. In dev environment GET /sent-emails for details."
)
render(conn, "password_reset_request_success.html",
email: email,
layout: {PlausibleWeb.LayoutView, "focus.html"}