eduard256
8cf05a1576
Add a secret-masking slog.Handler that automatically replaces registered passwords with "***" in all log output. Secrets are registered per-scan when a discovery request arrives and unregistered when it completes. This approach masks credentials everywhere they appear in logs — URL userinfo, query parameters, path segments, and Go HTTP error messages — without modifying any business logic in scanner, builder, tester, or ONVIF components. API responses are unaffected and still return full URLs with credentials for frontend use.
35 lines
829 B
Go
35 lines
829 B
Go
package logger
|
|
|
|
import "log/slog"
|
|
|
|
// Adapter wraps slog.Logger to match our interface
|
|
type Adapter struct {
|
|
*slog.Logger
|
|
Secrets *SecretStore
|
|
}
|
|
|
|
// NewAdapter creates a new logger adapter
|
|
func NewAdapter(logger *slog.Logger, secrets *SecretStore) *Adapter {
|
|
return &Adapter{Logger: logger, Secrets: secrets}
|
|
}
|
|
|
|
// Debug logs a debug message
|
|
func (a *Adapter) Debug(msg string, args ...any) {
|
|
a.Logger.Debug(msg, args...)
|
|
}
|
|
|
|
// Info logs an info message
|
|
func (a *Adapter) Info(msg string, args ...any) {
|
|
a.Logger.Info(msg, args...)
|
|
}
|
|
|
|
// Error logs an error message
|
|
func (a *Adapter) Error(msg string, err error, args ...any) {
|
|
allArgs := append([]any{"error", err}, args...)
|
|
a.Logger.Error(msg, allArgs...)
|
|
}
|
|
|
|
// Warn logs a warning message
|
|
func (a *Adapter) Warn(msg string, args ...any) {
|
|
a.Logger.Warn(msg, args...)
|
|
} |