Simple Form - filtering updated attributes in the log

Question

Simple question about Simple Form:

I've an attribute in a user model for a token I'd like marked as [FILTERED] when passed over the network (as the password field does by default).

e.g.

I have:

Parameters: { "token"=>"WYXe3Z24JmUq", "email"=>"test@testing.com", 
"password"=>"[FILTERED]"}}

I want:

Parameters: { "token"=>"[FILTERED]", "email"=>"test@testing.com", 
"password"=>"[FILTERED]"}}

and an example form:

<%= simple_form_for @user do |f| %>
  <%= f.input :token %>
  <%= f.input :email %>
  <%= f.input :password %>
  <%= f.input :password_confirmation %>
  <%= f.button :submit %>
<% end %>

What option do I need to add to the field to achieve this? I'm certain there's an option, but I can't seem to find it anywhere.

Thanks in advance!

Steve.

score 2 · Accepted Answer · edited May 23 '17 at 11:50

2

in application.rb do the following:

config.filter_parameters += [:password, :token]

check this answer: How to filter parameters in rails?

edited May 23 '17 at 11:50

Community

1
1

answered Apr 29 '15 at 14:53

mohamed-ibrahim

10,837
4
39
51

score 0 · Answer 2 · answered Mar 24 '16 at 05:34

Rails 4

As a side note, config.filter_paramters has been moved it it's own initializers.

config/initializers/filter_paramter_logging.rb

You need to add the below line of code to filter the token and password

# Be sure to restart your server when you modify this file.

  # Configure sensitive parameters which will be filtered from the log file.

  Rails.application.config.filter_parameters += [:password, :token]

Simple Form - filtering updated attributes in the log

2 Answers2