diff --git a/pkg/client/http.go b/pkg/client/http.go index cb524d81..dfc6ae06 100644 --- a/pkg/client/http.go +++ b/pkg/client/http.go @@ -65,7 +65,7 @@ func (c *HttpClient) authenticate() { logger.Fatal(err, "could not marshal credentials") } - req := NewRequest("/login", WithBody(b)) + req := NewRequest("/login", WithBody(b), WithNoLog(true)) res, err := c.send("POST", req) if err != nil { @@ -113,17 +113,13 @@ func (c *HttpClient) send(method string, request *Request) (*Response, error) { logger.Info("%s %s", method, u.String()) - debugOutput := string(request.Body) - - if debugOutput != "" { - // FIXME (privateip) this is a quick hack to prevent the logger from - // showing the username and password used to authenticate to the - // server. A better mechanism should be implemented - if request.Path != "/login" { + if !request.NoLog { + debugOutput := string(request.Body) + if debugOutput != "" { logger.Debug(string(request.Body)) + } else { + logger.Debug("Request body is empty") } - } else { - logger.Debug("Request body is empty") } client := &http.Client{Jar: c.jar} diff --git a/pkg/client/request.go b/pkg/client/request.go index 4995e9e2..078f7bef 100644 --- a/pkg/client/request.go +++ b/pkg/client/request.go @@ -18,6 +18,9 @@ type Request struct { // The HTTP body to be send to the remote host Body []byte + + // Enable or disable logging this request + NoLog bool } // Defines a new HTTP request object. @@ -54,3 +57,13 @@ func WithBody(v []byte) RequestOption { r.Body = v } } + +// NoLog allows a calling function to disable logging to stdout or file for +// this request. This is useful when making API calls where the calling +// function does not want reveal sensitive information such as calling +// `/login` for example. +func WithNoLog(v bool) RequestOption { + return func(r *Request) { + r.NoLog = v + } +}