我目前正在开发一个用于monolog日志记录的大型应用程序,并被要求隐藏密码等任何敏感信息。
我试图做的是扩展独白,以便它会自动用星号替换敏感信息,但即使数据似乎被更改,最终原始文本也会被记录。
use Monolog\Handler\AbstractProcessingHandler;
class FilterOutputHandler extends AbstractProcessingHandler
{
private $filteredFields = [];
public function __construct(array $filteredFields = [], $level = Monolog\Logger::DEBUG, $bubble = true)
{
$this->filteredFields = array_merge($filteredFields, $this->filteredFields);
parent::__construct($level, $bubble);
}
protected function write(array $record)
{
foreach($record['context'] as $key=>$value){
if(in_array($key, $this->filteredFields)){
$record['context'][$key] = '*****';
}
}
return $record;
}
}
当我初始化记录器时,我这样做:
$logger->pushHandler(new FilterOutputHandler(['username', 'password']));
$logger->debug('Sensitive data incoming', ['username'=> 'Oh noes!', 'password'=> 'You shouldn\'t be able to see me!']);
我还尝试重写接口的handle和方法,但没有成功。这可以用独白来完成吗?processRecordAbstractProcessingHandler
看来我尝试了错误的事情。
我必须使用该pushProcessor(callable)方法添加新的处理器,而不是向记录器添加新的处理程序。
因此,在我的特定用例中,我可以将过滤器添加到我的上下文中,如下所示:
function AddLoggerFilteringFor(array $filters){
return function ($record) use($filters){
foreach($filters as $filter){
if(isset($record['context'][$filter])){
$record['context'][$filter] = '**HIDDEN FROM LOG**';
}
}
return $record;
};
}
稍后我可以简单地添加过滤器
(init)
$logger->pushProcessor(AddLoggerFilteringFor(['username', 'password']));
...
(several function definition and business logic later)
$logger->debug('Some weird thing happened, better log it', ['username'=> 'Oh noes!', 'password'=> 'You shouldn\'t be able to see me!']);