From 1b834e1dc12e2168b2baa3630179d42f162368dd Mon Sep 17 00:00:00 2001
From: Rodrigo Souto <rodrigo@colivre.coop.br>
Date: Fri, 29 May 2015 18:35:13 -0300
Subject: [PATCH] add support for obfuscated parameters

Now you may override the method 'sensitive_parameters' with a list of
parameters that should be obfuscated on the log. If the lib is loaded on
a Rails application, uses the 'filter_parameters' attribute as default
value for 'sensitive_parameters'.
---
 lib/grape_logging/middleware/request_logger.rb | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/lib/grape_logging/middleware/request_logger.rb b/lib/grape_logging/middleware/request_logger.rb
index e5491ef..8150ebe 100644
--- a/lib/grape_logging/middleware/request_logger.rb
+++ b/lib/grape_logging/middleware/request_logger.rb
@@ -29,7 +29,7 @@ module GrapeLogging
       def parameters
         {
             path: request.path,
-            params: request.params.to_hash,
+            params: obfuscate_parameters(request.params),
             method: request.request_method,
             total: total_runtime,
             db: @db_duration.round(2),
@@ -57,6 +57,18 @@ module GrapeLogging
       def stop_time
         @stop_time ||= Time.now
       end
+
+      def obfuscate_parameters(request_parameters)
+        filtered_parameters = request_parameters.clone.to_hash
+        sensitive_parameters.each do |param|
+          filtered_parameters[param.to_s] = '***'
+        end
+        filtered_parameters
+      end
+
+      def sensitive_parameters
+        defined?(Rails.application) ? Rails.application.config.filter_parameters : []
+      end
     end
   end
 end
\ No newline at end of file