Metadata-Version: 2.1
Name: secure-logger
Version: 0.1.4
Summary: A function decorator for beautiful and complete logging
Home-page: https://github.com/lpm0073/secure-logger
Author: Lawrence McDaniel
Author-email: Lawrence McDaniel <lpm0073@gmail.com>
Maintainer: Lawrence McDaniel
Maintainer-email: lpm0073@gmail.com
License: AGPLv3
Project-URL: Homepage, https://github.com/lpm0073/secure-logger
Project-URL: Documentation, https://github.com/lpm0073/secure-logger
Project-URL: Repository, https://github.com/lpm0073/secure-logger
Project-URL: Changelog, https://github.com/lpm0073/secure-logger/blob/main/CHANGELOG.md
Project-URL: Bug Tracker, https://github.com/lpm0073/secure-logger/issues
Keywords: Python,Logger
Platform: any
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: GNU Affero General Public License v3 or later (AGPLv3+)
Classifier: Natural Language :: English
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Requires-Python: >=3.6
Description-Content-Type: text/markdown
License-File: LICENSE.txt
Requires-Dist: validators
Provides-Extra: local
Requires-Dist: pre-commit ; extra == 'local'
Requires-Dist: black ; extra == 'local'
Requires-Dist: flake8 ; extra == 'local'
Requires-Dist: ipython ; extra == 'local'

# Secure Logger

[![Source code](https://img.shields.io/static/v1?logo=github&label=Git&style=flat-square&color=brightgreen&message=Source%20code)](https://github.com/lpm0073/secure-logger)
[![PyPI releases](https://img.shields.io/pypi/v/secure-logger?logo=python&logoColor=white)](https://pypi.org/project/secure-logger)
[![License: AGPL v3](https://img.shields.io/badge/License-AGPL_v3-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)
[![hack.d Lawrence McDaniel](https://img.shields.io/badge/hack.d-Lawrence%20McDaniel-orange.svg)](https://lawrencemcdaniel.com)

A Python decorator to generate redacted and nicely formatted log entries. Works on all callables: class, class methods, Python module functions. Recursively redacts Python dictionary key values based on a customizable list of case-insensitive keys.

## Usage

### As a decorator

```python
from secure_logger.decorators import secure_logger

class TestClass(object):

    @secure_logger()
    def test_2(self, test_dict, test_list):
        pass

# call your method, passing some sensitive data
test_dict = {
    'not_a_sensitive_key': 'you-can-see-me',
    'aws-access-key_id': conf.AWS_ACCESS_KEY_ID,
    'aws-secret-access-key': conf.AWS_SECRET_ACCESS_KEY
}
test_list = ['foo', 'bar']
o = TestClass()
o.test_2(test_dict=test_dict, test_list=test_list)
```

Log output:

```log
INFO:secure_logger: __main__.TestClass().test_2()  keyword args: {
    "test_dict": {
        "not_a_sensitive_key": "you-can-see-me",
        "aws-access-key-id": "*** -- REDACTED -- ***",
        "aws-secret-access-key": "*** -- REDACTED -- ***"
    },
    "test_list": [
        "foo",
        "bar"
    ]
}
```

### As library functions

```python
from secure_logger.masked_dict import masked_dict, masked_dict2str

test_dict = {
    'not_a_sensitive_key': 'you-can-see-me',
    'aws-access-key_id': conf.AWS_ACCESS_KEY_ID,
    'aws-secret-access-key': conf.AWS_SECRET_ACCESS_KEY
}
print(masked_dict2str(test_dict))
```

Output:

```bash
{
    "not_a_sensitive_key": "you-can-see-me",
    "aws-access-key-id": "*** -- REDACTED -- ***",
    "aws-secret-access-key": "*** -- REDACTED -- ***"
}
```

## Installation

```bash
pip install secure-logger
```

## Configuration

secure_logger accepts optional parameters.

- sensitive_keys: a Python list of dictionary keys. Not case sensitive.
- message: a string value that will replace the sensitive key values
- indent: number of characters to indent JSON string output when logging output

```python
class MyClass():

    @secure_logger(sensitive_keys=["password", "token", "crown_jewels"], message="***", indent=4)
    def another_def(self):
```

## Configuration Defaults

```python
DEFAULT_REDACTION_MESSAGE = "*** -- REDACTED -- ***"
DEFAULT_INDENT = 4
DEFAULT_SENSITIVE_KEYS = [
    "password",
    "token",
    "client_id",
    "client_secret",
    "Authorization",
    "secret",
    "access_key_id",
    "secret_access_key",
    "access-key-id",
    "secret-access-key",
    "aws_access_key_id",
    "aws_secret_access_key",
    "aws-access-key-id",
    "aws-secret-access-key",
]
```


### Contributing

Pull requests are welcome, and you can also contact [Lawrence McDaniel](https://lawrencemcdaniel.com/contact) directly.

### Getting Started With Local development

- Use the same virtual environment that you use for edx-platform
- Ensure that your Python interpreter to 3.8x
- install black: <https://pypi.org/project/black/>
- install flake8: <https://flake8.pycqa.org/en/latest/>
- install flake8-coding: <https://pypi.org/project/flake8-coding/>

```bash
# Run these from within your edx-platform virtual environment
python3 -m venv venv
source venv/bin/activate

pip install -r requirements/local.txt
pip install pre-commit black flake8
pre-commit install
```

#### Local development good practices

- run `black` on modified code before committing.
- run `flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics`
- run `flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics`
- run `pre-commit run --all-files` before pushing. see: <https://pre-commit.com/>
