Commit 5edd034

mo <mo@mokhan.ca>
2018-12-15 22:07:31
exclude mfa_secret and password digest
main
1 parent a90d5ef
Changed files (2)
app
models
user.rb
config
initializers
filter_parameter_logging.rb
app/models/user.rb
@@ -3,7 +3,7 @@
 class User < ApplicationRecord
   VALID_TIMEZONES = ActiveSupport::TimeZone::MAPPING.values
   VALID_LOCALES = I18n.available_locales.map(&:to_s)
-  audited
+  audited except: [:password_digest, :mfa_secret]
   has_secure_password
   has_many :sessions, foreign_key: "user_id", class_name: UserSession.name
config/initializers/filter_parameter_logging.rb
@@ -9,5 +9,6 @@ Rails.application.config.filter_parameters += [
   :SAMLResponse,
   :authenticity_token,
   :client_secret,
+  :mfa_secret,
   :password,
 ]