Masking Rule¶
Masking is essential for any system so that sensitive information can’t be exposed in plain text form. Flask error monitor provides masking feature, that can be disabled or enabled.
- Disable masking rule: set
APP_ERROR_MASKED_KEY_HAS = None - To set other mask rule add following lines
#Mask all the variables or dictionary keys which contains from one of the following tuple
APP_ERROR_MASKED_KEY_HAS = ( 'secret', 'card', 'credit', 'pass' )
#Replace value with `###@@@@@###`
APP_ERROR_MASK_WITH = "###@@@@@###"
Note
- Masking is performed for each variable like dict, list, set and all and it’s done based on the variable name
- Masking is performed on the dictionary key as well as e.g. ImmutableMultiDict, standard dict or any object whose super class is dict.
Custom masking rule¶
Using MaskingMixin¶
implement __call__ method of
from flask_error_monitor import MaskingMixin
class MyMaskingRule(MaskingMixin):
def __call__(self, key):
# Put any logic
# Do not mask return False, None
# To mask return True, Value
# create app as
...
app = Flask(__name__)
db = SQLAlchemy(app)
error_monitor = AppErrorMonitor(app=app, db=db, masking=MyMaskingRule("#########", ('pass', 'card') ) )
db.create_all()
return app, db, error_monitor
...
Using function¶
def mask(key):
# Put any logic
# Do not mask return False,None
# To mask return True, Value
# create app as
...
app = Flask(__name__)
db = SQLAlchemy(app)
error_monitor = AppErrorMonitor(app=app, db=db, masking=mask )
db.create_all()
return app, db, error_monitor