Merge pull request #21 from jl-wynen/do-not-log-credentials

Security: Do not log username and token
SciCatProject · Jun 14, 2022 · 5bfaba2 · 5bfaba2
2 parents c1e5369 + b2a93e5
commit 5bfaba2
Showing 1 changed file with 2 additions and 5 deletions.
diff --git a/pyscicat/client.py b/pyscicat/client.py
@@ -646,7 +646,7 @@ def from_credentials(base_url: str, username: str, password: str):
 def get_token(base_url, username, password):
     """logs in using the provided username / password combination
     and receives token for further communication use"""
-    logger.info(f" Getting new token for user {username}")
+    logger.info(" Getting new token")
     if base_url[-1] != "/":
         base_url = base_url + "/"
     response = requests.post(
@@ -662,7 +662,4 @@ def get_token(base_url, username, password):
         raise ScicatLoginError(response.content)
 
     data = response.json()
-    # print("Response:", data)
-    token = data["id"]  # not sure if semantically correct
-    logger.info(f" token: {token}")
-    return token
+    return data["id"]  # not sure if semantically correct