Stop exposing reset password token and new user email token in logs
Summary
The reset password email link token and the new user email link token are exposed in logs.
In gitlab-ctl tail
on my test Omnibus instance on GitLab 14.4-pre:
==> /var/log/gitlab/gitlab-rails/production.log <==
[ActiveJob] Enqueued ActionMailer::MailDeliveryJob (Job ID: 606abb60-97f2-480f-8c59-4a9a240d3b94) to Sidekiq(mailers) with arguments: "Notify", "new_user_email", "deliver_now", {:args=>[2, "17uGGXB4g2DNrzqwf_To"]}
In Kibana for GitLab.com https://log.gprd.gitlab.net/goto/0a869b9d34de16f82b4e37106a213d01 (I changed the values):
[ActiveJob] Enqueued ActionMailer::MailDeliveryJob (Job ID: 3c179dfe-4646-4dab-b34d-2000e14e15fe) to Sidekiq(mailers) with arguments: "DeviseMailer", "reset_password_instructions", "deliver_now", {:args=>[#<GlobalID:0x00007f7d73399df7 @uri=#<URI::GID gid://gitlab/User/1234567>>, "mtofpQMP_ghqeyXZWF-r", {}]}
Steps to reproduce
Use reset password flow or create a new user in the Admin UI, then search the logs for reset_password_instructions
or new_user_email
.
What is the current bug behavior?
The tokens are exposed in the logs.
What is the expected correct behavior?
The tokens should not be output to logs.
Possible fixes
Suppress these ActiveJob
messages entirely, since they are redundant with Sidekiq logging.