温斯顿:加密敏感信息

时间:2018-10-11 14:26:25

标签: node.js express logging winston

我开始使用winston,express-winston和winston-mongodb记录请求和响应,并将它们添加到mongodb中。一段时间后,我能够生成日志,同时还可以通过使用黑名单/白名单将信息隐藏在体内,但是,我真正需要的是在将所有敏感数据(例如密码)保存到数据库之前对其进行加密。如何在保存数据之前自定义数据?

示例:

之前

{
    "_id" : ObjectId("5bbf30b37ca8b70015b8efc6"),
    "timestamp" : ISODate("2018-10-11T11:14:59.084Z"),
    "level" : "info",
    "message" : "HTTP POST /auth - 200 - 147ms",
    "meta" : {
        "res" : {
            "statusCode" : 200
        },
        "req" : {
            "url" : "/auth",
            "headers" : {
                "host" : "???.herokuapp.com",
                "connection" : "close",
                "content-type" : "application/json; charset=UTF-8",
                "accept-encoding" : "gzip",
                "user-agent" : "okhttp/3.10.0",
                "x-request-id" : "3b42aa9c-6ead-44cd-939f-cc09bb5318c3",
                "x-forwarded-for" : "0.0.0.0",
                "x-forwarded-proto" : "https",
                "x-forwarded-port" : "443",
                "via" : "1.1 vegur",
                "connect-time" : "0",
                "x-request-start" : "1539256498932",
                "total-route-time" : "0",
                "content-length" : "54"
            },
            "method" : "POST",
            "httpVersion" : "1.1",
            "originalUrl" : "/auth",
            "query" : {},
            "body" : {
                "email" : "abc@test.com",
                "password": "123abc"
            }
        },
        "responseTime" : 147
    }
}

之后

"body" : {
    "email" : "abc@test.com",
    "password": "ENCRYPTEDPASSWORD"
}

0 个答案:

没有答案