Mark credentials as sensitive variables

Fixes #27
muccg · Sep 12, 2017 · f65c425 · f65c425
1 parent 063d234
commit f65c425
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/useraudit/backend.py b/useraudit/backend.py
@@ -4,6 +4,8 @@
 from django.core.exceptions import PermissionDenied
 from django.dispatch import receiver
 from django.db.models.signals import pre_save
+from django.views.decorators.debug import sensitive_variables
+
 from .signals import login_failure_limit_reached
 from .models import LoginLogger, LoginAttempt
 from .models import LoginAttemptLogger
@@ -34,6 +36,7 @@ def __init__(self):
         self.login_failure_limit = getattr(settings, 'LOGIN_FAILURE_LIMIT', None) or 0
         self.login_attempt_logger = LoginAttemptLogger()
 
+    @sensitive_variables('credentials')
     def authenticate(self, **credentials):
         UserModel = get_user_model()
         self.username = credentials.get(UserModel.USERNAME_FIELD)