lzh/picoclaw
1
0
Fork 0
mirror of https://github.com/sipeed/picoclaw.git synced 2026-06-12 18:08:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(logger): show first/last 4 chars of bot token for identification

Browse Source
This commit is contained in:
Dmitrii Balabanov
2026-03-13 12:09:03 +02:00
parent 8fc36a4f9b
commit 64ceb5ab76
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/logger/logger_3rd_party.go
+6 -5
View File
@@ -7,13 +7,14 @@ import (
"regexp"
)
// botTokenRe matches the secret part of a Telegram bot token embedded in a URL
// or log message: /bot<id>:<secret>/ → /bot<id>:****/
var botTokenRe = regexp.MustCompile(`(bot\d+:)[A-Za-z0-9_-]{20,}`)
// botTokenRe matches the bot ID prefix and the secret part of a Telegram bot token.
// Groups: 1 = "bot<id>:", 2 = first 4 chars of secret, 3 = middle, 4 = last 4 chars.
var botTokenRe = regexp.MustCompile(`(bot\d+:)([A-Za-z0-9_-]{4})[A-Za-z0-9_-]{12,}([A-Za-z0-9_-]{4})`)
// maskSecrets replaces any embedded bot tokens in s with a redacted placeholder.
// maskSecrets replaces any embedded bot tokens in s with a redacted placeholder
// that keeps the first and last 4 characters of the secret for identification.
func maskSecrets(s string) string {
return botTokenRe.ReplaceAllString(s, "${1}****")
return botTokenRe.ReplaceAllString(s, "${1}${2}****${3}")
}
// Logger implements common Logger interface