feat: 优化日志记录，避免在登录和错误处理时输出敏感信息

2025-09-09 20:16:34 +08:00
parent 3a09a4469b
commit aaee312662
5 changed files with 61 additions and 28 deletions
--- a/src/main/java/com/gameplatform/server/controller/auth/AuthController.java
+++ b/src/main/java/com/gameplatform/server/controller/auth/AuthController.java
@@ -28,7 +28,8 @@ public class AuthController {
    @PostMapping("/login")
    @ResponseStatus(HttpStatus.OK)
    public Mono<LoginResponse> login(@Valid @RequestBody LoginRequest req) {
-        log.info("/api/auth/login called username={}", req.getUsername());
+        // Avoid logging raw usernames at info level
+        log.debug("/api/auth/login called");
        return authService.login(req);
    }

--- a/src/main/java/com/gameplatform/server/controller/link/QrProxyController.java
+++ b/src/main/java/com/gameplatform/server/controller/link/QrProxyController.java
@@ -58,7 +58,7 @@ public class QrProxyController {
        // 通过codeNo查询machineId
        String machineId = linkStatusService.getMechainIdByCode(codeNo);
        if (machineId == null) {
-            log.warn("无法找到codeNo对应的machineId: {}", codeNo);
+            log.warn("无法找到codeNo对应的machineId");
            return createNotFoundResponseMono();
        }

@@ -70,11 +70,11 @@ public class QrProxyController {
                        .header(HttpHeaders.CONTENT_DISPOSITION, "inline; filename=qr.png")
                        .body(bytes))
                .onErrorResume(WebClientResponseException.NotFound.class, ex -> {
-                    log.warn("图片不存在: path={}", path);
+                    log.warn("图片不存在");
                    return createNotFoundResponseMono();
                })
                .onErrorResume(WebClientResponseException.class, ex -> {
-                    log.warn("获取图片失败: path={}, status={}, error={}", path, ex.getStatusCode(), ex.getMessage());
+                    log.warn("获取图片失败: status={}, error={}", ex.getStatusCode(), ex.getMessage());
                    return Mono.just(ResponseEntity.status(ex.getStatusCode()).build());
                });
    }
@@ -86,7 +86,7 @@ public class QrProxyController {
                .flatMap(linkStatus -> {
                    String machineId = linkStatus.getMachineId();
                    if (machineId == null) {
-                        log.warn("无法找到codeNo对应的machineId: {}", codeNo);
+                        log.warn("无法找到codeNo对应的machineId");
                        return createNotFoundResponseMono();
                    }

@@ -98,16 +98,16 @@ public class QrProxyController {
                                    .header(HttpHeaders.CONTENT_DISPOSITION, "inline; filename=homepage.png")
                                    .body(bytes))
                            .onErrorResume(WebClientResponseException.NotFound.class, ex -> {
-                                log.warn("图片不存在: path={}", path);
+                                log.warn("图片不存在");
                                return createNotFoundResponseMono();
                            })
                            .onErrorResume(WebClientResponseException.class, ex -> {
-                                log.warn("获取图片失败: path={}, status={}, error={}", path, ex.getStatusCode(), ex.getMessage());
+                                log.warn("获取图片失败: status={}, error={}", ex.getStatusCode(), ex.getMessage());
                                return Mono.just(ResponseEntity.status(ex.getStatusCode()).build());
                            });
                })
                .onErrorResume(Exception.class, ex -> {
-                    log.error("获取链接状态失败: codeNo={}, error={}", codeNo, ex.getMessage());
+                    log.error("获取链接状态失败: {}", ex.getMessage());
                    return createInternalServerErrorResponseMono();
                });
    }
@@ -119,7 +119,7 @@ public class QrProxyController {
                .flatMap(linkStatus -> {
                    String machineId = linkStatus.getMachineId();
                    if (machineId == null) {
-                        log.warn("无法找到codeNo对应的machineId: {}", codeNo);
+                        log.warn("无法找到codeNo对应的machineId");
                        return createNotFoundResponseMono();
                    }

@@ -131,16 +131,16 @@ public class QrProxyController {
                                    .header(HttpHeaders.CONTENT_DISPOSITION, "inline; filename=first-reward.png")
                                    .body(bytes))
                            .onErrorResume(WebClientResponseException.NotFound.class, ex -> {
-                                log.warn("图片不存在: path={}", path);
+                                log.warn("图片不存在");
                                return createNotFoundResponseMono();
                            })
                            .onErrorResume(WebClientResponseException.class, ex -> {
-                                log.warn("获取图片失败: path={}, status={}, error={}", path, ex.getStatusCode(), ex.getMessage());
+                                log.warn("获取图片失败: status={}, error={}", ex.getStatusCode(), ex.getMessage());
                                return Mono.just(ResponseEntity.status(ex.getStatusCode()).build());
                            });
                })
                .onErrorResume(Exception.class, ex -> {
-                    log.error("获取链接状态失败: codeNo={}, error={}", codeNo, ex.getMessage());
+                    log.error("获取链接状态失败: {}", ex.getMessage());
                    return createInternalServerErrorResponseMono();
                });
    }
@@ -152,7 +152,7 @@ public class QrProxyController {
                .flatMap(linkStatus -> {
                    String machineId = linkStatus.getMachineId();
                    if (machineId == null) {
-                        log.warn("无法找到codeNo对应的machineId: {}", codeNo);
+                        log.warn("无法找到codeNo对应的machineId");
                        return createNotFoundResponseMono();
                    }

@@ -164,16 +164,16 @@ public class QrProxyController {
                                    .header(HttpHeaders.CONTENT_DISPOSITION, "inline; filename=mid-reward.png")
                                    .body(bytes))
                            .onErrorResume(WebClientResponseException.NotFound.class, ex -> {
-                                log.warn("图片不存在: path={}", path);
+                                log.warn("图片不存在");
                                return createNotFoundResponseMono();
                            })
                            .onErrorResume(WebClientResponseException.class, ex -> {
-                                log.warn("获取图片失败: path={}, status={}, error={}", path, ex.getStatusCode(), ex.getMessage());
+                                log.warn("获取图片失败: status={}, error={}", ex.getStatusCode(), ex.getMessage());
                                return Mono.just(ResponseEntity.status(ex.getStatusCode()).build());
                            });
                })
                .onErrorResume(Exception.class, ex -> {
-                    log.error("获取链接状态失败: codeNo={}, error={}", codeNo, ex.getMessage());
+                    log.error("获取链接状态失败: {}", ex.getMessage());
                    return createInternalServerErrorResponseMono();
                });
    }
@@ -315,4 +315,3 @@ public class QrProxyController {
    }
 }

-