Hello There,
I haven't been able to find a related issue for this so forgive me if this has already been asked. I'd like to log that a users password has been changed BUT without the hash ending up in the activity log. What would be the best way to go about this ?
I can see that I can use tapActivity then mutate the value of properties->attributes->password && properties->old->password but is there a better way ?
Because in most apps the password change is a dedicated form action or even in general profile forms you can use custom activities.
https://docs.spatie.be/laravel-activitylog/v3/basic-usage/logging-activity/
Just check if the password is changed in thee request and trigger the activity. Or ignore the password in the model activities and use your custom observer to trigger the activity on password change.
Because the password is a sensible information I really recommend a dedicated activity to immediately see that the password was changed.
@TheFrankman You can use the tapActivity method like below:
public function tapActivity(Activity $activity, string $event)
{
/** @var Collection $properties */
if ($properties = $activity->properties) {
if ($properties->has('attributes')) {
$attributes = $properties->get('attributes');
if (isset($attributes['password'])) {
$attributes['password'] = '<secret>';
}
$properties->put('attributes', $attributes);
}
if ($properties->has('old')) {
$old = $properties->get('old');
if (isset($old['password'])) {
$old['password'] = '<secret>';
}
$properties->put('old', $old);
}
$activity->properties = $properties;
}
}
@vaibhavpandeyvpz - Perfect, that's literally what i was just writing haha.
You can use Arr::has() with dot.notation to combine the two ifs.
if (Arr::has($properties, 'attributes.password')) {
$attributes = $properties->get('attributes');
$attributes['password'] = '<secret>';
$properties->put('attributes', $attributes);
}
These three lines can't be reduced because of the overloading and magic - otherwise you will get
PHP Notice: Indirect modification of overloaded element of Illuminate/Support/Collection has no effect
This issue is stale because it has been open 21 days with no activity. Remove stale label or comment or this will be closed in 7 days