Encrypted Parameter Filter provides and easy way to encrypt parameters in your Rails logs and decrypt them later when needed.
You may need this if you wish to protect sensitive information that you wish to recover later. Not all applications and APIs store all the data that they receive. While ActiveRecord Encryption works fine for encrypted values before storing them in the database, this gem focuses on protecting data in your logs.
Install the gem and add to the application's Gemfile by executing:
bundle add encrypted_parameter_filterIf bundler is not being used to manage dependencies, install the gem by executing:
gem install encrypted_parameter_filterSimply add EncryptedParams.filter to your array of filtered parameters. Pass in a list of parameters to encrypt in your logs.
Example:
config/filter_parameter_logging.rb
Rails.application.config.filter_parameters += [
:passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn, :cvv, :cvc
] + EncryptedParams.filter(:address)
This will result in logs that look this.
Parameters: {"authenticity_token"=>"[FILTERED]", "user"=>{"address"=>"[ENCRYPTED]X1XAp9X0AV6CMFmHkzM=--4He21KhLNKbV0fdT--Sy2WgrOnt7hUqsKvYWXJyQ=="}, "commit"=>"Update User", "id"=>"1"}
The params can be decrypted with the following.
in rails console
encryptor = EncryptedParams.new([])
encryptor.decrypt("[ENCRYPTED]X1XAp9X0AV6CMFmHkzM=--4He21KhLNKbV0fdT--Sy2WgrOnt7hUqsKvYWXJyQ==")
After checking out the repo, run bin/setup to install dependencies. Then, run bundle exec appraisal rake to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and the created tag, and push the .gem file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/josephbhunt/encrypted_parameter_filter.
The gem is available as open source under the terms of the MIT License.