About Sensitive Variables and Error Reporting

In production mode (DEBUG = False), you can hide certain variables from logging in error reports with the decorators @sensitive_variables and @sensitive_post_parameters, as follows:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
from django.views.decorators.debug import (
    sensitive_variables, sensitive_post_parameters,
)

@sensitive_post_parameters("email", "password")
@sensitive_variables("user_email", "user_password")
def show_subscription_form(request):
    if request.method == "POST":
        form = SubscriptionForm(data=request.POST)
        if form.is_valid():
            user_email = form.cleaned_data["email"]
            user_password = form.cleaned_data["password"]
            raise Exception()
    ...

Variables in Django settings and request.META containing any of the case-insensitive words "API", "TOKEN", "KEY", "SECRET", "PASS", "SIGNATURE" in their names will be hidden from reports too.

The values of hidden variables will be shown as **********.

Django 4.2 Django 3.2

Also by me

Django Paddle Subscriptions app

For Django-based SaaS projects.

Django App for You
Django GDPR Cookie Consent app

For Django websites that use cookies.

Django App for You
Django 3 Web Development Cookbook - Fourth Edition
Django Book for You
Django 3 Web Development Cookbook

Learn how to build practical web projects with Django 3.
1st things 1st
SaaS for You
Online prioritizer "1st things 1st"

It's not for everyone, but it might be for you!