From a2341d8c15ce249705c143e6d5f4ae715573f8d7 Mon Sep 17 00:00:00 2001
From: Maor Rozenfeld <49363375+maor-rozenfeld@users.noreply.github.com>
Date: Wed, 26 Nov 2025 11:14:14 +0100
Subject: [PATCH] Add starting funcs

---
 .../server/api/src/app/helper/error-handler.ts   | 13 +++++++++++++
 .../server/shared/src/lib/logger/log-cleaner.ts  | 16 ++++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/packages/server/api/src/app/helper/error-handler.ts b/packages/server/api/src/app/helper/error-handler.ts
index d77f207c06..7dcb226cef 100644
--- a/packages/server/api/src/app/helper/error-handler.ts
+++ b/packages/server/api/src/app/helper/error-handler.ts
@@ -27,6 +27,19 @@ export const errorHandler = async (
       query,
     }))(_request);
 
+    // check if the body in requestSummary has a secret property like password and censor it
+    const secretProperties = ['password', 'secret', 'token', 'key'];
+    if (requestSummary.body && typeof requestSummary.body === 'object') {
+      const censoredBody = { ...requestSummary.body };
+      for (const key of Object.keys(censoredBody)) {
+        if (secretProperties. includes(key.toLowerCase())) {
+          censoredBody[key] = '****';
+        }
+      }
+      requestSummary.body = censoredBody;
+    }
+
+
     logger.error('Error handler caught an exception.', {
       message: error.message,
       stack: error.stack,
diff --git a/packages/server/shared/src/lib/logger/log-cleaner.ts b/packages/server/shared/src/lib/logger/log-cleaner.ts
index 4eb04b949b..be73d25544 100644
--- a/packages/server/shared/src/lib/logger/log-cleaner.ts
+++ b/packages/server/shared/src/lib/logger/log-cleaner.ts
@@ -99,3 +99,19 @@ function stringify(value: any) {
     return `Logger error - could not stringify object. ${error}`;
   }
 }
+
+function isSecretKey(key: string): boolean {
+  const secretKeywords = ["password", "token", "key", "secret", "authorization"];
+  return secretKeywords.some(keyword => key.toLowerCase().includes(keyword));
+}
+
+function censorSecrets(object: Object) {
+  for (const key in Object.keys(object)) {
+    if (typeof object[key] === 'string' && secretKeywords.some(keyword => key.toLowerCase().includes(keyword))) {
+        event[key] = "[CENSORED]";
+    }
+    else if (typeof event[key] === 'object' && event[key] !== null) {
+        censorSecrets(event[key]);
+    }
+  }
+}