feat(logs): sanitize basic auth in urls (#1188)

* Added regex pattern to capture credentials used to bypass auth

* Updated test case for log sanitisation

* Changed replacement pattern

* Update logs_sanitize_test.go

* fix: reorder regex patterns

---------

Co-authored-by: soup <soup@r4tio.dev>

internal/http/logs.go

@@ -109,6 +109,10 @@ var (
 			pattern: regexp.MustCompile(`(https?://[^\s]+/((rss/download/[a-zA-Z0-9]+/)|torrent/download/((auto\.[a-zA-Z0-9]+\.|[a-zA-Z0-9]+\.))))([a-zA-Z0-9]+)`),
 			repl:    "${1}REDACTED",
 		},
+		{
+			pattern: regexp.MustCompile(`(https?://)(.*?):(.*?)@`),
+			repl:    "${1}REDACTED_USER:REDACTED_PW@",
+		},
 		{
 			pattern: regexp.MustCompile(`(NickServ IDENTIFY )([\p{L}0-9!#%&*+/:;<=>?@^_` + "`" + `{|}~]+)`),
 			repl:    "${1}REDACTED",
@@ -175,7 +179,7 @@ func SanitizeLogFile(filePath string, output io.Writer) error {
 		for i := 0; i < len(regexReplacements); i++ {
 			// Apply the first three patterns only if the line contains "module":"feed",
 			// "module":"filter", "repo":"release", or "module":"action"
-			if i < 3 {
+			if i < 4 {
 				if bFilter {
 					line = regexReplacements[i].pattern.ReplaceAllString(line, regexReplacements[i].repl)
 				}

internal/http/logs_sanitize_test.go

@@ -153,6 +153,10 @@ func TestSanitizeLogFile(t *testing.T) {
 			input:    "\"module\":\"filter\" \\\"id\\\": 3855,\\n  \\\"apikey\\\": \\\"ad789a9s8d.asdpoiasdpojads09sad809\\\",\\n  \\\"minratio\\\": 10.0\\n",
 			expected: "\"module\":\"filter\" \\\"id\\\": 3855,\\n  \\\"apikey\\\": \\\"REDACTED\\\",\\n  \\\"minratio\\\": 10.0\\n",
 		},
+		{
+			input:    "\"module\":\"filter\" request: https://username:password@111.server.name.here/qbittorrent/api/v2/torrents/info: error making request",
+			expected: "\"module\":\"filter\" request: https://REDACTED_USER:REDACTED_PW@111.server.name.here/qbittorrent/api/v2/torrents/info: error making request",
+		},
 	}
 
 	for _, testCase := range testCases {