refactor: improve logging messages for security

tmunzer-AIDE · tmunzer-AIDE · commit ed05bf1c1a1d · 2026-03-13T21:08:38.000+01:00
diff --git a/src/mistapi/__api_session.py b/src/mistapi/__api_session.py
@@ -285,7 +285,7 @@ def _load_keyring(self, keyring_service) -> None:
                     self.set_api_token(mist_apitoken)
                 mist_user = keyring.get_password(keyring_service, "MIST_USER")
                 if mist_user:
-                    LOGGER.info("apisession:_load_keyring: MIST_USER=%s", mist_user)
+                    LOGGER.info("apisession:_load_keyring: MIST_USER retrieved")
                     self.set_email(mist_user)
                 mist_password = keyring.get_password(keyring_service, "MIST_PASSWORD")
                 if mist_password:
@@ -466,8 +466,8 @@ def set_email(self, email: str | None = None) -> None:
             self.email = email
         else:
             self.email = input("Login: ")
-        LOGGER.info("apisession:set_email:email configured to %s", self.email)
-        CONSOLE.debug("Email configured to %s", self.email)
+        LOGGER.info("apisession:set_email:email configured")
+        CONSOLE.debug("Email configured")
 
     def set_password(self, password: str | None = None) -> None:
         """
@@ -573,7 +573,10 @@ def _get_api_token_data(self, apitoken) -> tuple[str | None, list | None]:
                 data.status_code,
             )
             CONSOLE.critical(
-                f"Invalid API Token {apitoken[:4]}...{apitoken[-4:]}: status code {data.status_code}\r\n"
+                "Invalid API Token %s...%s: status code %s\r\n",
+                apitoken[:4],
+                apitoken[-4:],
+                data.status_code,
             )
             raise ValueError(
                 f"Invalid API Token {apitoken[:4]}...{apitoken[-4:]}: status code {data.status_code}"
@@ -856,7 +859,7 @@ def login_with_return(
             LOGGER.info("apisession:login_with_return:access authorized")
             return {"authenticated": True, "error": ""}
         else:
-            LOGGER.error("apisession:login_with_return:access denied: %s", resp.data)
+            LOGGER.error("apisession:login_with_return:access denied: status code %s", resp.status_code)
             return {"authenticated": False, "error": resp.data}
 
     def logout(self) -> None:
@@ -1057,7 +1060,8 @@ def _two_factor_authentication(self, two_factor: str) -> bool:
                 resp.status_code,
             )
             CONSOLE.error(
-                f"2FA authentication failed with error code: {resp.status_code}\r\n"
+                "2FA authentication failed with error code: %s\r\n",
+                resp.status_code,
             )
             return False
 
@@ -1099,9 +1103,7 @@ def _getself(self) -> bool:
                     print(" Authenticated ".center(80, "-"))
                     print(f"\r\nWelcome {self.first_name} {self.last_name}!\r\n")
                 LOGGER.info(
-                    "apisession:_getself:account used: %s %s",
-                    self.first_name,
-                    self.last_name,
+                    "apisession:_getself:account info processed successfully"
                 )
                 return True
         elif resp.proxy_error:
