Stop printing API keys to the log when in debug mode

[MoralCode]

augur/augur/tasks/util/random_key_auth.py

Line 36 in a632b04

self.logger.debug(f'Key value used in request: {key_value}')

This line prints a full API key to the log when in debug mode.

if we are going to be printing secrets in plain text, can we at LEAST pass it through a function to obfuscate the key somehow? (i.e. remove all but the first 6 and last 3 characters of the key, and replace the middle with 6 or so asterisks ******, or even better, find a really small one-way cryptographic hash algorithm to pass the key though)

Separate, but related: The only place I think we should be printing API keys is in the output of the augur github api-keys CLI and maybe the web UI (and even then it should be censored by default without an EXPLICIT opt-in CLI arg or button click)

[PredictiveManish]

Is this a correct format?? This is a test result made for testing changes done for this issue. if it's good then I will make a PR on this.

[joepaulvilsan]

hi, I am new in open source contribution. I have to plan to mask this api key using md5 algorithm ,if the issue is not solved yet then can you assign me

[KrishiJi]

has this issue been resolved? if not, i would like to contribute in it. I can write a python script to replace some key numbers with asteriks(*) to obfuscate it.

[MoralCode]

There's already an open pull request in review for this - it has essentially already been claimed