ministryofjustice · Lbagg1 · Dec 19, 2023 · Dec 14, 2023 · Dec 14, 2023 · Dec 14, 2023
diff --git a/service-api/.idea/.gitignore b/service-api/.idea/.gitignore
diff --git a/service-api/.idea/modules.xml b/service-api/.idea/modules.xml
diff --git a/service-api/.idea/service-api.iml b/service-api/.idea/service-api.iml
diff --git a/service-api/.idea/vcs.xml b/service-api/.idea/vcs.xml
@@ -0,0 +1,20 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Service\Log\Output;
+
+use function hash;
+
+class Email
+{
+    public function __construct(private string $email)
+    {
+    }
+
+    public function __toString(): string
+    {
+        $hash = hash('sha256', $this->email);
+        return sprintf($hash);
+    }
+}
@@ -190,7 +190,7 @@
         } catch (Exception $e) {
             $this->logger->notice(
                 'Attempt made to reset password for non-existent account',
-                ['email' => $email]
+                ['email' => new Email($email)]
             );
 
             throw $e;

@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace AppTest\Service\Log\Output;
+
+use App\Service\Log\Output\Email;
+use PHPUnit\Framework\TestCase;
+
+class EmailTest extends TestCase
+{
+    /** @test */
+    public function it_hides_a_string()
+    {
+        $email = new Email('[email protected]');
+        $this->assertMatchesRegularExpression('/.*/', (string)$email);
+        $this->assertStringNotContainsString('[email protected]', (string)$email);
+    }
+}
@@ -117,7 +117,7 @@ public function authenticate(string $credential, ?string $password = null): ?Use
                 'Authentication failed for {email} with code {code}',
                 [
                     'code'  => $e->getCode(),
-                    'email' => $credential,
+                    'email' =>new Email($credential),
                 ]
             );
             if ($e->getCode() === StatusCodeInterface::STATUS_UNAUTHORIZED) {