fix logging of password on Login

README.md

@@ -77,9 +77,18 @@ Data
     "Password": ""
 }
 ```
-
 This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of `access_token`.
 
+#### List Roles
+GET `/api/admin/roles`
+
+This operation can only be performed by a user with a role that is admin enabled. Lists currently defined roles.
+
+#### List Users
+GET `/api/admin/users`
+
+This operation can only be performed by a user with a role that is admin enabled. Lists currently defined users.
+
 ### Secrets Operations
 
 #### Store
@@ -130,3 +139,8 @@ Data
 ```
 
 Users with ReadOnly role will receive Forbidden error when calling this API endpoint. The values specified in deviceName and deviceCategory must match exactly one existing secret record for the RoleId of the currently logged in user. Wildcards are supported for deviceName and deviceCategory.
+
+#### List
+GET `/api/secret/list`
+
+Not yet implemented. Will generate a list of device names and categories but not username or secret data.

controllers/auth.go

@@ -96,13 +96,15 @@ func Login(c *gin.Context) {
 	u.UserName = input.Username
 	u.Password = input.Password
 
-	log.Printf("Login checking username '%s' and password '%s'\n", u.UserName, u.Password)
+	log.Printf("Login checking username '%s' and password length '%d'\n", u.UserName, len(u.Password))
 
 	token, err := models.LoginCheck(u.UserName, u.Password)
 
 	if err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": "username or password is incorrect."})
 		return
+	} else {
+		log.Printf("Login verified, returning token '%s'\n", token)
 	}
 
 	c.JSON(http.StatusOK, gin.H{"access_token": token})