fix(backend): mask email PII in waitlist logging

Avoid logging raw email addresses by masking to first char + domain. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-08 22:05:08 -05:00 · 2026-02-08 20:35:13 -06:00
parent 4ba6c44f61
commit f91edde32a
1 changed files with 4 additions and 2 deletions
--- a/autogpt_platform/backend/backend/api/features/store/db.py
+++ b/autogpt_platform/backend/backend/api/features/store/db.py
@@ -2138,9 +2138,11 @@ async def add_user_to_waitlist(
                            where={"id": waitlist_id},
                            data={"unaffiliatedEmailUsers": current_emails},
                        )
-                        logger.info(f"Email {email} added to waitlist {waitlist_id}")
+                        # Mask email for logging to avoid PII exposure
+                        masked = email.split("@")[0][0] + "***@" + email.split("@")[1] if "@" in email else "***"
+                        logger.info(f"Email {masked} added to waitlist {waitlist_id}")
                    else:
-                        logger.debug(f"Email {email} already on waitlist {waitlist_id}")
+                        logger.debug(f"Email already exists on waitlist {waitlist_id}")

        # Re-fetch to return updated data
        updated_waitlist = await prisma.models.WaitlistEntry.prisma().find_unique(