Prevent runtime error when malformed login params are received

[zwippie]

TLDR: Prevent runtime error when malformed login params are received, to prevent leaking those possibly sensitive params to logs or external monitoring services.

Scenario: User/Client wants to login but it sends the credentials in a wrong format, for example the email and password are not wrapped in a map with a user key, or password is misspelled as pass, anything. Some reasons: developer implemented specs poorly, specs have changed, hacking attempt, dev playing with curl or some API-explorer tool. Anyway...

The way UserSessionController#create is defined, things will raise an error if you throw malformed params to it.

This is fine, until you connect a monitoring service to your app (like appsignal) and (while sensitive keys are filtered from params and session_data) these incorrect params show up in the error message in an error report. Oops.

Your thoughts please. Is this a real issue or am I being overly sensitive on what most probably would be a stupid developer mistake anyway (sending malformed params)?

[josevalim]

Those should be converted to ActionClauseError or CastError, which is status 4xx and should not report by default. If it does, you can ignore it in your reporting tools. If you get another error, please post the exception here. Thanks!