pub fn redact_token(token: &str) -> StringExpand description
Render a short, privacy-preserving fingerprint of a token. The
returned string includes the first 8 chars of sha256(token) —
just enough for an operator to correlate two log lines about the
same token without disclosing it. Never reverses to the original.
Used for: session-cookie tokens, password-reset tokens, future API keys.