improve AuthToken display in P2P --debug

Using an empty string to obscure the AuthToken made it impossible to
tell if one was really being presented or not.

P2P/IO.hs

@@ -349,7 +349,7 @@ debugMessage conn prefix m = do
 		]
   where
 	safem = case m of
-		AUTH u _ -> AUTH u nullAuthToken
+		AUTH u _ -> AUTH u displayAuthToken
 		_ -> m
 	ConnIdent mident = connIdent conn
 

Utility/AuthToken.hs

@@ -1,6 +1,6 @@
 {- authentication tokens
  -
- - Copyright 2016 Joey Hess <id@joeyh.name>
+ - Copyright 2016-2025 Joey Hess <id@joeyh.name>
  -
  - License: BSD-2-clause
  -}
@@ -12,6 +12,7 @@ module Utility.AuthToken (
 	toAuthToken,
 	fromAuthToken,
 	nullAuthToken,
+	displayAuthToken,
 	genAuthToken,
 	AllowedAuthTokens,
 	allowedAuthTokens,
@@ -69,6 +70,10 @@ toAuthToken t
 nullAuthToken :: AuthToken
 nullAuthToken = AuthToken $ secureMemFromByteString $ TE.encodeUtf8 T.empty
 
+-- | Display in place of a real AuthToken in protocol dumps.
+displayAuthToken :: AuthToken
+displayAuthToken = AuthToken $ secureMemFromByteString $ TE.encodeUtf8 $ T.pack "<AUTHTOKEN>"
+
 -- | Generates an AuthToken of a specified length. This is done by
 -- generating a random bytestring, hashing it with sha2 512, and truncating
 -- to the specified length.