Michelle/redlight
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 11 Wiki Activity
Files
89b2a853d3321c231c0103daab93d6f88f17fca0
redlight/server/middleware/logging.js
Michelle ed8fb134ad
All checks were successful
Build & Push Docker Image / build (push) Successful in 6m28s
Details
Enhance logging in API calls and request/response middleware with sensitive data filtering and compact format
2026-02-28 21:24:25 +01:00

119 lines
3.7 KiB
JavaScript
Raw Blame History

import util from 'util';
const SENSITIVE_KEYS = [/pass/i, /pwd/i, /password/i, /token/i, /jwt/i, /secret/i, /authorization/i, /auth/i, /api[_-]?key/i];
const MAX_LOG_BODY_LENGTH = 200000; // 200 KB
function isSensitiveKey(key) {
return SENSITIVE_KEYS.some(rx => rx.test(key));
}
function filterValue(key, value, depth = 0) {
if (depth > 5) return '[MAX_DEPTH]';
if (key && isSensitiveKey(key)) return '[FILTERED]';
if (value === null || value === undefined) return value;
if (typeof value === 'string') {
if (value.length > MAX_LOG_BODY_LENGTH) return '[TOO_LARGE]';
return value;
}
if (typeof value === 'number' || typeof value === 'boolean') return value;
if (Array.isArray(value)) return value.map(v => filterValue(null, v, depth + 1));
if (typeof value === 'object') {
const out = {};
for (const k of Object.keys(value)) {
out[k] = filterValue(k, value[k], depth + 1);
}
return out;
}
return typeof value;
}
function filterHeaders(headers) {
const out = {};
for (const k of Object.keys(headers || {})) {
if (/^authorization$/i.test(k) || /^cookie$/i.test(k)) {
out[k] = '[FILTERED]';
continue;
}
if (isSensitiveKey(k)) {
out[k] = '[FILTERED]';
continue;
}
out[k] = headers[k];
}
return out;
}
function formatUTC(d) {
const pad = n => String(n).padStart(2, '0');
const Y = d.getUTCFullYear();
const M = pad(d.getUTCMonth() + 1);
const D = pad(d.getUTCDate());
const h = pad(d.getUTCHours());
const m = pad(d.getUTCMinutes());
const s = pad(d.getUTCSeconds());
return `${Y}-${M}-${D} ${h}:${m}:${s} UTC`;
}
export default function requestResponseLogger(req, res, next) {
try {
const start = Date.now();
const { method, originalUrl } = req;
const ip = req.ip || req.headers['x-forwarded-for'] || req.socket.remoteAddress;
const reqHeaders = filterHeaders(req.headers);
let reqBody = '[not-logged]';
const contentType = (req.headers['content-type'] || '').toLowerCase();
if (contentType.includes('multipart/form-data')) {
reqBody = '[multipart/form-data]';
} else if (req.body) {
try {
reqBody = filterValue(null, req.body);
} catch (e) {
reqBody = '[unserializable]';
}
}
// Capture response body by wrapping res.send
const oldSend = res.send.bind(res);
let responseBody = undefined;
res.send = function sendOverWrite(body) {
responseBody = body;
return oldSend(body);
};
res.on('finish', () => {
try {
const duration = Date.now() - start; // ms
const resContentType = (res.getHeader && (res.getHeader('content-type') || '')).toString().toLowerCase();
// Compact key=value log (no bodies, sensitive data filtered)
const tokens = [];
tokens.push(`time=${formatUTC(new Date())}`);
tokens.push(`method=${method}`);
tokens.push(`path=${originalUrl.replace(/\s/g, '%20')}`);
const fmt = resContentType.includes('json') ? 'json' : (resContentType.includes('html') ? 'html' : 'other');
tokens.push(`format=${fmt}`);
tokens.push(`status=${res.statusCode}`);
tokens.push(`duration=${(duration).toFixed(2)}`);
// Optional: content-length if available
try {
const cl = res.getHeader && (res.getHeader('content-length') || res.getHeader('Content-Length'));
if (cl) tokens.push(`length=${String(cl)}`);
} catch (e) {
// ignore
}
console.info(tokens.join(' '));
} catch (e) {
console.error('RequestLogger error:', e);
}
});
} catch (e) {
console.error('RequestLogger setup failure:', e);
}
return next();
}
Reference in New Issue View Git Blame Copy Permalink