feat: add structured JSON request/response logging middleware for all…#238
Closed
1sraeliteX wants to merge 3 commits intoRemitwise-Org:mainfrom
Closed
feat: add structured JSON request/response logging middleware for all…#2381sraeliteX wants to merge 3 commits intoRemitwise-Org:mainfrom
1sraeliteX wants to merge 3 commits intoRemitwise-Org:mainfrom
Conversation
… /api routes - Add pino-based structured logger (lib/logger.ts) with defence-in-depth redaction - Add withApiLogger() HOF middleware (lib/api-logger-middleware.ts) that logs: method, path, statusCode, durationMs, requestId, responseSizeBytes - Add Edge middleware (middleware.ts) to inject/propagate x-request-id header - Wrap all 26 route files (28 handlers) with withApiLogger() - Add sanitizeAddress() and sanitizeEmail() helpers for opt-in safe logging - Never log: request/response bodies, headers, auth, cookies, tokens, secrets - Add comprehensive test suite (tests/api-logger.test.ts) - Add API logging documentation (docs/API_LOGGING.md) with schema, examples, and cross-service requestId correlation guide
Contributor
|
please resolve the conflicts |
added 2 commits
February 25, 2026 12:41
Pino's default SonicBoom destination writes directly to fd 1 via fs.writeSync, bypassing process.stdout.write. This caused 2 test failures in api-logger.test.ts because the stdout monkey-patch could not intercept log output. Changes: - lib/logger.ts: pass process.stdout as pino destination instead of SonicBoom - tests/api-logger.test.ts: add logger.flush() and event-loop tick in captureStdout for robustness All 9 tests now pass (0 failures).
Merged upstream rate limiting, session auth (createSession/getSessionCookieHeader), and webhook signature verification (lib/webhooks/verify) with our withApiLogger middleware. Resolved conflicts in 9 files: - middleware.ts: combined x-request-id propagation with rate limiting - app/api/auth/login: kept upstream session logic + withApiLogger - app/api/auth/logout: kept upstream cookie deletion + withApiLogger - app/api/auth/nonce: kept our complete implementation - app/api/goals: kept our validated implementation - app/api/insurance: trivial closure fix - app/api/split: adopted upstream Soroban contract integration + withApiLogger - app/api/user/profile: kept our preferences implementation - app/api/webhooks/anchor: adopted upstream verifySignature + withApiLogger
Author
|
@Baskarayelu , done! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
… /api routes