actual-budget-rest-api/src/logging/logger.js at main · ZoneMix/actual-budget-rest-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
/**
 * Structured logging with Winston.
 * Supports multiple log levels and structured JSON output.
 */

import winston from 'winston';

const { combine, timestamp, json, printf, colorize, errors } = winston.format;

// Custom format for development (readable)
const devFormat = printf(({ level, message, timestamp: ts, ...metadata }) => {
  let msg = `${ts} [${level}] ${message}`;
  if (Object.keys(metadata).length > 0) {
    msg += ` ${JSON.stringify(metadata)}`;
  }
  return msg;
});

// Determine log level from environment
const logLevel = process.env.LOG_LEVEL || 'info';
const isProd = process.env.NODE_ENV === 'production';

// Create the logger
const logger = winston.createLogger({
  level: logLevel,
  format: combine(
    errors({ stack: true }),
    timestamp({ format: 'YYYY-MM-DD HH:mm:ss' })
  ),
  defaultMeta: {
    service: 'budget-api',
    env: process.env.NODE_ENV || 'development',
  },
  transports: [
    new winston.transports.Console({
      format: isProd
        ? combine(json())
        : combine(colorize(), devFormat),
    }),
  ],
});

// Security audit logger
export const logAuthEvent = (event, userId, details, success) => {
  logger.info({
    type: 'AUTH_EVENT',
    event,
    userId,
    success,
    ...details,
  });
};

export const logSuspiciousActivity = (type, userId, details) => {
  logger.error({
    type: 'SECURITY_ALERT',
    category: type,
    userId,
    ...details,
    alert: true,
  });
};

export default logger;