Add API request/response logging with correlation IDs#793
Conversation
|
@Ajibose Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
|
Great job so far There’s just one blocker — the workflow is failing. Could you take a look and fix it so all checks pass? Happy to review again once that’s done. |
|
@RUKAYAT-CODER pls can you help me review it now |
|
Workflow still failing |
Auto-fix prettier formatting and prefer-template lint issues in the http-logging interceptor, logging module, and their spec files so CI lint:ci passes with --max-warnings 0. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Pull from the main first you will be able to see the conflict on your editor. Then resolve it |
i have done this several time already, but i am still trying to see why i can't resolve it. Even the resolve conflict button is greyed out |
- Resolve modify/delete conflict on tsconfig.build.tsbuildinfo (file is auto-generated and already in .gitignore, keep deleted) - Add unit test step to CI workflow so tests run on every push/PR Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Don't mind me. I thought already synced the repo. Sorry about that I think it should be working now |
|
Dont forget to always pull first from the main before pushing. Because am merging contributors work. |
Required by AppLoggerService; missing from package.json caused TypeScript typecheck to fail in CI. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Fixed. Pls help me review it Thanks |
|
Thank you for contributing to the project. |
Thanks for assigning the issues. |
Closes #507
Summary
HttpLoggingInterceptor(NestJSAPP_INTERCEPTOR) that logs every HTTP request and response with a correlation ID, HTTP method/URL, status code, and response time in millisecondsAppLoggerServicebacked by winston with JSON structured output and optional daily log rotation (viawinston-daily-rotate-file) for ELK stack compatibilitymaskSensitiveData/maskHeadersutilities that redact fields likepassword,token,authorization,secret,credit_card,cvv,pin, andapi_keybefore writing to logsLoggingModuleimported inAppModule— no per-controller wiring neededCorrelation ID proof
Correlation IDs are generated and stored in
AsyncLocalStorageby the existingCorrelationIdMiddleware(readsX-Correlation-IDheader or auto-generates acid-*prefixed ID). The interceptor retrieves it viagetCorrelationId()and embeds it in every log line:{"timestamp":"2026-06-25T16:08:23.497Z","level":"info","service":"teachlink-backend","correlationId":"cid-1s4k2a-abc12345","event":"http_request","method":"POST","url":"/api/auth/login"}Request/response logging example
{"timestamp":"...","level":"info","correlationId":"cid-xxx","event":"http_request","method":"POST","url":"/api/courses","headers":{"content-type":"application/json","authorization":"***MASKED***"}} {"timestamp":"...","level":"info","correlationId":"cid-xxx","event":"http_response","method":"POST","url":"/api/courses","statusCode":201,"durationMs":47}Response time tracking example
durationMsis computed asDate.now() - startTimecaptured beforenext.handle()and emitted on both success and error paths via RxJStap:{"event":"http_response","statusCode":200,"durationMs":23}Sensitive data masking demonstration
Input body:
{ "email": "user@example.com", "password": "secret123" }Logged body:
{ "email": "user@example.com", "password": "***MASKED***" }Masked fields:
password,passwd,token,accesstoken,refresh_token,apikey,api_key,authorization,auth,key,secret,clientsecret,credit_card,cvv,cvc,pin,ssnUnit tests passing
Files changed
src/logging/sensitive-data.masker.tssrc/logging/logger.service.tssrc/logging/http-logging.interceptor.tssrc/logging/logging.module.tssrc/app.module.tsLoggingModulesrc/logging/*.spec.ts