ilia/mirror_match
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
mirror_match/app/api/photos/[photoId]/route.ts
ilia 08914dc469 Implements a comprehensive structured logging system to replace verbose console.* calls throughout the codebase, addressing all cleanup tasks from CLEANUP.md. (#4) 
# Structured Logging System Implementation

## Summary
Implements a comprehensive structured logging system to replace verbose console.* calls throughout the codebase, addressing all cleanup tasks from CLEANUP.md.

## What Changed

### Core Features
-  **Structured Logging System** - New `lib/logger.ts` with DEBUG, INFO, WARN, ERROR levels
-  **Environment-Based Control** - `LOG_LEVEL` env var controls verbosity (DEBUG/INFO/WARN/ERROR/NONE)
-  **JSON Logging Option** - `LOG_FORMAT=json` for structured JSON output
-  **Shared Constants** - Extracted session cookie name to `lib/constants.ts`

### Code Refactoring
-  Replaced all `console.*` calls in API routes with structured logger
-  Refactored `activity-log.ts` to use new logger system
-  Reduced verbose logging in auth, photos page, and upload routes
-  Updated proxy.ts to use structured logging
-  Removed unused legacy `/api/photos` route (replaced by `/api/photos/upload`)

### Security Improvements
-  Protected `/api/debug/session` endpoint with admin-only access
-  Added proper error logging with structured context

### Documentation
-  Documented multiple upload routes usage
-  Enhanced watch-activity.sh script documentation
-  Updated README.md with upload endpoint information
-  Added configuration documentation to next.config.ts

### Testing
-  Added 23 tests for logger system
-  Added 8 tests for refactored activity-log
-  All 43 tests passing

## Benefits

1. **Production-Ready Logging** - Environment-based control, defaults to INFO in production
2. **Reduced Verbosity** - DEBUG logs only show in development or when explicitly enabled
3. **Structured Output** - JSON format option for log aggregation tools
4. **Better Organization** - Shared constants, consistent logging patterns
5. **Improved Security** - Debug endpoint now requires admin access

## Testing

### Manual Testing
-  Server builds successfully
-  All tests pass (43/43)
-  Type checking passes
-  Linting passes
-  Production server runs with logs visible
-  Log levels work correctly (DEBUG shows all, INFO shows activity, etc.)

### Test Coverage
- Logger system: 100% coverage
- Activity log: 100% coverage
- All existing tests still pass

## Configuration

### Environment Variables
```bash
# Control log verbosity (DEBUG, INFO, WARN, ERROR, NONE)
LOG_LEVEL=INFO

# Use structured JSON logging
LOG_FORMAT=json
```

### Defaults
- Development: `LOG_LEVEL=DEBUG` (shows all logs)
- Production: `LOG_LEVEL=INFO` (shows activity and above)

## Migration Notes

- No breaking changes (legacy route was unused)
- All existing functionality preserved
- Logs are now structured and filterable
- Debug endpoint now requires admin authentication
- Legacy `/api/photos` endpoint removed (use `/api/photos/upload` instead)

## Checklist

- [x] All console.* calls replaced in API routes
- [x] Logger system implemented with tests
- [x] Activity logging refactored
- [x] Debug endpoint protected
- [x] Documentation updated
- [x] All tests passing
- [x] Type checking passes
- [x] Linting passes
- [x] Build succeeds
- [x] Manual testing completed

## Related Issues
Addresses cleanup tasks from CLEANUP.md:
- Task 1: Verbose logging in production 
- Task 2: Activity logging optimization 
- Task 3: Upload verification logging 
- Task 4: Middleware debug logging 
- Task 5: Legacy upload route documentation 
- Task 6: Multiple upload routes documentation 
- Task 7: Cookie name constant extraction 
- Task 8: Next.js config documentation 
- Task 9: ARCHITECTURE.md (already correct) 
- Task 10: Watch activity script documentation 

Reviewed-on: #4
2026-01-04 19:42:49 -05:00

76 lines
2.0 KiB
TypeScript
Raw Blame History

import { NextRequest, NextResponse } from "next/server"
import { auth } from "@/lib/auth"
import { prisma } from "@/lib/prisma"
import { logger } from "@/lib/logger"
import { unlink } from "fs/promises"
import { join } from "path"
import { existsSync } from "fs"
export async function DELETE(
req: NextRequest,
{ params }: { params: Promise<{ photoId: string }> }
) {
try {
const session = await auth()
if (!session) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 })
}
// Only admins can delete photos
if (session.user.role !== "ADMIN") {
return NextResponse.json(
{ error: "Only admins can delete photos" },
{ status: 403 }
)
}
const { photoId } = await params
// Find the photo
const photo = await prisma.photo.findUnique({
where: { id: photoId },
})
if (!photo) {
return NextResponse.json({ error: "Photo not found" }, { status: 404 })
}
// Delete all guesses associated with this photo first
await prisma.guess.deleteMany({
where: { photoId: photoId },
})
// Delete the photo file if it's a local upload (starts with /uploads/)
if (photo.url.startsWith("/uploads/")) {
const filepath = join(process.cwd(), "public", photo.url)
if (existsSync(filepath)) {
try {
await unlink(filepath)
} catch (error) {
logger.error("Failed to delete file", {
filepath,
error: error instanceof Error ? error : new Error(String(error)),
})
// Continue with database deletion even if file deletion fails
}
}
}
// Delete the photo
await prisma.photo.delete({
where: { id: photoId },
})
return NextResponse.json({ success: true, message: "Photo deleted successfully" })
} catch (error) {
logger.error("Error deleting photo", {
error: error instanceof Error ? error : new Error(String(error)),
})
return NextResponse.json(
{ error: "Internal server error" },
{ status: 500 }
)
}
}
Reference in New Issue View Git Blame Copy Permalink