ilia
08914dc469
# Structured Logging System Implementation ## Summary Implements a comprehensive structured logging system to replace verbose console.* calls throughout the codebase, addressing all cleanup tasks from CLEANUP.md. ## What Changed ### Core Features - ✅ **Structured Logging System** - New `lib/logger.ts` with DEBUG, INFO, WARN, ERROR levels - ✅ **Environment-Based Control** - `LOG_LEVEL` env var controls verbosity (DEBUG/INFO/WARN/ERROR/NONE) - ✅ **JSON Logging Option** - `LOG_FORMAT=json` for structured JSON output - ✅ **Shared Constants** - Extracted session cookie name to `lib/constants.ts` ### Code Refactoring - ✅ Replaced all `console.*` calls in API routes with structured logger - ✅ Refactored `activity-log.ts` to use new logger system - ✅ Reduced verbose logging in auth, photos page, and upload routes - ✅ Updated proxy.ts to use structured logging - ✅ Removed unused legacy `/api/photos` route (replaced by `/api/photos/upload`) ### Security Improvements - ✅ Protected `/api/debug/session` endpoint with admin-only access - ✅ Added proper error logging with structured context ### Documentation - ✅ Documented multiple upload routes usage - ✅ Enhanced watch-activity.sh script documentation - ✅ Updated README.md with upload endpoint information - ✅ Added configuration documentation to next.config.ts ### Testing - ✅ Added 23 tests for logger system - ✅ Added 8 tests for refactored activity-log - ✅ All 43 tests passing ## Benefits 1. **Production-Ready Logging** - Environment-based control, defaults to INFO in production 2. **Reduced Verbosity** - DEBUG logs only show in development or when explicitly enabled 3. **Structured Output** - JSON format option for log aggregation tools 4. **Better Organization** - Shared constants, consistent logging patterns 5. **Improved Security** - Debug endpoint now requires admin access ## Testing ### Manual Testing - ✅ Server builds successfully - ✅ All tests pass (43/43) - ✅ Type checking passes - ✅ Linting passes - ✅ Production server runs with logs visible - ✅ Log levels work correctly (DEBUG shows all, INFO shows activity, etc.) ### Test Coverage - Logger system: 100% coverage - Activity log: 100% coverage - All existing tests still pass ## Configuration ### Environment Variables ```bash # Control log verbosity (DEBUG, INFO, WARN, ERROR, NONE) LOG_LEVEL=INFO # Use structured JSON logging LOG_FORMAT=json ``` ### Defaults - Development: `LOG_LEVEL=DEBUG` (shows all logs) - Production: `LOG_LEVEL=INFO` (shows activity and above) ## Migration Notes - No breaking changes (legacy route was unused) - All existing functionality preserved - Logs are now structured and filterable - Debug endpoint now requires admin authentication - Legacy `/api/photos` endpoint removed (use `/api/photos/upload` instead) ## Checklist - [x] All console.* calls replaced in API routes - [x] Logger system implemented with tests - [x] Activity logging refactored - [x] Debug endpoint protected - [x] Documentation updated - [x] All tests passing - [x] Type checking passes - [x] Linting passes - [x] Build succeeds - [x] Manual testing completed ## Related Issues Addresses cleanup tasks from CLEANUP.md: - Task 1: Verbose logging in production ✅ - Task 2: Activity logging optimization ✅ - Task 3: Upload verification logging ✅ - Task 4: Middleware debug logging ✅ - Task 5: Legacy upload route documentation ✅ - Task 6: Multiple upload routes documentation ✅ - Task 7: Cookie name constant extraction ✅ - Task 8: Next.js config documentation ✅ - Task 9: ARCHITECTURE.md (already correct) ✅ - Task 10: Watch activity script documentation ✅ Reviewed-on: #4
78 lines
2.3 KiB
TypeScript
78 lines
2.3 KiB
TypeScript
import { NextResponse } from "next/server"
|
|
import type { NextRequest } from "next/server"
|
|
import { getToken } from "next-auth/jwt"
|
|
import { SESSION_COOKIE_NAME } from "./lib/constants"
|
|
import { logActivity } from "./lib/activity-log"
|
|
|
|
export async function proxy(request: NextRequest) {
|
|
const pathname = request.nextUrl.pathname
|
|
|
|
// Public routes - allow access
|
|
if (pathname === "/login" || pathname.startsWith("/api/auth") || pathname.startsWith("/uploads")) {
|
|
return NextResponse.next()
|
|
}
|
|
|
|
// Get token (works in Edge runtime)
|
|
// Use constant for cookie name to match NextAuth config
|
|
const token = await getToken({
|
|
req: request,
|
|
secret: process.env.NEXTAUTH_SECRET,
|
|
cookieName: SESSION_COOKIE_NAME
|
|
})
|
|
|
|
// User activity logging - track all page visits and API calls
|
|
// Uses structured logging with log levels (INFO level, can be filtered)
|
|
const user = token ? {
|
|
id: token.id as string,
|
|
email: token.email as string,
|
|
role: token.role as string,
|
|
} : null
|
|
|
|
const referer = request.headers.get("referer") || "direct"
|
|
const userAgent = request.headers.get("user-agent") || "unknown"
|
|
|
|
logActivity(
|
|
token ? "PAGE_VIEW" : "UNAUTHENTICATED_ACCESS",
|
|
pathname,
|
|
request.method,
|
|
user,
|
|
{
|
|
referer,
|
|
userAgent: userAgent.substring(0, 100), // Limit length
|
|
},
|
|
request
|
|
)
|
|
|
|
// Protected routes - require authentication
|
|
if (!token) {
|
|
const loginUrl = new URL("/login", request.url)
|
|
loginUrl.searchParams.set("callbackUrl", pathname)
|
|
return NextResponse.redirect(loginUrl)
|
|
}
|
|
|
|
// Admin routes - require ADMIN role
|
|
if (pathname.startsWith("/admin")) {
|
|
if (token.role !== "ADMIN") {
|
|
return NextResponse.redirect(new URL("/", request.url))
|
|
}
|
|
}
|
|
|
|
return NextResponse.next()
|
|
}
|
|
|
|
export const config = {
|
|
matcher: [
|
|
/*
|
|
* Match all request paths except for the ones starting with:
|
|
* - _next/static (static files)
|
|
* - _next/image (image optimization files)
|
|
* - _next/rsc (RSC payload requests)
|
|
* - _next/webpack (webpack chunks)
|
|
* - favicon.ico (favicon file)
|
|
* - uploads/ (uploaded files)
|
|
* - public folder files (images, etc.)
|
|
*/
|
|
"/((?!_next/static|_next/image|_next/rsc|_next/webpack|favicon.ico|uploads|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)",
|
|
],
|
|
}
|