Giter VIP home page Giter VIP logo

laravel-http-logger's Introduction

Log HTTP requests

Latest Version on Packagist GitHub Workflow Status Total Downloads

This package adds a middleware which can log incoming requests to the default log. If anything goes wrong during a user's request and response, you'll still be able to access the original request data sent by that user and response.

This log acts as an extra safety net for critical user submissions, such as forms that generate leads.

Support us

We invest a lot of resources into creating best in class open source packages. You can support us by buying one of our paid products.

We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on our contact page. We publish all received postcards on our virtual postcard wall.

Installation

You can install the package via composer:

composer require spatie/laravel-http-logger

Optionally you can publish the config file with:

php artisan vendor:publish --provider="Spatie\HttpLogger\HttpLoggerServiceProvider" --tag="config"

This is the contents of the published config file:

return [

    /*
     * The log profile which determines whether a request and response should be logged.
     * It should implement `LogProfile`.
     */
    'log_profile' => \Spatie\HttpLogger\LogNonGetRequests::class,

    /*
     * The log writer used to write the request and response to a log.
     * It should implement `LogWriter`.
     */
    'log_writer' => \Spatie\HttpLogger\DefaultLogWriter::class,

    /*
     * The log channel used to write the request and response.
     */
    'log_channel' => env('LOG_CHANNEL', 'stack'),

    /*
     * The log level used to log the request and response.
     */
    'log_level' => 'info',

    /*
     * Filter out body fields which will never be logged.
     */
    'except' => [
        'password',
        'password_confirmation',
    ],

    /*
     * List of headers that will be sanitized. For example Authorization, Cookie, Set-Cookie...
     */
    'sanitize_headers' => [],
];

Usage

This packages provides a middleware which can be added as a global middleware or as a single route.

// in `app/Http/Kernel.php`

protected $middleware = [
    // ...

    \Spatie\HttpLogger\Middlewares\HttpLogger::class
];
// in a routes file

Route::post('/submit-form', function () {
    //
})->middleware(\Spatie\HttpLogger\Middlewares\HttpLogger::class);

Logging

Two classes are used to handle the logging of incoming requests and responses: a LogProfile class will determine whether the request and response should be logged, and LogWriter class will write the request and response to a log.

A default log implementation is added within this package. It will only log POST, PUT, PATCH, and DELETE requests and it will write to the default Laravel logger and.

You're free to implement your own log profile and/or log writer classes, and configure it in config/http-logger.php.

Requests

A custom log profile must implement \Spatie\HttpLogger\LogProfile. This interface requires you to implement shouldLogRequest. or

// Example implementation from `\Spatie\HttpLogger\LogNonGetRequests`

public function shouldLogRequest(Request $request): bool
{
   return in_array(strtolower($request->method()), ['post', 'put', 'patch', 'delete']);
}

A custom log writer must implement \Spatie\HttpLogger\LogWriter. This interface requires you to implement logRequest.

// Example implementation from `\Spatie\HttpLogger\DefaultLogWriter`

public function logRequest(Request $request): void
{
    $method = strtoupper($request->getMethod());

    $uri = $request->getPathInfo();

    $bodyAsJson = json_encode($request->except(config('http-logger.except')));

    $message = "{$method} {$uri} - {$bodyAsJson}";

    Log::channel(config('http-logger.log_channel'))->info($message);
}
Responses

A custom log profile for responses must implement \Spatie\HttpLogger\LogProfile. This interface requires you to implement shouldLogResponse.

// Example implementation from `\Spatie\HttpLogger\LogNonGetRequests`

public function shouldLogResponse(Response $response): bool
{
        try {
            $content = $response->getContent();
            if ($content) {
                json_decode($content, false, 512, JSON_THROW_ON_ERROR);
            }
            return true;
        } catch (\JsonException $exception) {
           return false;
        }
}

A custom log writer must implement \Spatie\HttpLogger\LogWriter. This interface requires you to implement logResponse.

// Example implementation from `\Spatie\HttpLogger\DefaultLogWriter`
    public function logResponse(Response $response)
    {
        Log::channel(config('http-logger.log_channel'))->log(config('http-logger.log_level', 'info'),  [
            'body' => $response->getContent(),
            'headers' => $this->getSanitizer()->clean($response->headers->all(), config('http-logger.sanitize_headers')),
            'code' => $response->status(),
        ]);
    }

Hide sensitive headers

You can define headers that you want to sanitize before sending them to the log. The most common example would be Authorization header. If you don't want to log jwt token, you can add that header to http-logger.php config file:

// in config/http-logger.php

return [
    // ...

    'sanitize_headers' => [
        'Authorization'
    ],
];

Output would be Authorization: "****" instead of Authorization: "Bearer {token}"

Testing

composer test

Changelog

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security

If you've found a bug regarding security please mail [email protected] instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

laravel-http-logger's People

Contributors

freekmurze avatar brendt avatar rubenvanassche avatar adrianmrn avatar sebastiandedeyne avatar ayoobmh avatar rogervila avatar nielsvanpach avatar kudashevs avatar furiosojack avatar stfndamjanovic avatar sebastianschoeps avatar laravel-shift avatar okipa avatar lsmith77 avatar dongido001 avatar patinthehat avatar pdewit avatar serderovsh avatar tvbeek avatar angeljqv avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.