gotosocial/internal/middleware/logger.go
Daenney 5e2bf0bdca
[chore] Improve copyright header handling (#1608)
* [chore] Remove years from all license headers

Years or year ranges aren't required in license headers. Many projects
have removed them in recent years and it avoids a bit of yearly toil.

In many cases our copyright claim was also a bit dodgy since we added
the 2021-2023 header to files created after 2021 but you can't claim
copyright into the past that way.

* [chore] Add license header check

This ensures a license header is always added to any new file. This
avoids maintainers/reviewers needing to remember to check for and ask
for it in case a contribution doesn't include it.

* [chore] Add missing license headers

* [chore] Further updates to license header

* Use the more common // indentend comment format
* Remove the hack we had for the linter now that we use the // format
* Add SPDX license identifier
2023-03-12 16:00:57 +01:00

100 lines
3 KiB
Go

// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package middleware
import (
"fmt"
"net/http"
"time"
"codeberg.org/gruf/go-bytesize"
"codeberg.org/gruf/go-errors/v2"
"codeberg.org/gruf/go-kv"
"codeberg.org/gruf/go-logger/v2/level"
"github.com/gin-gonic/gin"
"github.com/superseriousbusiness/gotosocial/internal/log"
)
// Logger returns a gin middleware which provides request logging and panic recovery.
func Logger() gin.HandlerFunc {
return func(c *gin.Context) {
// Initialize the logging fields
fields := make(kv.Fields, 6, 7)
// Determine pre-handler time
before := time.Now()
// defer so that we log *after the request has completed*
defer func() {
code := c.Writer.Status()
path := c.Request.URL.Path
if r := recover(); r != nil {
if c.Writer.Status() == 0 {
// No response was written, send a generic Internal Error
c.Writer.WriteHeader(http.StatusInternalServerError)
}
// Append panic information to the request ctx
err := fmt.Errorf("recovered panic: %v", r)
_ = c.Error(err)
// Dump a stacktrace to error log
callers := errors.GetCallers(3, 10)
log.WithContext(c.Request.Context()).
WithField("stacktrace", callers).Error(err)
}
// NOTE:
// It is very important here that we are ONLY logging
// the request path, and none of the query parameters.
// Query parameters can contain sensitive information
// and could lead to storing plaintext API keys in logs
// Set request logging fields
fields[0] = kv.Field{"latency", time.Since(before)}
fields[1] = kv.Field{"clientIP", c.ClientIP()}
fields[2] = kv.Field{"userAgent", c.Request.UserAgent()}
fields[3] = kv.Field{"method", c.Request.Method}
fields[4] = kv.Field{"statusCode", code}
fields[5] = kv.Field{"path", path}
// Create log entry with fields
l := log.WithContext(c.Request.Context()).
WithFields(fields...)
// Default is info
lvl := level.INFO
if code >= 500 {
// This is a server error
lvl = level.ERROR
l = l.WithField("error", c.Errors)
}
// Generate a nicer looking bytecount
size := bytesize.Size(c.Writer.Size())
// Finally, write log entry with status text body size
l.Logf(lvl, "%s: wrote %s", http.StatusText(code), size)
}()
// Process request
c.Next()
}
}