adds ENABLE_ACCESS_LOGGING environment variable; renames LOG_ALL_FILE…

… environment variable to ALL_LOG_FILE; removes ENABLE_STATUS_ALLOCATION environment variable; removes ENABLE_HTTPS_FOR_DEV environment variable
digitalcredentials · Mar 2, 2024 · 44661f2 · 44661f2
1 parent 3c72dd4
commit 44661f2
Show file tree

Hide file tree

Showing 8 changed files with 64 additions and 25 deletions.
diff --git a/.env.example b/.env.example
@@ -4,8 +4,9 @@
 CRED_STATUS_SERVICE=github
 CRED_STATUS_DID_SEED=z1AackbUm8U69ohKnihoRRFkXcXJd4Ra1PkAboQ2ZRy1ngB
 PORT=4008 # default port is 4008
-LOG_ALL_FILE=logs/all.log
+ENABLE_ACCESS_LOGGING=true
 ERROR_LOG_FILE=logs/error.log
+ALL_LOG_FILE=logs/all.log
 CONSOLE_LOG_LEVEL=silly # default is silly, i.e. log everything - see the README for allowed levels
 LOG_LEVEL=silly # default is silly
 

diff --git a/Dockerfile b/Dockerfile
@@ -3,4 +3,4 @@ WORKDIR /app
 COPY . .
 RUN npm install
 CMD ["node", "server.js"]
-EXPOSE 4008
+EXPOSE 4008
diff --git a/README.md b/README.md
@@ -11,10 +11,12 @@ IMPORTANT NOTE ABOUT VERSIONING: If you are using a Docker Hub image of this rep
 - [Signing Key](#signing-key)
   - [DID Registries](#did-registries)
 - [Usage](#usage)
-  - [Allocate a status position](#allocate-status-position)
+  - [Allocate Status Position](#allocate-status-position)
   - [Revoke](#revoke)
 - [Versioning](#versioning)
 - [Logging](#logging)
+  - [Log Levels](#log-levels)
+  - [Access Logging](#access-logging)
 - [Development](#development)
   - [Testing](#testing)
 - [Contribute](#contribute)
@@ -37,17 +39,18 @@ This service provides support for managing credential status in a variety of Git
 
 | Key | Description | Type | Required |
 | --- | --- | --- | --- |
-| `CRED_STATUS_SERVICE` | name of the Git service used to manage credential status data | `github` \| `gitlab` | yes if `ENABLE_STATUS_ALLOCATION` is true |
-| \* `CRED_STATUS_OWNER` | name of the owner account (personal or organization) in the Git service used to manage credential status data | string | yes if `ENABLE_STATUS_ALLOCATION` is true |
-| \* `CRED_STATUS_REPO_NAME` | name of the status credential repository | string | yes if `ENABLE_STATUS_ALLOCATION` is true |
-| \* `CRED_STATUS_REPO_ID` | ID of the status credential repository | string | yes if `ENABLE_STATUS_ALLOCATION` is true and if `CRED_STATUS_SERVICE` = `gitlab` |
-| \* `CRED_STATUS_META_REPO_NAME` | name of the credential status metadata repository | string | yes if `ENABLE_STATUS_ALLOCATION` is true |
-| \* `CRED_STATUS_META_REPO_ID` | ID of the credential status metadata repository | string | yes if `ENABLE_STATUS_ALLOCATION` is true and if `CRED_STATUS_SERVICE` = `gitlab` |
-| `CRED_STATUS_ACCESS_TOKEN` | access token for the credential status repositories | string | yes if `ENABLE_STATUS_ALLOCATION` is true |
-| `CRED_STATUS_DID_SEED` | seed used to deterministically generate DID | string | yes if `ENABLE_STATUS_ALLOCATION` is true |
+| `CRED_STATUS_SERVICE` | name of the Git service used to manage credential status data | `github` \| `gitlab` | yes |
+| \* `CRED_STATUS_OWNER` | name of the owner account (personal or organization) in the Git service used to manage credential status data | string | yes |
+| \* `CRED_STATUS_REPO_NAME` | name of the status credential repository | string | yes |
+| \* `CRED_STATUS_REPO_ID` | ID of the status credential repository | string | yes if `CRED_STATUS_SERVICE` = `gitlab` |
+| \* `CRED_STATUS_META_REPO_NAME` | name of the credential status metadata repository | string | yes |
+| \* `CRED_STATUS_META_REPO_ID` | ID of the credential status metadata repository | string | yes if `CRED_STATUS_SERVICE` = `gitlab` |
+| `CRED_STATUS_ACCESS_TOKEN` | access token for the credential status repositories | string | yes |
+| `CRED_STATUS_DID_SEED` | seed used to deterministically generate DID | string | yes |
 | `PORT` | HTTP port on which to run the express app | number | no (default: `4008`) |
+| `ENABLE_ACCESS_LOGGING` | whether to enable access logging (see [Logging](#logging)) | boolean | no (default: `true`) |
 | `ERROR_LOG_FILE` | log file for all errors (see [Logging](#logging)) | string | no |
-| `LOG_ALL_FILE` | log file for everything (see [Logging](#logging)) | string | no |
+| `ALL_LOG_FILE` | log file for everything (see [Logging](#logging)) | string | no |
 | `CONSOLE_LOG_LEVEL` | console log level (see [Logging](#logging)) | `error` \| `warn`\| `info` \| `http` \| `verbose` \| `debug` \| `silly` | no (default: `silly`) |
 | `LOG_LEVEL` | log level for application (see [Logging](#logging)) | `error` \| `warn`\| `info` \| `http` \| `verbose` \| `debug` \| `silly` | no (default: `silly`) |
 
@@ -220,6 +223,8 @@ If you do ever want to work from the source code in the repository and build you
 
 ## Logging
 
+### Log Levels
+
 We support the following log levels:
 
 ```
@@ -260,12 +265,22 @@ There are also two log files that can be enabled:
 Enable each log by setting an env variable for each, indicating the path to the appropriate file, like this example:
 
 ```
-LOG_ALL_FILE=logs/all.log
 ERROR_LOG_FILE=logs/error.log
+ALL_LOG_FILE=logs/all.log
 ```
 
 If you don't set the path, the log is disabled.
 
+### Access Logging
+
+Finally, you can enable access logging to record each API request. Here is the format of each log entry:
+
+```
+:REMOTE_ADDRESS :HTTP_METHOD :URL :HTTP_STATUS :RESPONSE_CONTENT_LENGTH - :RESPONSE_TIME_MS
+```
+
+To enable access logging, set `ENABLE_ACCESS_LOGGING` to `true`.
+
 ## Development
 
 ### Installation
@@ -279,7 +294,7 @@ npm run dev
 
 ### Testing
 
-Testing uses `supertest`, `jest`, and `nock` to test the endpoints. To run tests:
+Testing uses `mocha` and `supertest` to test the endpoints. To run tests:
 
 ```npm run test```
 

diff --git a/src/app.js b/src/app.js
@@ -24,7 +24,7 @@ export async function build(opts = {}) {
   });
 
   // Get status credential
-  app.get('/:statusCredentialId', async (req, res, next) => {
+  app.get('/:statusCredentialId', async function (req, res, next) {
     const statusCredentialId = req.params.statusCredentialId;
     try {
       const statusCredential = await status.getStatusCredential(statusCredentialId);
@@ -45,7 +45,7 @@ export async function build(opts = {}) {
 
   // Allocate status
   app.post('/credentials/status/allocate',
-    async (req, res, next) => {
+    async function (req, res, next) {
       try {
         const vc = req.body;
         if (!vc || !Object.keys(vc).length) {
@@ -69,7 +69,7 @@ export async function build(opts = {}) {
   // The body will look like:
   // {credentialId: '23kdr', credentialStatus: [{type: 'StatusList2021Credential', status: 'revoked'}]}
   app.post('/credentials/status',
-    async (req, res, next) => {
+    async function (req, res, next) {
       try {
         const updateRequest = req.body;
         if (!updateRequest || !updateRequest.credentialId || !updateRequest.credentialStatus) {

diff --git a/src/config.js b/src/config.js
@@ -8,17 +8,40 @@ export function setConfig() {
   CONFIG = parseConfig();
 }
 
+function getBooleanValue(value) {
+  if (
+    value === true ||
+    value === 1 ||
+    value === 'true' ||
+    value === '1' ||
+    value === 'yes' ||
+    value === 'y'
+  ) {
+    return true;
+  } else if (
+    value === false ||
+    value === 0 ||
+    value === 'false' ||
+    value === '0' ||
+    value === 'no' ||
+    value === 'n'
+  ) {
+    return false;
+  }
+  return true;
+}
+
 function getGeneralEnvs() {
   const env = process.env;
   return {
-    enableHttpsForDev: env.ENABLE_HTTPS_FOR_DEV?.toLowerCase() === 'true',
     port: env.PORT ? parseInt(env.PORT) : defaultPort,
     credStatusService: env.CRED_STATUS_SERVICE,
     credStatusDidSeed: env.CRED_STATUS_DID_SEED,
     consoleLogLevel: env.CONSOLE_LOG_LEVEL?.toLocaleLowerCase() || defaultConsoleLogLevel,
     logLevel: env.LOG_LEVEL?.toLocaleLowerCase() || defaultLogLevel,
+    enableAccessLogging: getBooleanValue(env.ENABLE_ACCESS_LOGGING),
     errorLogFile: env.ERROR_LOG_FILE,
-    logAllFile: env.LOG_ALL_FILE
+    allLogFile: env.ALL_LOG_FILE
   };
 }
 

diff --git a/src/middleware/accessLogger.js b/src/middleware/accessLogger.js
@@ -11,7 +11,7 @@ const accessLogger = () => {
   // Change the boolean check in skip if
   // you want to do things like only log
   // when NODE_ENV=development
-  const skip = () => ! enableAccessLogging;
+  const skip = () => !enableAccessLogging;
   // morgan options. We override 'stream' to instead use winston,
   // and override 'skip' to disable logging if disabled in env
   const options = { stream, skip };

diff --git a/src/test-fixtures/.env.testing b/src/test-fixtures/.env.testing
@@ -7,7 +7,7 @@ CRED_STATUS_META_REPO_NAME=status-test-meta-three
 CRED_STATUS_ACCESS_TOKEN=
 CRED_STATUS_DID_SEED=z1AackbUm8U69ohKnihoRRFkXcXJd4Ra1PkAboQ2ZRy1ngB
 
-LOG_ALL_FILE=logs/all.log
 ERROR_LOG_FILE=logs/error.log
+ALL_LOG_FILE=logs/all.log
 CONSOLE_LOG_LEVEL=silly # default is silly, i.e. log everything - see the README for allowed levels
-LOG_LEVEL=silly # default is silly
+LOG_LEVEL=silly # default is silly
diff --git a/src/utils/logger.js b/src/utils/logger.js
@@ -1,7 +1,7 @@
 import winston from 'winston';
 import { getConfig } from '../config.js';
 
-const { errorLogFile, logAllFile, logLevel, consoleLogLevel } = getConfig();
+const { errorLogFile, allLogFile, logLevel, consoleLogLevel } = getConfig();
 /* 
 These are the default npm logging levels
 that Winston uses, but we include them explicitly
@@ -59,10 +59,10 @@ if (errorLogFile) {
   );
 }
 
-if (logAllFile) {
+if (allLogFile) {
   transports.push(
     new winston.transports.File({
-      filename: logAllFile
+      filename: allLogFile
     })
   );
 }