From 44661f24535ede93a6481ef8acd7d291a83b811c Mon Sep 17 00:00:00 2001 From: Kayode Ezike Date: Fri, 1 Mar 2024 19:17:35 -0500 Subject: [PATCH] adds ENABLE_ACCESS_LOGGING environment variable; renames LOG_ALL_FILE environment variable to ALL_LOG_FILE; removes ENABLE_STATUS_ALLOCATION environment variable; removes ENABLE_HTTPS_FOR_DEV environment variable --- .env.example | 3 ++- Dockerfile | 2 +- README.md | 39 +++++++++++++++++++++++----------- src/app.js | 6 +++--- src/config.js | 27 +++++++++++++++++++++-- src/middleware/accessLogger.js | 2 +- src/test-fixtures/.env.testing | 4 ++-- src/utils/logger.js | 6 +++--- 8 files changed, 64 insertions(+), 25 deletions(-) diff --git a/.env.example b/.env.example index c935eff..daa1be1 100644 --- a/.env.example +++ b/.env.example @@ -4,8 +4,9 @@ CRED_STATUS_SERVICE=github CRED_STATUS_DID_SEED=z1AackbUm8U69ohKnihoRRFkXcXJd4Ra1PkAboQ2ZRy1ngB PORT=4008 # default port is 4008 -LOG_ALL_FILE=logs/all.log +ENABLE_ACCESS_LOGGING=true ERROR_LOG_FILE=logs/error.log +ALL_LOG_FILE=logs/all.log CONSOLE_LOG_LEVEL=silly # default is silly, i.e. log everything - see the README for allowed levels LOG_LEVEL=silly # default is silly diff --git a/Dockerfile b/Dockerfile index febe9f0..c095880 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,4 +3,4 @@ WORKDIR /app COPY . . RUN npm install CMD ["node", "server.js"] -EXPOSE 4008 \ No newline at end of file +EXPOSE 4008 diff --git a/README.md b/README.md index 5de7b6c..35a1dd2 100644 --- a/README.md +++ b/README.md @@ -11,10 +11,12 @@ IMPORTANT NOTE ABOUT VERSIONING: If you are using a Docker Hub image of this rep - [Signing Key](#signing-key) - [DID Registries](#did-registries) - [Usage](#usage) - - [Allocate a status position](#allocate-status-position) + - [Allocate Status Position](#allocate-status-position) - [Revoke](#revoke) - [Versioning](#versioning) - [Logging](#logging) + - [Log Levels](#log-levels) + - [Access Logging](#access-logging) - [Development](#development) - [Testing](#testing) - [Contribute](#contribute) @@ -37,17 +39,18 @@ This service provides support for managing credential status in a variety of Git | Key | Description | Type | Required | | --- | --- | --- | --- | -| `CRED_STATUS_SERVICE` | name of the Git service used to manage credential status data | `github` \| `gitlab` | yes if `ENABLE_STATUS_ALLOCATION` is true | -| \* `CRED_STATUS_OWNER` | name of the owner account (personal or organization) in the Git service used to manage credential status data | string | yes if `ENABLE_STATUS_ALLOCATION` is true | -| \* `CRED_STATUS_REPO_NAME` | name of the status credential repository | string | yes if `ENABLE_STATUS_ALLOCATION` is true | -| \* `CRED_STATUS_REPO_ID` | ID of the status credential repository | string | yes if `ENABLE_STATUS_ALLOCATION` is true and if `CRED_STATUS_SERVICE` = `gitlab` | -| \* `CRED_STATUS_META_REPO_NAME` | name of the credential status metadata repository | string | yes if `ENABLE_STATUS_ALLOCATION` is true | -| \* `CRED_STATUS_META_REPO_ID` | ID of the credential status metadata repository | string | yes if `ENABLE_STATUS_ALLOCATION` is true and if `CRED_STATUS_SERVICE` = `gitlab` | -| `CRED_STATUS_ACCESS_TOKEN` | access token for the credential status repositories | string | yes if `ENABLE_STATUS_ALLOCATION` is true | -| `CRED_STATUS_DID_SEED` | seed used to deterministically generate DID | string | yes if `ENABLE_STATUS_ALLOCATION` is true | +| `CRED_STATUS_SERVICE` | name of the Git service used to manage credential status data | `github` \| `gitlab` | yes | +| \* `CRED_STATUS_OWNER` | name of the owner account (personal or organization) in the Git service used to manage credential status data | string | yes | +| \* `CRED_STATUS_REPO_NAME` | name of the status credential repository | string | yes | +| \* `CRED_STATUS_REPO_ID` | ID of the status credential repository | string | yes if `CRED_STATUS_SERVICE` = `gitlab` | +| \* `CRED_STATUS_META_REPO_NAME` | name of the credential status metadata repository | string | yes | +| \* `CRED_STATUS_META_REPO_ID` | ID of the credential status metadata repository | string | yes if `CRED_STATUS_SERVICE` = `gitlab` | +| `CRED_STATUS_ACCESS_TOKEN` | access token for the credential status repositories | string | yes | +| `CRED_STATUS_DID_SEED` | seed used to deterministically generate DID | string | yes | | `PORT` | HTTP port on which to run the express app | number | no (default: `4008`) | +| `ENABLE_ACCESS_LOGGING` | whether to enable access logging (see [Logging](#logging)) | boolean | no (default: `true`) | | `ERROR_LOG_FILE` | log file for all errors (see [Logging](#logging)) | string | no | -| `LOG_ALL_FILE` | log file for everything (see [Logging](#logging)) | string | no | +| `ALL_LOG_FILE` | log file for everything (see [Logging](#logging)) | string | no | | `CONSOLE_LOG_LEVEL` | console log level (see [Logging](#logging)) | `error` \| `warn`\| `info` \| `http` \| `verbose` \| `debug` \| `silly` | no (default: `silly`) | | `LOG_LEVEL` | log level for application (see [Logging](#logging)) | `error` \| `warn`\| `info` \| `http` \| `verbose` \| `debug` \| `silly` | no (default: `silly`) | @@ -220,6 +223,8 @@ If you do ever want to work from the source code in the repository and build you ## Logging +### Log Levels + We support the following log levels: ``` @@ -260,12 +265,22 @@ There are also two log files that can be enabled: Enable each log by setting an env variable for each, indicating the path to the appropriate file, like this example: ``` -LOG_ALL_FILE=logs/all.log ERROR_LOG_FILE=logs/error.log +ALL_LOG_FILE=logs/all.log ``` If you don't set the path, the log is disabled. +### Access Logging + +Finally, you can enable access logging to record each API request. Here is the format of each log entry: + +``` +:REMOTE_ADDRESS :HTTP_METHOD :URL :HTTP_STATUS :RESPONSE_CONTENT_LENGTH - :RESPONSE_TIME_MS +``` + +To enable access logging, set `ENABLE_ACCESS_LOGGING` to `true`. + ## Development ### Installation @@ -279,7 +294,7 @@ npm run dev ### Testing -Testing uses `supertest`, `jest`, and `nock` to test the endpoints. To run tests: +Testing uses `mocha` and `supertest` to test the endpoints. To run tests: ```npm run test``` diff --git a/src/app.js b/src/app.js index 4899062..5499e8e 100644 --- a/src/app.js +++ b/src/app.js @@ -24,7 +24,7 @@ export async function build(opts = {}) { }); // Get status credential - app.get('/:statusCredentialId', async (req, res, next) => { + app.get('/:statusCredentialId', async function (req, res, next) { const statusCredentialId = req.params.statusCredentialId; try { const statusCredential = await status.getStatusCredential(statusCredentialId); @@ -45,7 +45,7 @@ export async function build(opts = {}) { // Allocate status app.post('/credentials/status/allocate', - async (req, res, next) => { + async function (req, res, next) { try { const vc = req.body; if (!vc || !Object.keys(vc).length) { @@ -69,7 +69,7 @@ export async function build(opts = {}) { // The body will look like: // {credentialId: '23kdr', credentialStatus: [{type: 'StatusList2021Credential', status: 'revoked'}]} app.post('/credentials/status', - async (req, res, next) => { + async function (req, res, next) { try { const updateRequest = req.body; if (!updateRequest || !updateRequest.credentialId || !updateRequest.credentialStatus) { diff --git a/src/config.js b/src/config.js index 8b81caf..bc34fc1 100644 --- a/src/config.js +++ b/src/config.js @@ -8,17 +8,40 @@ export function setConfig() { CONFIG = parseConfig(); } +function getBooleanValue(value) { + if ( + value === true || + value === 1 || + value === 'true' || + value === '1' || + value === 'yes' || + value === 'y' + ) { + return true; + } else if ( + value === false || + value === 0 || + value === 'false' || + value === '0' || + value === 'no' || + value === 'n' + ) { + return false; + } + return true; +} + function getGeneralEnvs() { const env = process.env; return { - enableHttpsForDev: env.ENABLE_HTTPS_FOR_DEV?.toLowerCase() === 'true', port: env.PORT ? parseInt(env.PORT) : defaultPort, credStatusService: env.CRED_STATUS_SERVICE, credStatusDidSeed: env.CRED_STATUS_DID_SEED, consoleLogLevel: env.CONSOLE_LOG_LEVEL?.toLocaleLowerCase() || defaultConsoleLogLevel, logLevel: env.LOG_LEVEL?.toLocaleLowerCase() || defaultLogLevel, + enableAccessLogging: getBooleanValue(env.ENABLE_ACCESS_LOGGING), errorLogFile: env.ERROR_LOG_FILE, - logAllFile: env.LOG_ALL_FILE + allLogFile: env.ALL_LOG_FILE }; } diff --git a/src/middleware/accessLogger.js b/src/middleware/accessLogger.js index 25915f0..e0557b6 100644 --- a/src/middleware/accessLogger.js +++ b/src/middleware/accessLogger.js @@ -11,7 +11,7 @@ const accessLogger = () => { // Change the boolean check in skip if // you want to do things like only log // when NODE_ENV=development - const skip = () => ! enableAccessLogging; + const skip = () => !enableAccessLogging; // morgan options. We override 'stream' to instead use winston, // and override 'skip' to disable logging if disabled in env const options = { stream, skip }; diff --git a/src/test-fixtures/.env.testing b/src/test-fixtures/.env.testing index dcbb6a3..2d72c57 100644 --- a/src/test-fixtures/.env.testing +++ b/src/test-fixtures/.env.testing @@ -7,7 +7,7 @@ CRED_STATUS_META_REPO_NAME=status-test-meta-three CRED_STATUS_ACCESS_TOKEN= CRED_STATUS_DID_SEED=z1AackbUm8U69ohKnihoRRFkXcXJd4Ra1PkAboQ2ZRy1ngB -LOG_ALL_FILE=logs/all.log ERROR_LOG_FILE=logs/error.log +ALL_LOG_FILE=logs/all.log CONSOLE_LOG_LEVEL=silly # default is silly, i.e. log everything - see the README for allowed levels -LOG_LEVEL=silly # default is silly \ No newline at end of file +LOG_LEVEL=silly # default is silly diff --git a/src/utils/logger.js b/src/utils/logger.js index 60f318a..586a3d7 100644 --- a/src/utils/logger.js +++ b/src/utils/logger.js @@ -1,7 +1,7 @@ import winston from 'winston'; import { getConfig } from '../config.js'; -const { errorLogFile, logAllFile, logLevel, consoleLogLevel } = getConfig(); +const { errorLogFile, allLogFile, logLevel, consoleLogLevel } = getConfig(); /* These are the default npm logging levels that Winston uses, but we include them explicitly @@ -59,10 +59,10 @@ if (errorLogFile) { ); } -if (logAllFile) { +if (allLogFile) { transports.push( new winston.transports.File({ - filename: logAllFile + filename: allLogFile }) ); }