@vafast/request-logger 0.4.3 → 0.4.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -11
- package/dist/index.d.mts +0 -2
- package/dist/index.d.mts.map +1 -1
- package/dist/index.mjs +2 -13
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -41,19 +41,10 @@ server.use(requestLogger({
|
|
|
41
41
|
| `sanitize` | `SanitizeConfig` | 否 | - | 敏感数据清洗配置 |
|
|
42
42
|
| `onError` | `(err, ctx) => void` | 否 | 内置智能处理 | 错误回调,`ctx.droppedCount` 为被节流忽略的错误数 |
|
|
43
43
|
| `enabled` | `boolean` | 否 | `true` | 是否启用 |
|
|
44
|
-
| `excludePaths` | `(string \| RegExp)[]` | 否 | `[]` |
|
|
45
|
-
| `useDefaultExcludePaths` | `boolean` | 否 | `true` | 是否使用默认排除路径 |
|
|
44
|
+
| `excludePaths` | `(string \| RegExp)[]` | 否 | `[]` | 排除的路径列表(精确匹配或正则) |
|
|
46
45
|
| `sampleRate` | `number` | 否 | `1` | 日志采样率 (0-1),1 = 全部,0.1 = 10% |
|
|
47
46
|
| `requestIdHeader` | `string` | 否 | `'x-request-id'` | Request ID 的 header 名称 |
|
|
48
47
|
|
|
49
|
-
### 默认排除路径
|
|
50
|
-
|
|
51
|
-
以下路径默认不记录日志(可通过 `useDefaultExcludePaths: false` 关闭):
|
|
52
|
-
|
|
53
|
-
```
|
|
54
|
-
/health, /healthz, /ready, /readiness, /liveness, /metrics, /favicon.ico
|
|
55
|
-
```
|
|
56
|
-
|
|
57
48
|
### 熔断器配置 (Circuit Breaker)
|
|
58
49
|
|
|
59
50
|
当日志服务不可用时,避免无谓的超时等待。
|
|
@@ -288,7 +279,6 @@ requestLogger({
|
|
|
288
279
|
- **智能日志级别**:根据状态码自动设置 INFO/WARN/ERROR
|
|
289
280
|
- **熔断器**:日志服务故障时自动熔断,避免雪崩
|
|
290
281
|
- **错误节流**:相同错误不刷屏,带统计计数
|
|
291
|
-
- **默认排除健康检查**:`/health`、`/metrics` 等路径默认不记录
|
|
292
282
|
- **路径排除**:支持精确匹配、前缀匹配、正则匹配
|
|
293
283
|
- **日志采样**:高流量场景下只记录部分请求
|
|
294
284
|
- **客户端 IP 提取**:自动从 X-Forwarded-For 等获取真实 IP
|
package/dist/index.d.mts
CHANGED
|
@@ -110,8 +110,6 @@ interface RequestLoggerOptions {
|
|
|
110
110
|
enabled?: boolean;
|
|
111
111
|
/** 排除的路径列表(精确匹配或正则),这些路径不记录日志 */
|
|
112
112
|
excludePaths?: (string | RegExp)[];
|
|
113
|
-
/** 是否使用默认排除路径(/health, /metrics 等)@default true */
|
|
114
|
-
useDefaultExcludePaths?: boolean;
|
|
115
113
|
/** 熔断器配置 */
|
|
116
114
|
circuitBreaker?: CircuitBreakerConfig;
|
|
117
115
|
/** 错误节流配置 */
|
package/dist/index.d.mts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.mts","names":[],"sources":["../src/sanitize.ts","../src/index.ts"],"sourcesContent":[],"mappings":";;;;;;;AAQA;AA+DA;AAAkC,UA/DjB,cAAA,CA+DiB;EAAY;EAA4B,YAAA,CAAA,EAAA,MAAA,EAAA;EAAC;EA+D3D,UAAA,CAAA,EAAA,MAAe,EAAA;EACpB;EACA,WAAA,CAAA,EAAA,MAAA;EACR;EAAM,QAAA,CAAA,EAAA,MAAA;;;;AC7GT;;;;;AAoBA;AAGA;AAMA;AAQiB,iBDMD,QCNoB,CAAA,CAAA,CAAA,CAAA,IAAA,EDMF,CCNE,EAAA,MAAA,CAAA,EDMU,cCNV,EAAA,KAAA,CAAA,EAAA,MAAA,CAAA,EDMsC,CCNtC;AAMpC;
|
|
1
|
+
{"version":3,"file":"index.d.mts","names":[],"sources":["../src/sanitize.ts","../src/index.ts"],"sourcesContent":[],"mappings":";;;;;;;AAQA;AA+DA;AAAkC,UA/DjB,cAAA,CA+DiB;EAAY;EAA4B,YAAA,CAAA,EAAA,MAAA,EAAA;EAAC;EA+D3D,UAAA,CAAA,EAAA,MAAe,EAAA;EACpB;EACA,WAAA,CAAA,EAAA,MAAA;EACR;EAAM,QAAA,CAAA,EAAA,MAAA;;;;AC7GT;;;;;AAoBA;AAGA;AAMA;AAQiB,iBDMD,QCNoB,CAAA,CAAA,CAAA,CAAA,IAAA,EDMF,CCNE,EAAA,MAAA,CAAA,EDMU,cCNV,EAAA,KAAA,CAAA,EAAA,MAAA,CAAA,EDMsC,CCNtC;AAMpC;AAaA;;;;;;;;;AAuJgB,iBDrGA,eAAA,CCqGuB,OAAA,EDpG5B,MCoGgD,CAAA,MAAA,EAAA,MAAA,CAAA,EAAA,MAAA,CAAA,EDnGhD,cCmGgD,CAAA,EDlGxD,MCkGwD,CAAA,MAAA,EAAA,MAAA,CAAA;;;;UA/M1C,WAAA;EDpBA,MAAA,EAAA,MAAA;EA+DD,GAAA,EAAA,MAAQ;EAAU,IAAA,EAAA,MAAA;EAAY,OAAA,ECvCnC,MDuCmC,CAAA,MAAA,EAAA,MAAA,CAAA;EAA4B,IAAA,EAAA,OAAA;EAAC,KAAA,ECrClE,MDqCkE,CAAA,MAAA,EAAA,MAAA,CAAA;EA+D3D,MAAA,EAAA,MAAA;EACL,QAAA,EAAA,MAAA;EACA,MAAA,CAAA,EAAA,MAAA;EACR,KAAA,CAAA,EAAA,MAAA;EAAM,QAAA,CAAA,EAAA,MAAA;;;;EC7GQ,OAAA,CAAA,EAAA,MAAW;EAIjB,SAAA,EAYE,IAZF;;;AAYM,KAIL,YAAA,GAJK,OAAA;AAIjB;AAGiB,UAAA,OAAA,CACN;EAKM,OAAA,EALN,WAKM;EAQA,QAAA,EAZL,YAYwB;AAMpC;AAaA;AAMY,UAjCK,oBAAA,CAiCL;EAIC;EAEO,gBAAA,CAAA,EAAA,MAAA;EAIO;EAER,YAAA,CAAA,EAAA,MAAA;;;AAII,UAzCN,mBAAA,CAyCM;EAiIP;EAsDH,QAAA,CAAA,EAAA,MAAA;;;UA1NI,YAAA;;;;;;;;;;;UAaA,oBAAA;;;;;;YAML;;;;aAIC;;oBAEO;;;;;;2BAIO;;mBAER;;kBAED;;WAEP;;;;;;;;;;;;;;;;;;;;iBAiIK,aAAA,UAAuB,uBAAoB,OAAA,CAAA;;cAsD9C,4BAAmB"}
|
package/dist/index.mjs
CHANGED
|
@@ -126,16 +126,6 @@ function sanitizeHeaders(headers, config) {
|
|
|
126
126
|
* }))
|
|
127
127
|
* ```
|
|
128
128
|
*/
|
|
129
|
-
/** 默认排除的路径(健康检查等) */
|
|
130
|
-
const DEFAULT_EXCLUDE_PATHS = [
|
|
131
|
-
"/health",
|
|
132
|
-
"/healthz",
|
|
133
|
-
"/ready",
|
|
134
|
-
"/readiness",
|
|
135
|
-
"/liveness",
|
|
136
|
-
"/metrics",
|
|
137
|
-
"/favicon.ico"
|
|
138
|
-
];
|
|
139
129
|
var CircuitBreaker = class {
|
|
140
130
|
state = "closed";
|
|
141
131
|
failureCount = 0;
|
|
@@ -236,8 +226,7 @@ function defaultOnError(error, context) {
|
|
|
236
226
|
* ```
|
|
237
227
|
*/
|
|
238
228
|
function requestLogger(options) {
|
|
239
|
-
const { url, service, headers = {}, timeout = 5e3, sanitize: sanitizeConfig, onError = defaultOnError, enabled = true, excludePaths = [],
|
|
240
|
-
const allExcludePaths = useDefaultExcludePaths ? [...DEFAULT_EXCLUDE_PATHS, ...excludePaths] : excludePaths;
|
|
229
|
+
const { url, service, headers = {}, timeout = 5e3, sanitize: sanitizeConfig, onError = defaultOnError, enabled = true, excludePaths = [], circuitBreaker: circuitBreakerConfig, errorThrottle: errorThrottleConfig, stdout: stdoutConfig, sampleRate = 1, requestIdHeader = "x-request-id" } = options;
|
|
241
230
|
const circuitBreaker = new CircuitBreaker(circuitBreakerConfig);
|
|
242
231
|
const errorThrottle = new ErrorThrottle(errorThrottleConfig);
|
|
243
232
|
return defineMiddleware(async (req, next) => {
|
|
@@ -252,7 +241,7 @@ function requestLogger(options) {
|
|
|
252
241
|
timeout,
|
|
253
242
|
sanitizeConfig,
|
|
254
243
|
onError,
|
|
255
|
-
excludePaths
|
|
244
|
+
excludePaths,
|
|
256
245
|
circuitBreaker,
|
|
257
246
|
errorThrottle,
|
|
258
247
|
stdoutConfig,
|
package/dist/index.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.mjs","names":[],"sources":["../src/sanitize.ts","../src/index.ts"],"sourcesContent":["/**\n * 敏感数据清洗工具\n * \n * 用于在记录日志前移除或脱敏敏感信息\n */\n\n// ============ Types ============\n\nexport interface SanitizeConfig {\n /** 需要完全移除的字段(小写) */\n removeFields?: string[]\n /** 需要脱敏的字段(小写,部分匹配) */\n maskFields?: string[]\n /** 脱敏占位符 @default '[REDACTED]' */\n placeholder?: string\n /** 最大递归深度 @default 10 */\n maxDepth?: number\n}\n\n// ============ Default Config ============\n\n/** 默认需要完全移除的敏感字段 */\nconst DEFAULT_REMOVE_FIELDS = [\n 'password',\n 'newpassword',\n 'oldpassword',\n 'confirmpassword',\n 'secret',\n 'secretkey',\n 'privatekey',\n 'apisecret',\n 'clientsecret',\n]\n\n/** 默认需要脱敏的字段(保留部分信息) */\nconst DEFAULT_MASK_FIELDS = [\n 'token',\n 'accesstoken',\n 'refreshtoken',\n 'authorization',\n 'apikey',\n 'api_key',\n 'x-api-key',\n 'idtoken',\n 'sessiontoken',\n 'bearer',\n]\n\nconst DEFAULT_PLACEHOLDER = '[REDACTED]'\nconst DEFAULT_MAX_DEPTH = 10\n\n// ============ Sanitize Functions ============\n\n/**\n * 部分脱敏(保留前4后4位)\n */\nfunction partialMask(value: string, placeholder: string): string {\n if (value.length <= 8) return placeholder\n return value.slice(0, 4) + '****' + value.slice(-4)\n}\n\n/**\n * 深度清洗对象中的敏感数据\n * \n * @example\n * ```typescript\n * const data = { password: '123456', token: 'eyJhbG...' }\n * const sanitized = sanitize(data)\n * // { password: '[REDACTED]', token: 'eyJh****...' }\n * ```\n */\nexport function sanitize<T>(data: T, config?: SanitizeConfig, depth = 0): T {\n const {\n removeFields = DEFAULT_REMOVE_FIELDS,\n maskFields = DEFAULT_MASK_FIELDS,\n placeholder = DEFAULT_PLACEHOLDER,\n maxDepth = DEFAULT_MAX_DEPTH,\n } = config ?? {}\n\n // 防止无限递归\n if (depth > maxDepth) return data\n \n if (data === null || data === undefined) {\n return data\n }\n\n // 处理数组\n if (Array.isArray(data)) {\n return data.map(item => sanitize(item, config, depth + 1)) as T\n }\n\n // 处理对象\n if (typeof data === 'object') {\n const result: Record<string, unknown> = {}\n \n for (const [key, value] of Object.entries(data)) {\n const lowerKey = key.toLowerCase()\n \n // 完全移除的字段\n if (removeFields.some(field => lowerKey === field)) {\n result[key] = placeholder\n continue\n }\n \n // 部分脱敏的字段\n if (maskFields.some(field => lowerKey.includes(field))) {\n if (typeof value === 'string') {\n result[key] = partialMask(value, placeholder)\n } else {\n result[key] = placeholder\n }\n continue\n }\n \n // 递归处理嵌套对象\n result[key] = sanitize(value, config, depth + 1)\n }\n \n return result as T\n }\n\n return data\n}\n\n/**\n * 清洗 HTTP 请求头\n * \n * @example\n * ```typescript\n * const headers = { Authorization: 'Bearer eyJhbG...', Cookie: 'session=xxx' }\n * const sanitized = sanitizeHeaders(headers)\n * // { Authorization: 'Bearer eyJh****...', Cookie: '[REDACTED]' }\n * ```\n */\nexport function sanitizeHeaders(\n headers: Record<string, string>,\n config?: SanitizeConfig\n): Record<string, string> {\n const {\n maskFields = DEFAULT_MASK_FIELDS,\n placeholder = DEFAULT_PLACEHOLDER,\n } = config ?? {}\n\n const result: Record<string, string> = {}\n \n for (const [key, value] of Object.entries(headers)) {\n const lowerKey = key.toLowerCase()\n \n // Authorization 头部分脱敏\n if (lowerKey === 'authorization') {\n if (value.startsWith('Bearer ')) {\n result[key] = 'Bearer ' + partialMask(value.slice(7), placeholder)\n } else {\n result[key] = partialMask(value, placeholder)\n }\n continue\n }\n \n // Cookie 完全脱敏\n if (lowerKey === 'cookie' || lowerKey === 'set-cookie') {\n result[key] = placeholder\n continue\n }\n \n // API Key 相关头脱敏\n if (maskFields.some(field => lowerKey.includes(field))) {\n result[key] = partialMask(value, placeholder)\n continue\n }\n \n result[key] = value\n }\n \n return result\n}\n\n/**\n * 检查值是否为敏感字段\n */\nexport function isSensitiveField(fieldName: string, config?: SanitizeConfig): boolean {\n const {\n removeFields = DEFAULT_REMOVE_FIELDS,\n maskFields = DEFAULT_MASK_FIELDS,\n } = config ?? {}\n\n const lowerName = fieldName.toLowerCase()\n \n return (\n removeFields.some(field => lowerName === field) ||\n maskFields.some(field => lowerName.includes(field))\n )\n}\n\n","/**\n * @vafast/request-logger - API 请求日志中间件\n *\n * 特性:\n * - 自动敏感数据脱敏\n * - HTTP 远程日志服务\n * - 异步非阻塞记录\n * - 路由级别日志控制(路由定义中设置 log: false)\n * - 熔断器:连续失败后暂停上报,避免无谓等待\n * - 错误节流:同类错误在一段时间内只打一次日志\n *\n * @example\n * ```typescript\n * import { requestLogger } from '@vafast/request-logger'\n *\n * server.use(requestLogger({\n * url: 'http://log-server:9005/api/logs/ingest',\n * service: 'auth-server',\n * getUserId: (req) => req.__locals?.userInfo?.id,\n * }))\n * ```\n */\nimport { defineMiddleware, getRoute } from 'vafast'\nimport { sanitize, sanitizeHeaders, type SanitizeConfig } from './sanitize'\n\n// ============ Types ============\n\n/** 请求信息 */\nexport interface RequestData {\n method: string\n url: string\n path: string\n headers: Record<string, string>\n body: unknown\n query: Record<string, string>\n status: number\n duration: number\n userId?: string\n appId?: string\n authType?: string\n service?: string\n ip?: string\n userAgent?: string\n traceId?: string\n createdAt: Date\n}\n\n/** 响应数据(完整响应体) */\nexport type ResponseData = unknown\n\n/** 完整日志数据 */\nexport interface LogData {\n request: RequestData\n response: ResponseData\n}\n\n/** 熔断器配置 */\nexport interface CircuitBreakerConfig {\n /** 触发熔断的连续失败次数,默认 5 */\n failureThreshold?: number\n /** 熔断恢复时间(毫秒),默认 60000(1分钟) */\n resetTimeout?: number\n}\n\n/** 错误节流配置 */\nexport interface ErrorThrottleConfig {\n /** 同类错误的节流间隔(毫秒),默认 60000(1分钟) */\n interval?: number\n}\n\n/** stdout 双写配置 */\nexport interface StdoutConfig {\n /** 是否启用 stdout 输出 @default true */\n enabled?: boolean\n /** 输出格式 @default 'json' */\n format?: 'json' | 'text'\n /** 是否包含请求体 @default true */\n includeBody?: boolean\n /** 是否包含响应体(可能很大)@default false */\n includeResponse?: boolean\n}\n\n/** 默认排除的路径(健康检查等) */\nconst DEFAULT_EXCLUDE_PATHS = [\n '/health',\n '/healthz',\n '/ready',\n '/readiness',\n '/liveness',\n '/metrics',\n '/favicon.ico',\n]\n\n/** 请求日志配置 */\nexport interface RequestLoggerOptions {\n /** 日志服务 URL */\n url: string\n /** 服务标识(如 auth-server、ones-server) */\n service: string\n /** 自定义请求头(如认证信息) */\n headers?: Record<string, string>\n /** 超时时间(毫秒),默认 5000 */\n timeout?: number\n /** 敏感数据清洗配置 */\n sanitize?: SanitizeConfig\n /** 错误回调 */\n onError?: (error: Error, context: { droppedCount: number }) => void\n /** 是否启用 @default true */\n enabled?: boolean\n /** 排除的路径列表(精确匹配或正则),这些路径不记录日志 */\n excludePaths?: (string | RegExp)[]\n /** 是否使用默认排除路径(/health, /metrics 等)@default true */\n useDefaultExcludePaths?: boolean\n /** 熔断器配置 */\n circuitBreaker?: CircuitBreakerConfig\n /** 错误节流配置 */\n errorThrottle?: ErrorThrottleConfig\n /** stdout 双写配置(用于 K8s 日志采集) */\n stdout?: StdoutConfig\n /** 日志采样率 (0-1),1 表示记录所有请求,0.1 表示只记录 10% @default 1 */\n sampleRate?: number\n /** 请求 ID 的 header 名称,用于分布式追踪 @default 'x-request-id' */\n requestIdHeader?: string\n}\n\n// ============ Circuit Breaker ============\n\ntype CircuitState = 'closed' | 'open' | 'half-open'\n\nclass CircuitBreaker {\n private state: CircuitState = 'closed'\n private failureCount = 0\n private lastFailureTime = 0\n private readonly failureThreshold: number\n private readonly resetTimeout: number\n\n constructor(config: CircuitBreakerConfig = {}) {\n this.failureThreshold = config.failureThreshold ?? 5\n this.resetTimeout = config.resetTimeout ?? 60000\n }\n\n /** 检查是否允许请求 */\n canRequest(): boolean {\n if (this.state === 'closed') return true\n\n if (this.state === 'open') {\n // 检查是否到了恢复时间\n if (Date.now() - this.lastFailureTime >= this.resetTimeout) {\n this.state = 'half-open'\n return true\n }\n return false\n }\n\n // half-open 状态允许一个请求通过测试\n return true\n }\n\n /** 记录成功 */\n recordSuccess(): void {\n this.failureCount = 0\n this.state = 'closed'\n }\n\n /** 记录失败 */\n recordFailure(): void {\n this.failureCount++\n this.lastFailureTime = Date.now()\n\n if (this.failureCount >= this.failureThreshold) {\n this.state = 'open'\n }\n }\n\n /** 获取当前状态信息 */\n getStatus(): { state: CircuitState; failureCount: number } {\n return { state: this.state, failureCount: this.failureCount }\n }\n}\n\n// ============ Error Throttle ============\n\nclass ErrorThrottle {\n private lastErrorTime = 0\n private droppedCount = 0\n private readonly interval: number\n\n constructor(config: ErrorThrottleConfig = {}) {\n this.interval = config.interval ?? 60000\n }\n\n /** 检查是否应该打印错误,返回 { shouldLog, droppedCount } */\n shouldLog(): { shouldLog: boolean; droppedCount: number } {\n const now = Date.now()\n\n if (now - this.lastErrorTime >= this.interval) {\n const dropped = this.droppedCount\n this.lastErrorTime = now\n this.droppedCount = 0\n return { shouldLog: true, droppedCount: dropped }\n }\n\n this.droppedCount++\n return { shouldLog: false, droppedCount: 0 }\n }\n}\n\n// ============ Default Error Handler ============\n\n/**\n * 默认错误处理函数\n * - 输出结构化 JSON 到 stdout(K8s 友好)\n * - 使用 warn 级别(level: 40)\n * - 包含 droppedCount 信息\n */\nfunction defaultOnError(error: Error, context: { droppedCount: number }): void {\n const { droppedCount } = context\n const log = {\n level: 40, // warn\n time: Date.now(),\n errorName: error.name,\n errorMessage: error.message,\n droppedCount,\n msg:\n droppedCount > 0\n ? `request-logger 上报失败 (已忽略 ${droppedCount} 条相同错误)`\n : 'request-logger 上报失败',\n }\n console.log(JSON.stringify(log))\n}\n\n// ============ Middleware ============\n\n/**\n * 请求日志中间件\n *\n * @example\n * ```typescript\n * import { requestLogger } from '@vafast/request-logger'\n *\n * server.use(requestLogger({\n * url: 'http://log-server:9005/api/logs/ingest',\n * service: 'auth-server',\n * auth: { apiKeyId: 'xxx', apiKeySecret: 'yyy' },\n * }))\n * ```\n */\nexport function requestLogger(options: RequestLoggerOptions) {\n const {\n url,\n service,\n headers = {},\n timeout = 5000,\n sanitize: sanitizeConfig,\n onError = defaultOnError,\n enabled = true,\n excludePaths = [],\n useDefaultExcludePaths = true,\n circuitBreaker: circuitBreakerConfig,\n errorThrottle: errorThrottleConfig,\n stdout: stdoutConfig,\n sampleRate = 1,\n requestIdHeader = 'x-request-id',\n } = options\n\n // 合并默认排除路径\n const allExcludePaths = useDefaultExcludePaths\n ? [...DEFAULT_EXCLUDE_PATHS, ...excludePaths]\n : excludePaths\n\n // 创建熔断器和错误节流器实例\n const circuitBreaker = new CircuitBreaker(circuitBreakerConfig)\n const errorThrottle = new ErrorThrottle(errorThrottleConfig)\n\n return defineMiddleware(async (req, next) => {\n if (!enabled) return next()\n\n const startTime = Date.now()\n const response = await next()\n\n // 日志采样:随机跳过部分请求\n if (sampleRate < 1 && Math.random() > sampleRate) {\n return response\n }\n\n // 异步记录日志,不阻塞响应\n recordLog(req, response, startTime, {\n url,\n service,\n headers,\n timeout,\n sanitizeConfig,\n onError,\n excludePaths: allExcludePaths,\n circuitBreaker,\n errorThrottle,\n stdoutConfig,\n requestIdHeader,\n }).catch(() => {\n // 错误已在 recordLog 内部处理,这里静默忽略\n })\n\n return response\n })\n}\n\n/** @deprecated 使用 requestLogger 代替 */\nexport const createRequestLogger = requestLogger\n\n// ============ Internal ============\n\ninterface RecordLogOptions {\n url: string\n service: string\n headers: Record<string, string>\n timeout: number\n sanitizeConfig?: SanitizeConfig\n onError: (error: Error, context: { droppedCount: number }) => void\n excludePaths: (string | RegExp)[]\n circuitBreaker: CircuitBreaker\n errorThrottle: ErrorThrottle\n stdoutConfig?: StdoutConfig\n requestIdHeader: string\n}\n\n/** 检查路由是否配置了 log: false */\nfunction shouldSkipLog(method: string, path: string): boolean {\n try {\n const route = getRoute<{ log?: boolean }>(method, path)\n return route?.log === false\n } catch {\n return false\n }\n}\n\n/** 检查路径是否在排除列表中 */\nfunction isPathExcluded(\n path: string,\n excludePaths: (string | RegExp)[]\n): boolean {\n return excludePaths.some((pattern) => {\n if (typeof pattern === 'string') {\n return path === pattern || path.startsWith(pattern + '/')\n }\n return pattern.test(path)\n })\n}\n\n/** 带超时的 fetch */\nasync function fetchWithTimeout(\n targetUrl: string,\n options: RequestInit,\n timeout: number\n): Promise<Response> {\n const controller = new AbortController()\n const timeoutId = setTimeout(() => controller.abort(), timeout)\n\n try {\n return await fetch(targetUrl, { ...options, signal: controller.signal })\n } finally {\n clearTimeout(timeoutId)\n }\n}\n\n/** 从请求中提取客户端 IP */\nfunction getClientIp(req: Request): string | undefined {\n // 按优先级尝试获取真实 IP\n const forwarded = req.headers.get('x-forwarded-for')\n if (forwarded) {\n // X-Forwarded-For 可能包含多个 IP,第一个是客户端真实 IP\n return forwarded.split(',')[0].trim()\n }\n return (\n req.headers.get('x-real-ip') ??\n req.headers.get('cf-connecting-ip') ?? // Cloudflare\n req.headers.get('true-client-ip') ?? // Akamai\n undefined\n )\n}\n\n/** 从请求中提取 Request ID */\nfunction getRequestId(req: Request, headerName: string): string | undefined {\n // 优先从 req.id 获取(如果使用了 @vafast/request-id 中间件)\n const reqWithId = req as Request & { id?: string }\n if (reqWithId.id) {\n return reqWithId.id\n }\n // 否则从 header 获取\n return req.headers.get(headerName) ?? undefined\n}\n\n/** 根据状态码获取日志级别 */\nfunction getLogLevel(status: number): number {\n if (status >= 500) return 50 // ERROR\n if (status >= 400) return 40 // WARN\n return 30 // INFO\n}\n\nasync function recordLog(\n req: Request,\n response: Response,\n startTime: number,\n options: RecordLogOptions\n) {\n const {\n url: logUrl,\n service,\n headers: customHeaders,\n timeout,\n sanitizeConfig,\n onError,\n excludePaths,\n circuitBreaker,\n errorThrottle,\n stdoutConfig,\n requestIdHeader,\n } = options\n\n const reqUrl = new URL(req.url)\n const path = reqUrl.pathname\n\n // 检查路径是否在排除列表中\n if (isPathExcluded(path, excludePaths)) return\n\n // 检查路由是否禁用日志\n if (shouldSkipLog(req.method, path)) return\n\n // 解析请求体\n let body: unknown = null\n try {\n const contentType = req.headers.get('content-type') || ''\n if (contentType.includes('application/json')) {\n body = await req.clone().json()\n }\n } catch {\n // 忽略\n }\n\n // 解析响应体\n let responseData: ResponseData = null\n try {\n responseData = await response.clone().json()\n } catch {\n // 忽略(非 JSON 响应)\n }\n\n // 提取请求头\n const headers: Record<string, string> = {}\n req.headers.forEach((value, key) => {\n headers[key] = value\n })\n\n // 清洗敏感数据\n const sanitizedHeaders = sanitizeHeaders(headers, sanitizeConfig)\n const sanitizedBody = sanitize(body, sanitizeConfig)\n const sanitizedResponseData = sanitize(responseData, sanitizeConfig)\n\n const duration = Date.now() - startTime\n\n // 提取客户端 IP 和 Request ID\n const clientIp = getClientIp(req)\n const requestId = getRequestId(req, requestIdHeader)\n\n // 构建日志数据(业务字段由 log-server 从 headers 解析)\n const logBody: Record<string, unknown> = {\n method: req.method,\n url: req.url,\n path,\n headers: sanitizedHeaders,\n body: sanitizedBody,\n query: Object.fromEntries(reqUrl.searchParams),\n status: response.status,\n duration,\n service,\n createdAt: new Date().toISOString(),\n response: sanitizedResponseData, // 直接存储完整响应数据\n }\n\n // 可选字段(只在有值时添加)\n if (clientIp) logBody.clientIp = clientIp\n if (requestId) logBody.requestId = requestId\n\n // 双写:输出到 stdout(用于 K8s 日志采集,默认开启)\n if (stdoutConfig?.enabled !== false) {\n writeToStdout(logBody, stdoutConfig ?? {})\n }\n\n // 熔断器检查:如果熔断打开,直接跳过 HTTP 上报\n if (!circuitBreaker.canRequest()) {\n return\n }\n\n // 发送到日志服务\n try {\n const res = await fetchWithTimeout(\n logUrl,\n {\n method: 'POST',\n headers: { 'Content-Type': 'application/json', ...customHeaders },\n body: JSON.stringify(logBody),\n },\n timeout\n )\n\n if (!res.ok) {\n throw new Error(`HTTP ${res.status}: ${res.statusText}`)\n }\n\n // 成功:重置熔断器\n circuitBreaker.recordSuccess()\n } catch (error) {\n // 失败:记录到熔断器\n circuitBreaker.recordFailure()\n\n // 错误节流:检查是否应该打印\n const { shouldLog, droppedCount } = errorThrottle.shouldLog()\n if (shouldLog) {\n onError(error as Error, { droppedCount })\n }\n }\n}\n\n/** 输出到 stdout(用于 K8s 日志采集) */\nfunction writeToStdout(\n logBody: Record<string, unknown>,\n config: StdoutConfig\n): void {\n const { format = 'json', includeBody = true, includeResponse = false } =\n config\n\n const status = logBody.status as number\n\n // 构建精简版日志(避免 stdout 日志过大)\n const stdoutLog: Record<string, unknown> = {\n level: getLogLevel(status), // 根据状态码设置日志级别\n time: Date.now(),\n service: logBody.service,\n method: logBody.method,\n path: logBody.path,\n status,\n duration: logBody.duration,\n msg: `${logBody.method} ${logBody.path} ${status} ${logBody.duration}ms`,\n }\n\n // 可选字段\n if (logBody.requestId) stdoutLog.requestId = logBody.requestId\n if (logBody.clientIp) stdoutLog.clientIp = logBody.clientIp\n\n // 可选:包含请求体\n if (includeBody && logBody.body) {\n stdoutLog.body = logBody.body\n }\n\n // 可选:包含响应体\n if (includeResponse && logBody.response) {\n stdoutLog.response = logBody.response\n }\n\n if (format === 'json') {\n console.log(JSON.stringify(stdoutLog))\n } else {\n // text 格式:更易读\n const reqId = logBody.requestId ? ` [${logBody.requestId}]` : ''\n console.log(\n `[${new Date().toISOString()}]${reqId} ${logBody.method} ${logBody.path} ${status} ${logBody.duration}ms`\n )\n }\n}\n\n// ============ Re-exports ============\n\nexport { sanitize, sanitizeHeaders, type SanitizeConfig } from './sanitize'\nexport default requestLogger\n"],"mappings":";;;;AAsBA,MAAM,wBAAwB;CAC5B;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD;;AAGD,MAAM,sBAAsB;CAC1B;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD;AAED,MAAM,sBAAsB;AAC5B,MAAM,oBAAoB;;;;AAO1B,SAAS,YAAY,OAAe,aAA6B;AAC/D,KAAI,MAAM,UAAU,EAAG,QAAO;AAC9B,QAAO,MAAM,MAAM,GAAG,EAAE,GAAG,SAAS,MAAM,MAAM,GAAG;;;;;;;;;;;;AAarD,SAAgB,SAAY,MAAS,QAAyB,QAAQ,GAAM;CAC1E,MAAM,EACJ,eAAe,uBACf,aAAa,qBACb,cAAc,qBACd,WAAW,sBACT,UAAU,EAAE;AAGhB,KAAI,QAAQ,SAAU,QAAO;AAE7B,KAAI,SAAS,QAAQ,SAAS,OAC5B,QAAO;AAIT,KAAI,MAAM,QAAQ,KAAK,CACrB,QAAO,KAAK,KAAI,SAAQ,SAAS,MAAM,QAAQ,QAAQ,EAAE,CAAC;AAI5D,KAAI,OAAO,SAAS,UAAU;EAC5B,MAAM,SAAkC,EAAE;AAE1C,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,KAAK,EAAE;GAC/C,MAAM,WAAW,IAAI,aAAa;AAGlC,OAAI,aAAa,MAAK,UAAS,aAAa,MAAM,EAAE;AAClD,WAAO,OAAO;AACd;;AAIF,OAAI,WAAW,MAAK,UAAS,SAAS,SAAS,MAAM,CAAC,EAAE;AACtD,QAAI,OAAO,UAAU,SACnB,QAAO,OAAO,YAAY,OAAO,YAAY;QAE7C,QAAO,OAAO;AAEhB;;AAIF,UAAO,OAAO,SAAS,OAAO,QAAQ,QAAQ,EAAE;;AAGlD,SAAO;;AAGT,QAAO;;;;;;;;;;;;AAaT,SAAgB,gBACd,SACA,QACwB;CACxB,MAAM,EACJ,aAAa,qBACb,cAAc,wBACZ,UAAU,EAAE;CAEhB,MAAM,SAAiC,EAAE;AAEzC,MAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,EAAE;EAClD,MAAM,WAAW,IAAI,aAAa;AAGlC,MAAI,aAAa,iBAAiB;AAChC,OAAI,MAAM,WAAW,UAAU,CAC7B,QAAO,OAAO,YAAY,YAAY,MAAM,MAAM,EAAE,EAAE,YAAY;OAElE,QAAO,OAAO,YAAY,OAAO,YAAY;AAE/C;;AAIF,MAAI,aAAa,YAAY,aAAa,cAAc;AACtD,UAAO,OAAO;AACd;;AAIF,MAAI,WAAW,MAAK,UAAS,SAAS,SAAS,MAAM,CAAC,EAAE;AACtD,UAAO,OAAO,YAAY,OAAO,YAAY;AAC7C;;AAGF,SAAO,OAAO;;AAGhB,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC1FT,MAAM,wBAAwB;CAC5B;CACA;CACA;CACA;CACA;CACA;CACA;CACD;AAsCD,IAAM,iBAAN,MAAqB;CACnB,AAAQ,QAAsB;CAC9B,AAAQ,eAAe;CACvB,AAAQ,kBAAkB;CAC1B,AAAiB;CACjB,AAAiB;CAEjB,YAAY,SAA+B,EAAE,EAAE;AAC7C,OAAK,mBAAmB,OAAO,oBAAoB;AACnD,OAAK,eAAe,OAAO,gBAAgB;;;CAI7C,aAAsB;AACpB,MAAI,KAAK,UAAU,SAAU,QAAO;AAEpC,MAAI,KAAK,UAAU,QAAQ;AAEzB,OAAI,KAAK,KAAK,GAAG,KAAK,mBAAmB,KAAK,cAAc;AAC1D,SAAK,QAAQ;AACb,WAAO;;AAET,UAAO;;AAIT,SAAO;;;CAIT,gBAAsB;AACpB,OAAK,eAAe;AACpB,OAAK,QAAQ;;;CAIf,gBAAsB;AACpB,OAAK;AACL,OAAK,kBAAkB,KAAK,KAAK;AAEjC,MAAI,KAAK,gBAAgB,KAAK,iBAC5B,MAAK,QAAQ;;;CAKjB,YAA2D;AACzD,SAAO;GAAE,OAAO,KAAK;GAAO,cAAc,KAAK;GAAc;;;AAMjE,IAAM,gBAAN,MAAoB;CAClB,AAAQ,gBAAgB;CACxB,AAAQ,eAAe;CACvB,AAAiB;CAEjB,YAAY,SAA8B,EAAE,EAAE;AAC5C,OAAK,WAAW,OAAO,YAAY;;;CAIrC,YAA0D;EACxD,MAAM,MAAM,KAAK,KAAK;AAEtB,MAAI,MAAM,KAAK,iBAAiB,KAAK,UAAU;GAC7C,MAAM,UAAU,KAAK;AACrB,QAAK,gBAAgB;AACrB,QAAK,eAAe;AACpB,UAAO;IAAE,WAAW;IAAM,cAAc;IAAS;;AAGnD,OAAK;AACL,SAAO;GAAE,WAAW;GAAO,cAAc;GAAG;;;;;;;;;AAYhD,SAAS,eAAe,OAAc,SAAyC;CAC7E,MAAM,EAAE,iBAAiB;CACzB,MAAM,MAAM;EACV,OAAO;EACP,MAAM,KAAK,KAAK;EAChB,WAAW,MAAM;EACjB,cAAc,MAAM;EACpB;EACA,KACE,eAAe,IACX,4BAA4B,aAAa,WACzC;EACP;AACD,SAAQ,IAAI,KAAK,UAAU,IAAI,CAAC;;;;;;;;;;;;;;;;AAmBlC,SAAgB,cAAc,SAA+B;CAC3D,MAAM,EACJ,KACA,SACA,UAAU,EAAE,EACZ,UAAU,KACV,UAAU,gBACV,UAAU,gBACV,UAAU,MACV,eAAe,EAAE,EACjB,yBAAyB,MACzB,gBAAgB,sBAChB,eAAe,qBACf,QAAQ,cACR,aAAa,GACb,kBAAkB,mBAChB;CAGJ,MAAM,kBAAkB,yBACpB,CAAC,GAAG,uBAAuB,GAAG,aAAa,GAC3C;CAGJ,MAAM,iBAAiB,IAAI,eAAe,qBAAqB;CAC/D,MAAM,gBAAgB,IAAI,cAAc,oBAAoB;AAE5D,QAAO,iBAAiB,OAAO,KAAK,SAAS;AAC3C,MAAI,CAAC,QAAS,QAAO,MAAM;EAE3B,MAAM,YAAY,KAAK,KAAK;EAC5B,MAAM,WAAW,MAAM,MAAM;AAG7B,MAAI,aAAa,KAAK,KAAK,QAAQ,GAAG,WACpC,QAAO;AAIT,YAAU,KAAK,UAAU,WAAW;GAClC;GACA;GACA;GACA;GACA;GACA;GACA,cAAc;GACd;GACA;GACA;GACA;GACD,CAAC,CAAC,YAAY,GAEb;AAEF,SAAO;GACP;;;AAIJ,MAAa,sBAAsB;;AAmBnC,SAAS,cAAc,QAAgB,MAAuB;AAC5D,KAAI;AAEF,SADc,SAA4B,QAAQ,KAAK,EACzC,QAAQ;SAChB;AACN,SAAO;;;;AAKX,SAAS,eACP,MACA,cACS;AACT,QAAO,aAAa,MAAM,YAAY;AACpC,MAAI,OAAO,YAAY,SACrB,QAAO,SAAS,WAAW,KAAK,WAAW,UAAU,IAAI;AAE3D,SAAO,QAAQ,KAAK,KAAK;GACzB;;;AAIJ,eAAe,iBACb,WACA,SACA,SACmB;CACnB,MAAM,aAAa,IAAI,iBAAiB;CACxC,MAAM,YAAY,iBAAiB,WAAW,OAAO,EAAE,QAAQ;AAE/D,KAAI;AACF,SAAO,MAAM,MAAM,WAAW;GAAE,GAAG;GAAS,QAAQ,WAAW;GAAQ,CAAC;WAChE;AACR,eAAa,UAAU;;;;AAK3B,SAAS,YAAY,KAAkC;CAErD,MAAM,YAAY,IAAI,QAAQ,IAAI,kBAAkB;AACpD,KAAI,UAEF,QAAO,UAAU,MAAM,IAAI,CAAC,GAAG,MAAM;AAEvC,QACE,IAAI,QAAQ,IAAI,YAAY,IAC5B,IAAI,QAAQ,IAAI,mBAAmB,IACnC,IAAI,QAAQ,IAAI,iBAAiB,IACjC;;;AAKJ,SAAS,aAAa,KAAc,YAAwC;CAE1E,MAAM,YAAY;AAClB,KAAI,UAAU,GACZ,QAAO,UAAU;AAGnB,QAAO,IAAI,QAAQ,IAAI,WAAW,IAAI;;;AAIxC,SAAS,YAAY,QAAwB;AAC3C,KAAI,UAAU,IAAK,QAAO;AAC1B,KAAI,UAAU,IAAK,QAAO;AAC1B,QAAO;;AAGT,eAAe,UACb,KACA,UACA,WACA,SACA;CACA,MAAM,EACJ,KAAK,QACL,SACA,SAAS,eACT,SACA,gBACA,SACA,cACA,gBACA,eACA,cACA,oBACE;CAEJ,MAAM,SAAS,IAAI,IAAI,IAAI,IAAI;CAC/B,MAAM,OAAO,OAAO;AAGpB,KAAI,eAAe,MAAM,aAAa,CAAE;AAGxC,KAAI,cAAc,IAAI,QAAQ,KAAK,CAAE;CAGrC,IAAI,OAAgB;AACpB,KAAI;AAEF,OADoB,IAAI,QAAQ,IAAI,eAAe,IAAI,IACvC,SAAS,mBAAmB,CAC1C,QAAO,MAAM,IAAI,OAAO,CAAC,MAAM;SAE3B;CAKR,IAAI,eAA6B;AACjC,KAAI;AACF,iBAAe,MAAM,SAAS,OAAO,CAAC,MAAM;SACtC;CAKR,MAAM,UAAkC,EAAE;AAC1C,KAAI,QAAQ,SAAS,OAAO,QAAQ;AAClC,UAAQ,OAAO;GACf;CAGF,MAAM,mBAAmB,gBAAgB,SAAS,eAAe;CACjE,MAAM,gBAAgB,SAAS,MAAM,eAAe;CACpD,MAAM,wBAAwB,SAAS,cAAc,eAAe;CAEpE,MAAM,WAAW,KAAK,KAAK,GAAG;CAG9B,MAAM,WAAW,YAAY,IAAI;CACjC,MAAM,YAAY,aAAa,KAAK,gBAAgB;CAGpD,MAAM,UAAmC;EACvC,QAAQ,IAAI;EACZ,KAAK,IAAI;EACT;EACA,SAAS;EACT,MAAM;EACN,OAAO,OAAO,YAAY,OAAO,aAAa;EAC9C,QAAQ,SAAS;EACjB;EACA;EACA,4BAAW,IAAI,MAAM,EAAC,aAAa;EACnC,UAAU;EACX;AAGD,KAAI,SAAU,SAAQ,WAAW;AACjC,KAAI,UAAW,SAAQ,YAAY;AAGnC,KAAI,cAAc,YAAY,MAC5B,eAAc,SAAS,gBAAgB,EAAE,CAAC;AAI5C,KAAI,CAAC,eAAe,YAAY,CAC9B;AAIF,KAAI;EACF,MAAM,MAAM,MAAM,iBAChB,QACA;GACE,QAAQ;GACR,SAAS;IAAE,gBAAgB;IAAoB,GAAG;IAAe;GACjE,MAAM,KAAK,UAAU,QAAQ;GAC9B,EACD,QACD;AAED,MAAI,CAAC,IAAI,GACP,OAAM,IAAI,MAAM,QAAQ,IAAI,OAAO,IAAI,IAAI,aAAa;AAI1D,iBAAe,eAAe;UACvB,OAAO;AAEd,iBAAe,eAAe;EAG9B,MAAM,EAAE,WAAW,iBAAiB,cAAc,WAAW;AAC7D,MAAI,UACF,SAAQ,OAAgB,EAAE,cAAc,CAAC;;;;AAM/C,SAAS,cACP,SACA,QACM;CACN,MAAM,EAAE,SAAS,QAAQ,cAAc,MAAM,kBAAkB,UAC7D;CAEF,MAAM,SAAS,QAAQ;CAGvB,MAAM,YAAqC;EACzC,OAAO,YAAY,OAAO;EAC1B,MAAM,KAAK,KAAK;EAChB,SAAS,QAAQ;EACjB,QAAQ,QAAQ;EAChB,MAAM,QAAQ;EACd;EACA,UAAU,QAAQ;EAClB,KAAK,GAAG,QAAQ,OAAO,GAAG,QAAQ,KAAK,GAAG,OAAO,GAAG,QAAQ,SAAS;EACtE;AAGD,KAAI,QAAQ,UAAW,WAAU,YAAY,QAAQ;AACrD,KAAI,QAAQ,SAAU,WAAU,WAAW,QAAQ;AAGnD,KAAI,eAAe,QAAQ,KACzB,WAAU,OAAO,QAAQ;AAI3B,KAAI,mBAAmB,QAAQ,SAC7B,WAAU,WAAW,QAAQ;AAG/B,KAAI,WAAW,OACb,SAAQ,IAAI,KAAK,UAAU,UAAU,CAAC;MACjC;EAEL,MAAM,QAAQ,QAAQ,YAAY,KAAK,QAAQ,UAAU,KAAK;AAC9D,UAAQ,IACN,qBAAI,IAAI,MAAM,EAAC,aAAa,CAAC,GAAG,MAAM,GAAG,QAAQ,OAAO,GAAG,QAAQ,KAAK,GAAG,OAAO,GAAG,QAAQ,SAAS,IACvG;;;AAOL,kBAAe"}
|
|
1
|
+
{"version":3,"file":"index.mjs","names":[],"sources":["../src/sanitize.ts","../src/index.ts"],"sourcesContent":["/**\n * 敏感数据清洗工具\n * \n * 用于在记录日志前移除或脱敏敏感信息\n */\n\n// ============ Types ============\n\nexport interface SanitizeConfig {\n /** 需要完全移除的字段(小写) */\n removeFields?: string[]\n /** 需要脱敏的字段(小写,部分匹配) */\n maskFields?: string[]\n /** 脱敏占位符 @default '[REDACTED]' */\n placeholder?: string\n /** 最大递归深度 @default 10 */\n maxDepth?: number\n}\n\n// ============ Default Config ============\n\n/** 默认需要完全移除的敏感字段 */\nconst DEFAULT_REMOVE_FIELDS = [\n 'password',\n 'newpassword',\n 'oldpassword',\n 'confirmpassword',\n 'secret',\n 'secretkey',\n 'privatekey',\n 'apisecret',\n 'clientsecret',\n]\n\n/** 默认需要脱敏的字段(保留部分信息) */\nconst DEFAULT_MASK_FIELDS = [\n 'token',\n 'accesstoken',\n 'refreshtoken',\n 'authorization',\n 'apikey',\n 'api_key',\n 'x-api-key',\n 'idtoken',\n 'sessiontoken',\n 'bearer',\n]\n\nconst DEFAULT_PLACEHOLDER = '[REDACTED]'\nconst DEFAULT_MAX_DEPTH = 10\n\n// ============ Sanitize Functions ============\n\n/**\n * 部分脱敏(保留前4后4位)\n */\nfunction partialMask(value: string, placeholder: string): string {\n if (value.length <= 8) return placeholder\n return value.slice(0, 4) + '****' + value.slice(-4)\n}\n\n/**\n * 深度清洗对象中的敏感数据\n * \n * @example\n * ```typescript\n * const data = { password: '123456', token: 'eyJhbG...' }\n * const sanitized = sanitize(data)\n * // { password: '[REDACTED]', token: 'eyJh****...' }\n * ```\n */\nexport function sanitize<T>(data: T, config?: SanitizeConfig, depth = 0): T {\n const {\n removeFields = DEFAULT_REMOVE_FIELDS,\n maskFields = DEFAULT_MASK_FIELDS,\n placeholder = DEFAULT_PLACEHOLDER,\n maxDepth = DEFAULT_MAX_DEPTH,\n } = config ?? {}\n\n // 防止无限递归\n if (depth > maxDepth) return data\n \n if (data === null || data === undefined) {\n return data\n }\n\n // 处理数组\n if (Array.isArray(data)) {\n return data.map(item => sanitize(item, config, depth + 1)) as T\n }\n\n // 处理对象\n if (typeof data === 'object') {\n const result: Record<string, unknown> = {}\n \n for (const [key, value] of Object.entries(data)) {\n const lowerKey = key.toLowerCase()\n \n // 完全移除的字段\n if (removeFields.some(field => lowerKey === field)) {\n result[key] = placeholder\n continue\n }\n \n // 部分脱敏的字段\n if (maskFields.some(field => lowerKey.includes(field))) {\n if (typeof value === 'string') {\n result[key] = partialMask(value, placeholder)\n } else {\n result[key] = placeholder\n }\n continue\n }\n \n // 递归处理嵌套对象\n result[key] = sanitize(value, config, depth + 1)\n }\n \n return result as T\n }\n\n return data\n}\n\n/**\n * 清洗 HTTP 请求头\n * \n * @example\n * ```typescript\n * const headers = { Authorization: 'Bearer eyJhbG...', Cookie: 'session=xxx' }\n * const sanitized = sanitizeHeaders(headers)\n * // { Authorization: 'Bearer eyJh****...', Cookie: '[REDACTED]' }\n * ```\n */\nexport function sanitizeHeaders(\n headers: Record<string, string>,\n config?: SanitizeConfig\n): Record<string, string> {\n const {\n maskFields = DEFAULT_MASK_FIELDS,\n placeholder = DEFAULT_PLACEHOLDER,\n } = config ?? {}\n\n const result: Record<string, string> = {}\n \n for (const [key, value] of Object.entries(headers)) {\n const lowerKey = key.toLowerCase()\n \n // Authorization 头部分脱敏\n if (lowerKey === 'authorization') {\n if (value.startsWith('Bearer ')) {\n result[key] = 'Bearer ' + partialMask(value.slice(7), placeholder)\n } else {\n result[key] = partialMask(value, placeholder)\n }\n continue\n }\n \n // Cookie 完全脱敏\n if (lowerKey === 'cookie' || lowerKey === 'set-cookie') {\n result[key] = placeholder\n continue\n }\n \n // API Key 相关头脱敏\n if (maskFields.some(field => lowerKey.includes(field))) {\n result[key] = partialMask(value, placeholder)\n continue\n }\n \n result[key] = value\n }\n \n return result\n}\n\n/**\n * 检查值是否为敏感字段\n */\nexport function isSensitiveField(fieldName: string, config?: SanitizeConfig): boolean {\n const {\n removeFields = DEFAULT_REMOVE_FIELDS,\n maskFields = DEFAULT_MASK_FIELDS,\n } = config ?? {}\n\n const lowerName = fieldName.toLowerCase()\n \n return (\n removeFields.some(field => lowerName === field) ||\n maskFields.some(field => lowerName.includes(field))\n )\n}\n\n","/**\n * @vafast/request-logger - API 请求日志中间件\n *\n * 特性:\n * - 自动敏感数据脱敏\n * - HTTP 远程日志服务\n * - 异步非阻塞记录\n * - 路由级别日志控制(路由定义中设置 log: false)\n * - 熔断器:连续失败后暂停上报,避免无谓等待\n * - 错误节流:同类错误在一段时间内只打一次日志\n *\n * @example\n * ```typescript\n * import { requestLogger } from '@vafast/request-logger'\n *\n * server.use(requestLogger({\n * url: 'http://log-server:9005/api/logs/ingest',\n * service: 'auth-server',\n * getUserId: (req) => req.__locals?.userInfo?.id,\n * }))\n * ```\n */\nimport { defineMiddleware, getRoute } from 'vafast'\nimport { sanitize, sanitizeHeaders, type SanitizeConfig } from './sanitize'\n\n// ============ Types ============\n\n/** 请求信息 */\nexport interface RequestData {\n method: string\n url: string\n path: string\n headers: Record<string, string>\n body: unknown\n query: Record<string, string>\n status: number\n duration: number\n userId?: string\n appId?: string\n authType?: string\n service?: string\n ip?: string\n userAgent?: string\n traceId?: string\n createdAt: Date\n}\n\n/** 响应数据(完整响应体) */\nexport type ResponseData = unknown\n\n/** 完整日志数据 */\nexport interface LogData {\n request: RequestData\n response: ResponseData\n}\n\n/** 熔断器配置 */\nexport interface CircuitBreakerConfig {\n /** 触发熔断的连续失败次数,默认 5 */\n failureThreshold?: number\n /** 熔断恢复时间(毫秒),默认 60000(1分钟) */\n resetTimeout?: number\n}\n\n/** 错误节流配置 */\nexport interface ErrorThrottleConfig {\n /** 同类错误的节流间隔(毫秒),默认 60000(1分钟) */\n interval?: number\n}\n\n/** stdout 双写配置 */\nexport interface StdoutConfig {\n /** 是否启用 stdout 输出 @default true */\n enabled?: boolean\n /** 输出格式 @default 'json' */\n format?: 'json' | 'text'\n /** 是否包含请求体 @default true */\n includeBody?: boolean\n /** 是否包含响应体(可能很大)@default false */\n includeResponse?: boolean\n}\n\n\n/** 请求日志配置 */\nexport interface RequestLoggerOptions {\n /** 日志服务 URL */\n url: string\n /** 服务标识(如 auth-server、ones-server) */\n service: string\n /** 自定义请求头(如认证信息) */\n headers?: Record<string, string>\n /** 超时时间(毫秒),默认 5000 */\n timeout?: number\n /** 敏感数据清洗配置 */\n sanitize?: SanitizeConfig\n /** 错误回调 */\n onError?: (error: Error, context: { droppedCount: number }) => void\n /** 是否启用 @default true */\n enabled?: boolean\n /** 排除的路径列表(精确匹配或正则),这些路径不记录日志 */\n excludePaths?: (string | RegExp)[]\n /** 熔断器配置 */\n circuitBreaker?: CircuitBreakerConfig\n /** 错误节流配置 */\n errorThrottle?: ErrorThrottleConfig\n /** stdout 双写配置(用于 K8s 日志采集) */\n stdout?: StdoutConfig\n /** 日志采样率 (0-1),1 表示记录所有请求,0.1 表示只记录 10% @default 1 */\n sampleRate?: number\n /** 请求 ID 的 header 名称,用于分布式追踪 @default 'x-request-id' */\n requestIdHeader?: string\n}\n\n// ============ Circuit Breaker ============\n\ntype CircuitState = 'closed' | 'open' | 'half-open'\n\nclass CircuitBreaker {\n private state: CircuitState = 'closed'\n private failureCount = 0\n private lastFailureTime = 0\n private readonly failureThreshold: number\n private readonly resetTimeout: number\n\n constructor(config: CircuitBreakerConfig = {}) {\n this.failureThreshold = config.failureThreshold ?? 5\n this.resetTimeout = config.resetTimeout ?? 60000\n }\n\n /** 检查是否允许请求 */\n canRequest(): boolean {\n if (this.state === 'closed') return true\n\n if (this.state === 'open') {\n // 检查是否到了恢复时间\n if (Date.now() - this.lastFailureTime >= this.resetTimeout) {\n this.state = 'half-open'\n return true\n }\n return false\n }\n\n // half-open 状态允许一个请求通过测试\n return true\n }\n\n /** 记录成功 */\n recordSuccess(): void {\n this.failureCount = 0\n this.state = 'closed'\n }\n\n /** 记录失败 */\n recordFailure(): void {\n this.failureCount++\n this.lastFailureTime = Date.now()\n\n if (this.failureCount >= this.failureThreshold) {\n this.state = 'open'\n }\n }\n\n /** 获取当前状态信息 */\n getStatus(): { state: CircuitState; failureCount: number } {\n return { state: this.state, failureCount: this.failureCount }\n }\n}\n\n// ============ Error Throttle ============\n\nclass ErrorThrottle {\n private lastErrorTime = 0\n private droppedCount = 0\n private readonly interval: number\n\n constructor(config: ErrorThrottleConfig = {}) {\n this.interval = config.interval ?? 60000\n }\n\n /** 检查是否应该打印错误,返回 { shouldLog, droppedCount } */\n shouldLog(): { shouldLog: boolean; droppedCount: number } {\n const now = Date.now()\n\n if (now - this.lastErrorTime >= this.interval) {\n const dropped = this.droppedCount\n this.lastErrorTime = now\n this.droppedCount = 0\n return { shouldLog: true, droppedCount: dropped }\n }\n\n this.droppedCount++\n return { shouldLog: false, droppedCount: 0 }\n }\n}\n\n// ============ Default Error Handler ============\n\n/**\n * 默认错误处理函数\n * - 输出结构化 JSON 到 stdout(K8s 友好)\n * - 使用 warn 级别(level: 40)\n * - 包含 droppedCount 信息\n */\nfunction defaultOnError(error: Error, context: { droppedCount: number }): void {\n const { droppedCount } = context\n const log = {\n level: 40, // warn\n time: Date.now(),\n errorName: error.name,\n errorMessage: error.message,\n droppedCount,\n msg:\n droppedCount > 0\n ? `request-logger 上报失败 (已忽略 ${droppedCount} 条相同错误)`\n : 'request-logger 上报失败',\n }\n console.log(JSON.stringify(log))\n}\n\n// ============ Middleware ============\n\n/**\n * 请求日志中间件\n *\n * @example\n * ```typescript\n * import { requestLogger } from '@vafast/request-logger'\n *\n * server.use(requestLogger({\n * url: 'http://log-server:9005/api/logs/ingest',\n * service: 'auth-server',\n * auth: { apiKeyId: 'xxx', apiKeySecret: 'yyy' },\n * }))\n * ```\n */\nexport function requestLogger(options: RequestLoggerOptions) {\n const {\n url,\n service,\n headers = {},\n timeout = 5000,\n sanitize: sanitizeConfig,\n onError = defaultOnError,\n enabled = true,\n excludePaths = [],\n circuitBreaker: circuitBreakerConfig,\n errorThrottle: errorThrottleConfig,\n stdout: stdoutConfig,\n sampleRate = 1,\n requestIdHeader = 'x-request-id',\n } = options\n\n // 创建熔断器和错误节流器实例\n const circuitBreaker = new CircuitBreaker(circuitBreakerConfig)\n const errorThrottle = new ErrorThrottle(errorThrottleConfig)\n\n return defineMiddleware(async (req, next) => {\n if (!enabled) return next()\n\n const startTime = Date.now()\n const response = await next()\n\n // 日志采样:随机跳过部分请求\n if (sampleRate < 1 && Math.random() > sampleRate) {\n return response\n }\n\n // 异步记录日志,不阻塞响应\n recordLog(req, response, startTime, {\n url,\n service,\n headers,\n timeout,\n sanitizeConfig,\n onError,\n excludePaths,\n circuitBreaker,\n errorThrottle,\n stdoutConfig,\n requestIdHeader,\n }).catch(() => {\n // 错误已在 recordLog 内部处理,这里静默忽略\n })\n\n return response\n })\n}\n\n/** @deprecated 使用 requestLogger 代替 */\nexport const createRequestLogger = requestLogger\n\n// ============ Internal ============\n\ninterface RecordLogOptions {\n url: string\n service: string\n headers: Record<string, string>\n timeout: number\n sanitizeConfig?: SanitizeConfig\n onError: (error: Error, context: { droppedCount: number }) => void\n excludePaths: (string | RegExp)[]\n circuitBreaker: CircuitBreaker\n errorThrottle: ErrorThrottle\n stdoutConfig?: StdoutConfig\n requestIdHeader: string\n}\n\n/** 检查路由是否配置了 log: false */\nfunction shouldSkipLog(method: string, path: string): boolean {\n try {\n const route = getRoute<{ log?: boolean }>(method, path)\n return route?.log === false\n } catch {\n return false\n }\n}\n\n/** 检查路径是否在排除列表中 */\nfunction isPathExcluded(\n path: string,\n excludePaths: (string | RegExp)[]\n): boolean {\n return excludePaths.some((pattern) => {\n if (typeof pattern === 'string') {\n return path === pattern || path.startsWith(pattern + '/')\n }\n return pattern.test(path)\n })\n}\n\n/** 带超时的 fetch */\nasync function fetchWithTimeout(\n targetUrl: string,\n options: RequestInit,\n timeout: number\n): Promise<Response> {\n const controller = new AbortController()\n const timeoutId = setTimeout(() => controller.abort(), timeout)\n\n try {\n return await fetch(targetUrl, { ...options, signal: controller.signal })\n } finally {\n clearTimeout(timeoutId)\n }\n}\n\n/** 从请求中提取客户端 IP */\nfunction getClientIp(req: Request): string | undefined {\n // 按优先级尝试获取真实 IP\n const forwarded = req.headers.get('x-forwarded-for')\n if (forwarded) {\n // X-Forwarded-For 可能包含多个 IP,第一个是客户端真实 IP\n return forwarded.split(',')[0].trim()\n }\n return (\n req.headers.get('x-real-ip') ??\n req.headers.get('cf-connecting-ip') ?? // Cloudflare\n req.headers.get('true-client-ip') ?? // Akamai\n undefined\n )\n}\n\n/** 从请求中提取 Request ID */\nfunction getRequestId(req: Request, headerName: string): string | undefined {\n // 优先从 req.id 获取(如果使用了 @vafast/request-id 中间件)\n const reqWithId = req as Request & { id?: string }\n if (reqWithId.id) {\n return reqWithId.id\n }\n // 否则从 header 获取\n return req.headers.get(headerName) ?? undefined\n}\n\n/** 根据状态码获取日志级别 */\nfunction getLogLevel(status: number): number {\n if (status >= 500) return 50 // ERROR\n if (status >= 400) return 40 // WARN\n return 30 // INFO\n}\n\nasync function recordLog(\n req: Request,\n response: Response,\n startTime: number,\n options: RecordLogOptions\n) {\n const {\n url: logUrl,\n service,\n headers: customHeaders,\n timeout,\n sanitizeConfig,\n onError,\n excludePaths,\n circuitBreaker,\n errorThrottle,\n stdoutConfig,\n requestIdHeader,\n } = options\n\n const reqUrl = new URL(req.url)\n const path = reqUrl.pathname\n\n // 检查路径是否在排除列表中\n if (isPathExcluded(path, excludePaths)) return\n\n // 检查路由是否禁用日志\n if (shouldSkipLog(req.method, path)) return\n\n // 解析请求体\n let body: unknown = null\n try {\n const contentType = req.headers.get('content-type') || ''\n if (contentType.includes('application/json')) {\n body = await req.clone().json()\n }\n } catch {\n // 忽略\n }\n\n // 解析响应体\n let responseData: ResponseData = null\n try {\n responseData = await response.clone().json()\n } catch {\n // 忽略(非 JSON 响应)\n }\n\n // 提取请求头\n const headers: Record<string, string> = {}\n req.headers.forEach((value, key) => {\n headers[key] = value\n })\n\n // 清洗敏感数据\n const sanitizedHeaders = sanitizeHeaders(headers, sanitizeConfig)\n const sanitizedBody = sanitize(body, sanitizeConfig)\n const sanitizedResponseData = sanitize(responseData, sanitizeConfig)\n\n const duration = Date.now() - startTime\n\n // 提取客户端 IP 和 Request ID\n const clientIp = getClientIp(req)\n const requestId = getRequestId(req, requestIdHeader)\n\n // 构建日志数据(业务字段由 log-server 从 headers 解析)\n const logBody: Record<string, unknown> = {\n method: req.method,\n url: req.url,\n path,\n headers: sanitizedHeaders,\n body: sanitizedBody,\n query: Object.fromEntries(reqUrl.searchParams),\n status: response.status,\n duration,\n service,\n createdAt: new Date().toISOString(),\n response: sanitizedResponseData, // 直接存储完整响应数据\n }\n\n // 可选字段(只在有值时添加)\n if (clientIp) logBody.clientIp = clientIp\n if (requestId) logBody.requestId = requestId\n\n // 双写:输出到 stdout(用于 K8s 日志采集,默认开启)\n if (stdoutConfig?.enabled !== false) {\n writeToStdout(logBody, stdoutConfig ?? {})\n }\n\n // 熔断器检查:如果熔断打开,直接跳过 HTTP 上报\n if (!circuitBreaker.canRequest()) {\n return\n }\n\n // 发送到日志服务\n try {\n const res = await fetchWithTimeout(\n logUrl,\n {\n method: 'POST',\n headers: { 'Content-Type': 'application/json', ...customHeaders },\n body: JSON.stringify(logBody),\n },\n timeout\n )\n\n if (!res.ok) {\n throw new Error(`HTTP ${res.status}: ${res.statusText}`)\n }\n\n // 成功:重置熔断器\n circuitBreaker.recordSuccess()\n } catch (error) {\n // 失败:记录到熔断器\n circuitBreaker.recordFailure()\n\n // 错误节流:检查是否应该打印\n const { shouldLog, droppedCount } = errorThrottle.shouldLog()\n if (shouldLog) {\n onError(error as Error, { droppedCount })\n }\n }\n}\n\n/** 输出到 stdout(用于 K8s 日志采集) */\nfunction writeToStdout(\n logBody: Record<string, unknown>,\n config: StdoutConfig\n): void {\n const { format = 'json', includeBody = true, includeResponse = false } =\n config\n\n const status = logBody.status as number\n\n // 构建精简版日志(避免 stdout 日志过大)\n const stdoutLog: Record<string, unknown> = {\n level: getLogLevel(status), // 根据状态码设置日志级别\n time: Date.now(),\n service: logBody.service,\n method: logBody.method,\n path: logBody.path,\n status,\n duration: logBody.duration,\n msg: `${logBody.method} ${logBody.path} ${status} ${logBody.duration}ms`,\n }\n\n // 可选字段\n if (logBody.requestId) stdoutLog.requestId = logBody.requestId\n if (logBody.clientIp) stdoutLog.clientIp = logBody.clientIp\n\n // 可选:包含请求体\n if (includeBody && logBody.body) {\n stdoutLog.body = logBody.body\n }\n\n // 可选:包含响应体\n if (includeResponse && logBody.response) {\n stdoutLog.response = logBody.response\n }\n\n if (format === 'json') {\n console.log(JSON.stringify(stdoutLog))\n } else {\n // text 格式:更易读\n const reqId = logBody.requestId ? ` [${logBody.requestId}]` : ''\n console.log(\n `[${new Date().toISOString()}]${reqId} ${logBody.method} ${logBody.path} ${status} ${logBody.duration}ms`\n )\n }\n}\n\n// ============ Re-exports ============\n\nexport { sanitize, sanitizeHeaders, type SanitizeConfig } from './sanitize'\nexport default requestLogger\n"],"mappings":";;;;AAsBA,MAAM,wBAAwB;CAC5B;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD;;AAGD,MAAM,sBAAsB;CAC1B;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD;AAED,MAAM,sBAAsB;AAC5B,MAAM,oBAAoB;;;;AAO1B,SAAS,YAAY,OAAe,aAA6B;AAC/D,KAAI,MAAM,UAAU,EAAG,QAAO;AAC9B,QAAO,MAAM,MAAM,GAAG,EAAE,GAAG,SAAS,MAAM,MAAM,GAAG;;;;;;;;;;;;AAarD,SAAgB,SAAY,MAAS,QAAyB,QAAQ,GAAM;CAC1E,MAAM,EACJ,eAAe,uBACf,aAAa,qBACb,cAAc,qBACd,WAAW,sBACT,UAAU,EAAE;AAGhB,KAAI,QAAQ,SAAU,QAAO;AAE7B,KAAI,SAAS,QAAQ,SAAS,OAC5B,QAAO;AAIT,KAAI,MAAM,QAAQ,KAAK,CACrB,QAAO,KAAK,KAAI,SAAQ,SAAS,MAAM,QAAQ,QAAQ,EAAE,CAAC;AAI5D,KAAI,OAAO,SAAS,UAAU;EAC5B,MAAM,SAAkC,EAAE;AAE1C,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,KAAK,EAAE;GAC/C,MAAM,WAAW,IAAI,aAAa;AAGlC,OAAI,aAAa,MAAK,UAAS,aAAa,MAAM,EAAE;AAClD,WAAO,OAAO;AACd;;AAIF,OAAI,WAAW,MAAK,UAAS,SAAS,SAAS,MAAM,CAAC,EAAE;AACtD,QAAI,OAAO,UAAU,SACnB,QAAO,OAAO,YAAY,OAAO,YAAY;QAE7C,QAAO,OAAO;AAEhB;;AAIF,UAAO,OAAO,SAAS,OAAO,QAAQ,QAAQ,EAAE;;AAGlD,SAAO;;AAGT,QAAO;;;;;;;;;;;;AAaT,SAAgB,gBACd,SACA,QACwB;CACxB,MAAM,EACJ,aAAa,qBACb,cAAc,wBACZ,UAAU,EAAE;CAEhB,MAAM,SAAiC,EAAE;AAEzC,MAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,EAAE;EAClD,MAAM,WAAW,IAAI,aAAa;AAGlC,MAAI,aAAa,iBAAiB;AAChC,OAAI,MAAM,WAAW,UAAU,CAC7B,QAAO,OAAO,YAAY,YAAY,MAAM,MAAM,EAAE,EAAE,YAAY;OAElE,QAAO,OAAO,YAAY,OAAO,YAAY;AAE/C;;AAIF,MAAI,aAAa,YAAY,aAAa,cAAc;AACtD,UAAO,OAAO;AACd;;AAIF,MAAI,WAAW,MAAK,UAAS,SAAS,SAAS,MAAM,CAAC,EAAE;AACtD,UAAO,OAAO,YAAY,OAAO,YAAY;AAC7C;;AAGF,SAAO,OAAO;;AAGhB,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;ACxDT,IAAM,iBAAN,MAAqB;CACnB,AAAQ,QAAsB;CAC9B,AAAQ,eAAe;CACvB,AAAQ,kBAAkB;CAC1B,AAAiB;CACjB,AAAiB;CAEjB,YAAY,SAA+B,EAAE,EAAE;AAC7C,OAAK,mBAAmB,OAAO,oBAAoB;AACnD,OAAK,eAAe,OAAO,gBAAgB;;;CAI7C,aAAsB;AACpB,MAAI,KAAK,UAAU,SAAU,QAAO;AAEpC,MAAI,KAAK,UAAU,QAAQ;AAEzB,OAAI,KAAK,KAAK,GAAG,KAAK,mBAAmB,KAAK,cAAc;AAC1D,SAAK,QAAQ;AACb,WAAO;;AAET,UAAO;;AAIT,SAAO;;;CAIT,gBAAsB;AACpB,OAAK,eAAe;AACpB,OAAK,QAAQ;;;CAIf,gBAAsB;AACpB,OAAK;AACL,OAAK,kBAAkB,KAAK,KAAK;AAEjC,MAAI,KAAK,gBAAgB,KAAK,iBAC5B,MAAK,QAAQ;;;CAKjB,YAA2D;AACzD,SAAO;GAAE,OAAO,KAAK;GAAO,cAAc,KAAK;GAAc;;;AAMjE,IAAM,gBAAN,MAAoB;CAClB,AAAQ,gBAAgB;CACxB,AAAQ,eAAe;CACvB,AAAiB;CAEjB,YAAY,SAA8B,EAAE,EAAE;AAC5C,OAAK,WAAW,OAAO,YAAY;;;CAIrC,YAA0D;EACxD,MAAM,MAAM,KAAK,KAAK;AAEtB,MAAI,MAAM,KAAK,iBAAiB,KAAK,UAAU;GAC7C,MAAM,UAAU,KAAK;AACrB,QAAK,gBAAgB;AACrB,QAAK,eAAe;AACpB,UAAO;IAAE,WAAW;IAAM,cAAc;IAAS;;AAGnD,OAAK;AACL,SAAO;GAAE,WAAW;GAAO,cAAc;GAAG;;;;;;;;;AAYhD,SAAS,eAAe,OAAc,SAAyC;CAC7E,MAAM,EAAE,iBAAiB;CACzB,MAAM,MAAM;EACV,OAAO;EACP,MAAM,KAAK,KAAK;EAChB,WAAW,MAAM;EACjB,cAAc,MAAM;EACpB;EACA,KACE,eAAe,IACX,4BAA4B,aAAa,WACzC;EACP;AACD,SAAQ,IAAI,KAAK,UAAU,IAAI,CAAC;;;;;;;;;;;;;;;;AAmBlC,SAAgB,cAAc,SAA+B;CAC3D,MAAM,EACJ,KACA,SACA,UAAU,EAAE,EACZ,UAAU,KACV,UAAU,gBACV,UAAU,gBACV,UAAU,MACV,eAAe,EAAE,EACjB,gBAAgB,sBAChB,eAAe,qBACf,QAAQ,cACR,aAAa,GACb,kBAAkB,mBAChB;CAGJ,MAAM,iBAAiB,IAAI,eAAe,qBAAqB;CAC/D,MAAM,gBAAgB,IAAI,cAAc,oBAAoB;AAE5D,QAAO,iBAAiB,OAAO,KAAK,SAAS;AAC3C,MAAI,CAAC,QAAS,QAAO,MAAM;EAE3B,MAAM,YAAY,KAAK,KAAK;EAC5B,MAAM,WAAW,MAAM,MAAM;AAG7B,MAAI,aAAa,KAAK,KAAK,QAAQ,GAAG,WACpC,QAAO;AAIT,YAAU,KAAK,UAAU,WAAW;GAClC;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACD,CAAC,CAAC,YAAY,GAEb;AAEF,SAAO;GACP;;;AAIJ,MAAa,sBAAsB;;AAmBnC,SAAS,cAAc,QAAgB,MAAuB;AAC5D,KAAI;AAEF,SADc,SAA4B,QAAQ,KAAK,EACzC,QAAQ;SAChB;AACN,SAAO;;;;AAKX,SAAS,eACP,MACA,cACS;AACT,QAAO,aAAa,MAAM,YAAY;AACpC,MAAI,OAAO,YAAY,SACrB,QAAO,SAAS,WAAW,KAAK,WAAW,UAAU,IAAI;AAE3D,SAAO,QAAQ,KAAK,KAAK;GACzB;;;AAIJ,eAAe,iBACb,WACA,SACA,SACmB;CACnB,MAAM,aAAa,IAAI,iBAAiB;CACxC,MAAM,YAAY,iBAAiB,WAAW,OAAO,EAAE,QAAQ;AAE/D,KAAI;AACF,SAAO,MAAM,MAAM,WAAW;GAAE,GAAG;GAAS,QAAQ,WAAW;GAAQ,CAAC;WAChE;AACR,eAAa,UAAU;;;;AAK3B,SAAS,YAAY,KAAkC;CAErD,MAAM,YAAY,IAAI,QAAQ,IAAI,kBAAkB;AACpD,KAAI,UAEF,QAAO,UAAU,MAAM,IAAI,CAAC,GAAG,MAAM;AAEvC,QACE,IAAI,QAAQ,IAAI,YAAY,IAC5B,IAAI,QAAQ,IAAI,mBAAmB,IACnC,IAAI,QAAQ,IAAI,iBAAiB,IACjC;;;AAKJ,SAAS,aAAa,KAAc,YAAwC;CAE1E,MAAM,YAAY;AAClB,KAAI,UAAU,GACZ,QAAO,UAAU;AAGnB,QAAO,IAAI,QAAQ,IAAI,WAAW,IAAI;;;AAIxC,SAAS,YAAY,QAAwB;AAC3C,KAAI,UAAU,IAAK,QAAO;AAC1B,KAAI,UAAU,IAAK,QAAO;AAC1B,QAAO;;AAGT,eAAe,UACb,KACA,UACA,WACA,SACA;CACA,MAAM,EACJ,KAAK,QACL,SACA,SAAS,eACT,SACA,gBACA,SACA,cACA,gBACA,eACA,cACA,oBACE;CAEJ,MAAM,SAAS,IAAI,IAAI,IAAI,IAAI;CAC/B,MAAM,OAAO,OAAO;AAGpB,KAAI,eAAe,MAAM,aAAa,CAAE;AAGxC,KAAI,cAAc,IAAI,QAAQ,KAAK,CAAE;CAGrC,IAAI,OAAgB;AACpB,KAAI;AAEF,OADoB,IAAI,QAAQ,IAAI,eAAe,IAAI,IACvC,SAAS,mBAAmB,CAC1C,QAAO,MAAM,IAAI,OAAO,CAAC,MAAM;SAE3B;CAKR,IAAI,eAA6B;AACjC,KAAI;AACF,iBAAe,MAAM,SAAS,OAAO,CAAC,MAAM;SACtC;CAKR,MAAM,UAAkC,EAAE;AAC1C,KAAI,QAAQ,SAAS,OAAO,QAAQ;AAClC,UAAQ,OAAO;GACf;CAGF,MAAM,mBAAmB,gBAAgB,SAAS,eAAe;CACjE,MAAM,gBAAgB,SAAS,MAAM,eAAe;CACpD,MAAM,wBAAwB,SAAS,cAAc,eAAe;CAEpE,MAAM,WAAW,KAAK,KAAK,GAAG;CAG9B,MAAM,WAAW,YAAY,IAAI;CACjC,MAAM,YAAY,aAAa,KAAK,gBAAgB;CAGpD,MAAM,UAAmC;EACvC,QAAQ,IAAI;EACZ,KAAK,IAAI;EACT;EACA,SAAS;EACT,MAAM;EACN,OAAO,OAAO,YAAY,OAAO,aAAa;EAC9C,QAAQ,SAAS;EACjB;EACA;EACA,4BAAW,IAAI,MAAM,EAAC,aAAa;EACnC,UAAU;EACX;AAGD,KAAI,SAAU,SAAQ,WAAW;AACjC,KAAI,UAAW,SAAQ,YAAY;AAGnC,KAAI,cAAc,YAAY,MAC5B,eAAc,SAAS,gBAAgB,EAAE,CAAC;AAI5C,KAAI,CAAC,eAAe,YAAY,CAC9B;AAIF,KAAI;EACF,MAAM,MAAM,MAAM,iBAChB,QACA;GACE,QAAQ;GACR,SAAS;IAAE,gBAAgB;IAAoB,GAAG;IAAe;GACjE,MAAM,KAAK,UAAU,QAAQ;GAC9B,EACD,QACD;AAED,MAAI,CAAC,IAAI,GACP,OAAM,IAAI,MAAM,QAAQ,IAAI,OAAO,IAAI,IAAI,aAAa;AAI1D,iBAAe,eAAe;UACvB,OAAO;AAEd,iBAAe,eAAe;EAG9B,MAAM,EAAE,WAAW,iBAAiB,cAAc,WAAW;AAC7D,MAAI,UACF,SAAQ,OAAgB,EAAE,cAAc,CAAC;;;;AAM/C,SAAS,cACP,SACA,QACM;CACN,MAAM,EAAE,SAAS,QAAQ,cAAc,MAAM,kBAAkB,UAC7D;CAEF,MAAM,SAAS,QAAQ;CAGvB,MAAM,YAAqC;EACzC,OAAO,YAAY,OAAO;EAC1B,MAAM,KAAK,KAAK;EAChB,SAAS,QAAQ;EACjB,QAAQ,QAAQ;EAChB,MAAM,QAAQ;EACd;EACA,UAAU,QAAQ;EAClB,KAAK,GAAG,QAAQ,OAAO,GAAG,QAAQ,KAAK,GAAG,OAAO,GAAG,QAAQ,SAAS;EACtE;AAGD,KAAI,QAAQ,UAAW,WAAU,YAAY,QAAQ;AACrD,KAAI,QAAQ,SAAU,WAAU,WAAW,QAAQ;AAGnD,KAAI,eAAe,QAAQ,KACzB,WAAU,OAAO,QAAQ;AAI3B,KAAI,mBAAmB,QAAQ,SAC7B,WAAU,WAAW,QAAQ;AAG/B,KAAI,WAAW,OACb,SAAQ,IAAI,KAAK,UAAU,UAAU,CAAC;MACjC;EAEL,MAAM,QAAQ,QAAQ,YAAY,KAAK,QAAQ,UAAU,KAAK;AAC9D,UAAQ,IACN,qBAAI,IAAI,MAAM,EAAC,aAAa,CAAC,GAAG,MAAM,GAAG,QAAQ,OAAO,GAAG,QAAQ,KAAK,GAAG,OAAO,GAAG,QAAQ,SAAS,IACvG;;;AAOL,kBAAe"}
|