npm - observe-node - Versions diffs - 1.0.3 → 1.0.5 - Mend

observe-node 1.0.3 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/src/http/express.js +91 -28

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "observe-node",
-  "version": "1.0.3",
+  "version": "1.0.5",
   "description": "Structured logs + Prometheus metrics SDK for Node.js (Loki/Grafana ready)",
   "main": "src/index.js",
   "type": "commonjs",

package/src/http/express.js CHANGED Viewed

@@ -41,36 +41,99 @@ function expressMiddleware(observe, opts = {}) {
       return _json(body);
     };
-    const _send = res.send.bind(res);
-    res.send = (body) => {
-      // if body is string/buffer, avoid logging full
-      capturedResponse = { truncated: true, bytes: Buffer.isBuffer(body) ? body.length : (typeof body === "string" ? Buffer.byteLength(body) : null) };
+ const _send = res.send.bind(res);
+res.send = (body) => {
+  try {
+    // If body is a JSON string, parse it and store full object
+    if (typeof body === "string") {
+      const trimmed = body.trim();
+      if (trimmed.startsWith("{") || trimmed.startsWith("[")) {
+        const parsed = JSON.parse(trimmed);
+        capturedResponse = pickResponseBody(parsed, maxResponseBytes);
+        return _send(body);
+      }
+      // non-json string => don't log full
+      capturedResponse = { truncated: true, bytes: Buffer.byteLength(body, "utf8") };
       return _send(body);
-    };
+    }
+    // If Buffer, don't log full
+    if (Buffer.isBuffer(body)) {
+      capturedResponse = { truncated: true, bytes: body.length };
+      return _send(body);
+    }
+    // If object (sometimes people do res.send({}))
+    if (typeof body === "object" && body !== null) {
+      capturedResponse = pickResponseBody(body, maxResponseBytes);
+      return _send(body);
+    }
+    capturedResponse = { truncated: true, bytes: null };
+    return _send(body);
+  } catch (e) {
+    capturedResponse = { truncated: true, bytes: null, parse_error: true };
+    return _send(body);
+  }
+};
+  res.on("finish", () => {
+  const duration_ms = Date.now() - start;
+  const originalUrl = req.originalUrl || req.url || "";
+  const pathOnly = originalUrl.split("?")[0];
+  const queryString = originalUrl.includes("?") ? originalUrl.split("?")[1] : "";
+  // ✅ best effort matched route pattern
+  // baseUrl is mounted path, route.path is endpoint pattern (like "/:id")
+  const routePath = req.route?.path;
+  const matchedRoute =
+    routePath ? `${req.baseUrl || ""}${routePath}` : undefined;
+  // ✅ headers (safe subset)
+  const headers = {
+    "user-agent": req.headers["user-agent"],
+    "content-type": req.headers["content-type"],
+    "content-length": req.headers["content-length"],
+    "referer": req.headers["referer"],
+  };
+  // ✅ auth info (don’t log token)
+  const hasAuth = !!req.headers.authorization;
+  // ✅ body (only if parsed)
+  const requestBody = req.body ? redact(req.body) : undefined;
+  observe.emit({
+    event_name: "http.response",
+    level: res.statusCode >= 500 ? "error" : res.statusCode >= 400 ? "warn" : "info",
+    message: `${req.method} ${originalUrl} -> ${res.statusCode} (${duration_ms}ms)`,
+    http: {
+      method: req.method,
+      status: res.statusCode,
+      path: pathOnly,
+      original_url: originalUrl,
+      matched_route: matchedRoute,      // ✅ tells exactly which API matched
+      duration_ms,
+      ip: req.ip,
+    },
+    request: {
+      headers,
+      has_auth: hasAuth,
+      query: req.query,                // parsed query object
+      query_string: queryString,       // raw query string
+      params: req.params,              // may be empty (see note)
+      body: requestBody,               // parsed body (if express.json ran before)
+    },
-    res.on("finish", () => {
-      const duration_ms = Date.now() - start;
-      observe.emit({
-        event_name: "http.response",
-        level: res.statusCode >= 500 ? "error" : res.statusCode >= 400 ? "warn" : "info",
-        message: `${req.method} ${req.originalUrl} -> ${res.statusCode} (${duration_ms}ms)`,
-        http: {
-          method: req.method,
-          path: (req.originalUrl || req.url || "").split("?")[0],
-          status: res.statusCode,
-          duration_ms,
-        },
-        request: {
-          query: req.query,
-          params: req.params,
-        },
-        response: {
-          status: res.statusCode,
-          ...capturedResponse, // { body?, truncated, bytes }
-        },
-      });
-    });
+    response: {
+      status: res.statusCode,
+      ...capturedResponse,
+    },
+  });
+});
     next();
   };