psf-bch-api 7.3.10 → 7.3.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/server.js +5 -1
- package/dev-docs/update-logs/2026-03-17.md +60 -0
- package/package.json +1 -1
package/bin/server.js
CHANGED
|
@@ -59,6 +59,7 @@ class Server {
|
|
|
59
59
|
try {
|
|
60
60
|
// Create an Express instance.
|
|
61
61
|
const app = express()
|
|
62
|
+
app.set('trust proxy', true)
|
|
62
63
|
|
|
63
64
|
const x402Settings = getX402Settings()
|
|
64
65
|
const basicAuthSettings = getBasicAuthSettings()
|
|
@@ -183,7 +184,10 @@ class Server {
|
|
|
183
184
|
|
|
184
185
|
// Request logging middleware
|
|
185
186
|
app.use((req, res, next) => {
|
|
186
|
-
wlogger.info(`${req.method} ${req.path}
|
|
187
|
+
wlogger.info(`${req.method} ${req.path}`, {
|
|
188
|
+
client_ip: req.ip,
|
|
189
|
+
remote_address: req.socket?.remoteAddress || null
|
|
190
|
+
})
|
|
187
191
|
next()
|
|
188
192
|
})
|
|
189
193
|
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
# 2026-03-17 Update Log
|
|
2
|
+
|
|
3
|
+
## Summary
|
|
4
|
+
|
|
5
|
+
Enhanced REST request logging to capture client network identity in Winston logs and enabled proxy-aware IP resolution.
|
|
6
|
+
|
|
7
|
+
## Changes Made
|
|
8
|
+
|
|
9
|
+
- Updated `bin/server.js`:
|
|
10
|
+
- Set Express proxy handling with `app.set('trust proxy', true)`.
|
|
11
|
+
- Kept the current Winston request message format (`"${req.method} ${req.path}"`).
|
|
12
|
+
- Added structured Winston metadata fields to request logs:
|
|
13
|
+
- `client_ip` from `req.ip`
|
|
14
|
+
- `remote_address` from `req.socket.remoteAddress`
|
|
15
|
+
|
|
16
|
+
## Useful Fields Available for REST Request Logging
|
|
17
|
+
|
|
18
|
+
- Routing and request basics:
|
|
19
|
+
- `method` (`req.method`)
|
|
20
|
+
- `path` (`req.path`)
|
|
21
|
+
- `original_url` (`req.originalUrl`)
|
|
22
|
+
- `query` (`req.query`)
|
|
23
|
+
- Client network identity:
|
|
24
|
+
- `client_ip` (`req.ip`)
|
|
25
|
+
- `forwarded_ips` (`req.ips`, when behind one or more proxies)
|
|
26
|
+
- `remote_address` (`req.socket.remoteAddress`)
|
|
27
|
+
- HTTP and transport:
|
|
28
|
+
- `protocol` (`req.protocol`)
|
|
29
|
+
- `secure` (`req.secure`)
|
|
30
|
+
- `http_version` (`req.httpVersion`)
|
|
31
|
+
- `host` (`req.get('host')`)
|
|
32
|
+
- `origin` (`req.get('origin')`)
|
|
33
|
+
- `referer` (`req.get('referer')`)
|
|
34
|
+
- `user_agent` (`req.get('user-agent')`)
|
|
35
|
+
- Request/response performance and size:
|
|
36
|
+
- `status_code` (`res.statusCode`, from `res.on('finish')`)
|
|
37
|
+
- `duration_ms` (elapsed time between request start and response finish)
|
|
38
|
+
- `request_size_bytes` (`req.get('content-length')`)
|
|
39
|
+
- `response_size_bytes` (`res.getHeader('content-length')`)
|
|
40
|
+
- App-specific request context in this codebase:
|
|
41
|
+
- `basic_auth_valid` (`req.locals.basicAuthValid`)
|
|
42
|
+
- x402 decision/bypass status (derived from middleware path and config)
|
|
43
|
+
|
|
44
|
+
## Already Logging
|
|
45
|
+
|
|
46
|
+
- In Winston request logs:
|
|
47
|
+
- `message` with method + path (for example `GET /v6/full-node/blockchain/getBlockCount`)
|
|
48
|
+
- `client_ip`
|
|
49
|
+
- `remote_address`
|
|
50
|
+
- `timestamp` (from Winston timestamp formatter)
|
|
51
|
+
- `level`
|
|
52
|
+
- In console endpoint logs:
|
|
53
|
+
- Request line with method, path, and `req.ip`
|
|
54
|
+
- Response line with method, path, and final `res.statusCode`
|
|
55
|
+
|
|
56
|
+
## Outcome
|
|
57
|
+
|
|
58
|
+
- Request logs now preserve existing behavior while adding IP attribution fields.
|
|
59
|
+
- `trust proxy` ensures `req.ip` is proxy-aware when the server is deployed behind a reverse proxy.
|
|
60
|
+
- The project now has a documented list of high-value request fields for future logging expansion.
|