fix(#12): Implement structured logging for API errors and security events

2026-03-06 23:06:22 +00:00 · 2026-03-06 23:06:22 +00:00 · 32480438c7
commit 32480438c7
parent f860f47018
2 changed files with 26 additions and 0 deletions
--- a/backend/src/middleware/logger.js
+++ b/backend/src/middleware/logger.js
@ -0,0 +1,25 @@
+function logger(req, res, next) {
+  req.requestId = Math.random().toString(36).substring(2, 10);
+  console.log(JSON.stringify({
+    timestamp: new Date().toISOString(),
+    method: req.method,
+    url: req.url,
+    requestId: req.requestId,
+    level: 'info'
+  }));
+  res.on('finish', () => {
+    const securityEvent = [401, 403].includes(res.statusCode);
+    console.log(JSON.stringify({
+      timestamp: new Date().toISOString(),
+      method: req.method,
+      url: req.url,
+      status: res.statusCode,
+      requestId: req.requestId,
+      level: res.statusCode >= 400 ? 'error' : 'info',
+      securityEvent: securityEvent
+    }));
+  });
+  next();
+}
+
+module.exports = logger;
--- a/backend/src/server.js
+++ b/backend/src/server.js
@ -7,6 +7,7 @@ import reviewRoutes from './routes/reviews.js';
 import addressRoutes from './routes/addresses.js';
 import contactRoutes from './routes/contacts.js';
 import profileRoutes from './routes/profile.js';
+import logger from './middleware/logger.js';

 dotenv.config();