import pinoMulti from 'pino-multi-stream';
const { NODE_ENV, DD_API_KEY, LOGGER_TYPE } = process.env;
const ddStream = {
stream: ddTransport.createWriteStreamSync({
//TODO: Investigate better "tags!"
apiKey: `${DD_API_KEY}`,
size: 1,
service: NODE_ENV === 'production' ? 'dev-aws-auth' : 'dev-local-auth',
ddsource: NODE_ENV === 'production' ? 'dev-aws' : 'dev-local',
}),
};
const prettyStdOut = { stream: pinoMulti.prettyStream({
colorize: true,
stream: process.stdout,
})};
export const myLogger =
LOGGER_TYPE === 'production'
? pinoMulti({ streams: [ddStream] })
: pinoMulti({ streams: [ddStream, prettyStdOut] });
我们可以在express上添加过滤器pinoLogger生成的req对象吗?就像它在使用ddStream 登录到文件之前在req对象中显示cookie一样
SampleLogs附加上述代码中的示例日志。cookie可以从req对象中过滤出来吗,或者在我们将日志存储到文件之前
res: {
"statusCode": 200,
"headers": {
"accept-ranges": "bytes",
"cache-control": "public, max-age=0",
"last-modified": "Thu, 24 Sep 2020 21:36:03 GMT",
"content-type": "text/html; charset=UTF-8",
"content-length": 28
}
}
responseTime: 15
logger: "customLog"
req: {
"id": 1,
"method": "GET",
"url": "/",
"headers": {
"host": "localhost:8000",
"accept": "text/html,application/xhtml+xml,application/xml",
"**cookie**": "connect.sid=xxxxx.yyyyy",
"accept-language": "en-us",
"accept-encoding": "gzip, deflate",
"connection": "keep-alive"
},
"remoteAddress": "
}
隐藏req中的标头和express应用程序上的响应,该应用程序在记录器中生成机密信息 添加关于express应用程序对象本身的声明
const app = express();
app.use(function(req, res, next) {
delete req.headers['cookie']; // should be lowercase
delete req.headers['set-cookie'];
next();
});
.use(session({
secret: 'xxx',
resave: false,
saveUninitialized: false}))//the session cookie will not be set on the browser unless the session is modified