4

I'm using koa-pino-logger and by default I get that full request details when the request is completed:

req: {
  "id": 1,
  "method": "POST",
  "url": "/v1/applications/c2cc6b32-1533-4c4c-b8b6-b581855839bb/applicants",
  "headers": {
    "content-type": "application/json",
    "authorization": "Bearer eyJ0eXAiOiJK...",
    "user-agent": "PostmanRuntime/7.17.1",
    "accept": "*/*",
    "cache-control": "no-cache",
    "postman-token": "ac990b73-0eb7-4ab1-9767-6e36e96fd101",
    "host": "localhost:8080",
    "accept-encoding": "gzip, deflate",
    "content-length": "406",
    "connection": "keep-alive"
  },
  "remoteAddress": "::ffff:172.18.0.1",
  "remotePort": 54348
}
res: {
  "statusCode": 201,
  "headers": {
    "x-dns-prefetch-control": "off",
    "x-frame-options": "SAMEORIGIN",
    "strict-transport-security": "max-age=15552000; includeSubDomains",
    "x-download-options": "noopen",
    "x-content-type-options": "nosniff",
    "x-xss-protection": "1; mode=block",
    "content-type": "application/json; charset=utf-8",
    "content-length": "68"
  }
}
responseTime: 1185

I tried using redact (https://github.com/pinojs/pino/blob/master/docs/redaction.md) to remove the req.headers

import logger = require('koa-pino-logger');

const app: any = new Koa()
  .use(logger({
    redact: ['req.headers','req.headers.authorization'] // This is not working >:()
  }))
  .use(helmet())
  .use(bodyParser())
  .use(coreErrorsMiddleware)
  .use(
    oas({
      file: `${__dirname}/docs/openapi.yaml`,
      uiEndpoint: '/swagger',
      endpoint: '/openapi.json',
      errorHandler,
      validateResponse: false,
      enableUi: isDevelopmentEnvironment,
    })
  )
  .use(reload(() => import('./routes')));

This has no effect at all, what has an effect though is serializers but if I try to modify the req log and return it i get a schema validation error:

  .use(logger({
    serializers: {
      ["req"]: (val) => {
        // retracting req logging
        val.headers = 'redacted';
        return val
      },
    },
  }))

results in

RequestValidationError: Schema validation error

So what I'm working with now is completely redacting req by not returning anything:

  .use(logger({
    serializers: {
      ["req"]: (val) => {
        // retracting req logging
      },
    },
  }))

which results in:

screenshot of terminal showing error message

Am I using redact wrong? Are there any other loggers that I can use to achieve what I'm after?

Software Engineer
  • 15,457
  • 7
  • 74
  • 102
Naguib Ihab
  • 4,259
  • 7
  • 44
  • 80

1 Answers1

0

I would check the version of pino that you've got installed. redact, as a feature of pino came in with v5.0.0. If you've got a pino version < v5.*, you need to use pino-noir.

Nicholas Carey
  • 71,308
  • 16
  • 93
  • 135