IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-15 10:03:33 -06:00
Code Issues Packages Projects Releases Wiki Activity
9be73e758d
grafana/pkg/middleware/logger.go
sh0rez 534ece064b
pkg/web: closure-style middlewares (#51238) 
* pkg/web: closure-style middlewares

Switches the middleware execution model from web.Handlers in a slice to
web.Middleware.
Middlewares are temporarily kept in a slice to preserve ordering, but
prior to execution they are applied, forming a giant call-stack, giving
granular control over the execution flow.

* pkg/middleware: adapt to web.Middleware

* pkg/middleware/recovery: use c.Req over req

c.Req gets updated by future handlers, while req stays static.

The current recovery implementation needs this newer information

* pkg/web: correct middleware ordering

* pkg/webtest: adapt middleware

* pkg/web/hack: set w and r onto web.Context

By adopting std middlewares, it may happen they invoke next(w,r) without
putting their modified w,r into the web.Context, leading old-style
handlers to operate on outdated fields.

pkg/web now takes care of this

* pkg/middleware: selectively use future context

* pkg/web: accept closure-style on Use()

* webtest: Middleware testing

adds a utility function to web/webtest to obtain a http.ResponseWriter,
http.Request and http.Handler the same as a middleware that runs would receive

* *: cleanup

* pkg/web: don't wrap Middleware from Router

* pkg/web: require chain to write response

* *: remove temp files

* webtest: don't require chain write

* *: cleanup
2022-08-09 14:58:50 +02:00

103 lines
2.6 KiB
Go
Raw Blame History

// Copyright 2013 Martini Authors
// Copyright 2014 Unknwon
//
// Licensed under the Apache License, Version 2.0 (the "License"): you may
// not use this file except in compliance with the License. You may obtain
// a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
// License for the specific language governing permissions and limitations
// under the License.
package middleware
import (
"net/http"
"net/url"
"time"
"github.com/grafana/grafana/pkg/infra/tracing"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/contexthandler"
"github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/web"
)
func Logger(cfg *setting.Cfg) web.Middleware {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
start := time.Now()
rw := web.Rw(w, r)
next.ServeHTTP(rw, r)
timeTaken := time.Since(start) / time.Millisecond
duration := time.Since(start).String()
ctx := contexthandler.FromContext(r.Context())
if ctx != nil && ctx.PerfmonTimer != nil {
ctx.PerfmonTimer.Observe(float64(timeTaken))
}
status := rw.Status()
if status == 200 || status == 304 {
if !cfg.RouterLogging {
return
}
}
if ctx != nil {
logParams := []interface{}{
"method", r.Method,
"path", r.URL.Path,
"status", status,
"remote_addr", ctx.RemoteAddr(),
"time_ms", int64(timeTaken),
"duration", duration,
"size", rw.Size(),
"referer", SanitizeURL(ctx, r.Referer()),
}
traceID := tracing.TraceIDFromContext(ctx.Req.Context(), false)
if traceID != "" {
logParams = append(logParams, "traceID", traceID)
}
if status >= 500 {
ctx.Logger.Error("Request Completed", logParams...)
} else {
ctx.Logger.Info("Request Completed", logParams...)
}
}
})
}
}
var sensitiveQueryStrings = [...]string{
"auth_token",
}
func SanitizeURL(ctx *models.ReqContext, s string) string {
if s == "" {
return s
}
u, err := url.ParseRequestURI(s)
if err != nil {
ctx.Logger.Warn("Received invalid referer in request headers, removed for log forgery prevention")
return ""
}
// strip out sensitive query strings
values := u.Query()
for _, query := range sensitiveQueryStrings {
values.Del(query)
}
u.RawQuery = values.Encode()
return u.String()
}
Reference in New Issue View Git Blame Copy Permalink