Add additional logging for requests

puzzle · Dec 28, 2023 · 7067bff · 7067bff
1 parent 324149d
commit 7067bff
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 6 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,8 +1,30 @@
 class ApplicationController < ActionController::Base
   before_action :set_sentry_context
 
+  around_action :global_request_logging
+
   private
 
+  def global_request_logging
+    # http_request_header_keys = request.headers.env.keys.select{|header_name| header_name.match("^HTTP.*|^X-User.*")}
+    # http_request_headers = request.headers.env.select{|header_name, header_value| http_request_header_keys.index(header_name)}
+    hash = {
+      request_method: request.method,
+      ip: request.ip,
+      remote_ip: request.remote_ip,
+      url: request.url,
+      fullpath: request.fullpath,
+      user_agent: ('"' + request.user_agent.to_s + '"'),
+      headers: request.headers.env.reject { |key| key.to_s.include?('.') },
+      token: ActionController::HttpAuthentication::Token.token_and_options(request),
+      params: params
+    }
+    msg = Hash[*hash.sort.flatten].to_json
+
+    logger = Logger.new('log/request.log')
+    logger.info(msg)
+  end
+
   def set_sentry_context
     Raven.user_context(sentry_user_context)
     Raven.extra_context(sentry_extra_context)

diff --git a/config/initializers/rack-attack.rb b/config/initializers/rack-attack.rb
@@ -3,12 +3,6 @@
 
 Rack::Attack.enabled = ENV.fetch('ENABLE_RACK_ATTACK', Rails.env.production?.to_s).in?(%w[true 1])
 
-ActiveSupport::Notifications.subscribe(/rack_attack/) do |name, start, finish, request_id, payload|
-  # request object available in payload[:request]
-  request = payload[:request]
-  Rails.logger.warn "RACK ATTACK #{name} - #{request.ip} - #{request.url}"
-end
-
 safelist_ips = ENV.fetch('RACK_ATTACK_SAFELIST_IPS', '').split(',').map(&:strip)
 
 safelist_ips.each do |ip_or_subnet|
@@ -17,3 +11,37 @@
 
   Rack::Attack.safelist_ip(ip_or_subnet)
 end
+
+ActiveSupport::Notifications.subscribe(/rack_attack/) do |name, start, finish, request_id, payload|
+  # request object available in payload[:request]
+  request = payload[:request]
+  Rails.logger.warn "RACK ATTACK #{name} - #{request.ip} - #{request.url}"
+end
+
+ActiveSupport::Notifications.subscribe('rack.attack') do |_name, _start, _finish, _request_id, req|
+  req = req[:request]
+  # msg = [req.env['rack.attack.match_type'], req.ip, req.request_method, req.fullpath, ('"' + req.user_agent.to_s + '"')].join(' ')
+  hash = {
+    match_type: req.env['rack.attack.match_type'],
+    request: {
+      request_method: req.request_method,
+      ip: req.ip,
+      remote_ip: req.remote_ip,
+      url: req.url,
+      fullpath: req.fullpath,
+      user_agent: ('"' + req.user_agent.to_s + '"'),
+      headers: req.headers.env.reject { |key| key.to_s.include?('.') },
+      params: req[:params]
+    }
+  }
+
+  msg = Hash[*hash.sort.flatten].to_json
+
+  logger = Logger.new('log/rack-attack.log')
+
+  if %i[throttle blocklist].include?(req.env['rack.attack.match_type'])
+    logger.error(msg)
+  else
+    logger.info(msg)
+  end
+end