Express request object containing HTTP request information
Express response object for HTTP response handling
Express next function to continue middleware chain
Continues to next middleware after setting up logging hooks
// Basic middleware setup in Express application
import express from 'express';
import { requestLogger } from '@/shared/middleware/requestLogger';
const app = express();
// Apply request logging to all routes
app.use(requestLogger);
// All routes after this point will be automatically logged
app.get('/api/users', (req, res) => {
res.json({ users: [] });
});
// Logs will show:
// [HTTP] Incoming request: POST /api/users from 192.168.1.100
// [HTTP] Request completed: POST /api/users - 200 (45ms)
// Recommended middleware order for optimal logging
import { requestLogger, errorHandler } from '@/shared/middleware';
const app = express();
// Security and parsing middleware first
app.use(helmet());
app.use(cors());
app.use(express.json({ limit: '10mb' }));
app.use(express.urlencoded({ extended: true }));
// Request logging after parsing but before business logic
app.use(requestLogger);
// Authentication and validation middleware
app.use('/api/auth', authRoutes);
app.use('/api/users', authenticateToken, userRoutes);
// Error handling middleware last
app.use(errorHandler);
// Log output examples for different request types
// GET request log:
// [2024-01-20 10:30:00] HTTP: Incoming request {
// method: 'GET',
// url: '/api/v1/courses?page=1&limit=20',
// ip: '192.168.1.100',
// userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)',
// timestamp: '2024-01-20T10:30:00.000Z'
// }
// [2024-01-20 10:30:00] HTTP: Request completed {
// method: 'GET',
// url: '/api/v1/courses?page=1&limit=20',
// statusCode: 200,
// duration: '23ms',
// ip: '192.168.1.100',
// timestamp: '2024-01-20T10:30:00.023Z'
// }
// Error request logging
// POST /api/v1/auth/login with invalid credentials:
// [2024-01-20 10:30:00] HTTP: Incoming request {
// method: 'POST',
// url: '/api/v1/auth/login',
// ip: '192.168.1.100',
// userAgent: 'PostmanRuntime/7.32.3',
// timestamp: '2024-01-20T10:30:00.000Z'
// }
// [2024-01-20 10:30:00] HTTP: Request completed {
// method: 'POST',
// url: '/api/v1/auth/login',
// statusCode: 401,
// duration: '156ms',
// ip: '192.168.1.100',
// timestamp: '2024-01-20T10:30:00.156Z'
// }
// High-traffic performance monitoring
// The middleware efficiently handles concurrent requests:
// [2024-01-20 10:30:00] HTTP: Request completed { method: 'GET', url: '/api/health', statusCode: 200, duration: '2ms' }
// [2024-01-20 10:30:00] HTTP: Request completed { method: 'POST', url: '/api/users', statusCode: 201, duration: '89ms' }
// [2024-01-20 10:30:00] HTTP: Request completed { method: 'GET', url: '/api/courses', statusCode: 200, duration: '45ms' }
@function requestLogger
HTTP Request Logging Middleware for Express Applications
Express middleware function that provides comprehensive logging of HTTP requests and responses for the WayrApp backend API. This middleware captures detailed information about each HTTP transaction, including request metadata, response details, and performance metrics, making it an essential component for application monitoring, debugging, and security auditing.
The middleware operates by intercepting incoming requests and logging their details immediately, then overriding the response's end method to capture response information and calculate request duration. This approach ensures complete transaction logging without impacting request processing performance or interfering with normal Express middleware flow.
Request logging includes HTTP method, full URL path, client IP address, user agent string, and precise timestamp information. Response logging captures HTTP status code, request processing duration in milliseconds, and completion timestamp. This comprehensive logging provides the data foundation for performance monitoring, error tracking, security analysis, and operational insights.
The middleware integrates with the Winston-based logging system, utilizing the 'http' log level for request/response events. This integration ensures consistent log formatting, proper log level management, and seamless integration with log aggregation and monitoring systems in production environments.
Performance considerations include minimal overhead through efficient timestamp calculation, non-blocking logging operations that don't delay request processing, and careful memory management to prevent memory leaks in high-traffic scenarios. The middleware is designed to handle thousands of concurrent requests without impacting application performance.
Security features include automatic IP address logging for security monitoring, user agent tracking for threat detection and bot identification, and structured logging that supports security information and event management (SIEM) systems. The middleware carefully avoids logging sensitive data while maintaining sufficient context for security analysis.
The middleware supports the application's distributed architecture by providing consistent logging behavior across multiple nodes and services, enabling centralized log aggregation and cross-service request tracing for complex distributed operations.