feat: Auth event logs WIP

lowdefy · Jun 19, 2023 · 7601894 · 7601894
1 parent b30412f
commit 7601894
Show file tree

Hide file tree

Showing 12 changed files with 72 additions and 48 deletions.
diff --git a/packages/api/src/context/createApiContext.js b/packages/api/src/context/createApiContext.js
@@ -28,6 +28,8 @@ function createApiContext({
   operators,
   secrets,
   session,
+  nextContext,
+  req,
 }) {
   const readConfigFile = createReadConfigFile({ buildDirectory, fileCache });
   return {
@@ -41,6 +43,8 @@ function createApiContext({
     readConfigFile,
     secrets,
     user: session?.user,
+    nextContext,
+    req,
   };
 }
 

diff --git a/packages/api/src/routes/auth/createLogger.js b/packages/api/src/routes/auth/createLogger.js
@@ -15,14 +15,10 @@
 */
 
 function createLogger({ logger }) {
+  // TODO: No debug logs in production server
   return {
     error: (code, metadata) => logger.error({ code, metadata, event: 'auth_error' }),
     warn: (code, metadata) => logger.warn({ code, metadata, event: 'auth_warning' }),
-    // TODO: If defined here, this will always be called by next-auth
-    // Either:
-    //  look at configured log level to respect user config
-    //  use `auth.debug`, then user must enable auth debugging (maybe confusing)
-    // TODO: Test debug messages
     debug: (code, metadata) => logger.debug({ code, metadata }),
   };
 }

diff --git a/packages/api/src/routes/auth/events/createCreateUserEvent.js b/packages/api/src/routes/auth/events/createCreateUserEvent.js
@@ -16,16 +16,23 @@
 
 import createEventPlugins from './createEventPlugins.js';
 
-function createCreateUserEvent({ authConfig, plugins }) {
+function createCreateUserEvent({ authConfig, logger, plugins }) {
   const createUserPlugins = createEventPlugins({
     authConfig,
     plugins,
     type: 'createUser',
   });
 
-  if (createUserPlugins.length === 0) return undefined;
-
   async function createUserEvent({ user }) {
+    logger.info({
+      event: 'auth_create_user',
+      user: {
+        id: user.id,
+        roles: user.roles,
+        sub: user.sub,
+        session_id: user.session_id,
+      },
+    });
     for (const plugin of createUserPlugins) {
       await plugin.fn({
         properties: plugin.properties ?? {},

diff --git a/packages/api/src/routes/auth/events/createEvents.js b/packages/api/src/routes/auth/events/createEvents.js
@@ -22,26 +22,17 @@ import createSignOutEvent from './createSignOutEvent.js';
 import createUpdateUserEvent from './createUpdateUserEvent.js';
 
 function createEvents({ authConfig, logger, plugins }) {
-  const events = {};
-
-  const createUser = createCreateUserEvent({ authConfig, plugins });
-  if (createUser) events.createUser = createUser;
-
-  const linkAccount = createLinkAccountEvent({ authConfig, plugins });
-  if (linkAccount) events.linkAccount = linkAccount;
+  const events = {
+    createUser: createCreateUserEvent({ authConfig, logger, plugins }),
+    linkAccount: createLinkAccountEvent({ authConfig, logger, plugins }),
+    signIn: createSignInEvent({ authConfig, logger, plugins }),
+    signOut: createSignOutEvent({ authConfig, logger, plugins }),
+    updateUser: createUpdateUserEvent({ authConfig, logger, plugins }),
+  };
 
   const session = createSessionEvent({ authConfig, plugins });
   if (session) events.session = session;
 
-  const signIn = createSignInEvent({ authConfig, plugins });
-  if (signIn) events.signIn = signIn;
-
-  const signOut = createSignOutEvent({ authConfig, plugins });
-  if (signOut) events.signOut = signOut;
-
-  const updateUser = createUpdateUserEvent({ authConfig, plugins });
-  if (updateUser) events.updateUser = updateUser;
-
   return events;
 }
 

diff --git a/packages/api/src/routes/auth/events/createLinkAccountEvent.js b/packages/api/src/routes/auth/events/createLinkAccountEvent.js
@@ -16,16 +16,23 @@
 
 import createEventPlugins from './createEventPlugins.js';
 
-function createLinkAccountEvent({ authConfig, plugins }) {
+function createLinkAccountEvent({ authConfig, logger, plugins }) {
   const linkAccountPlugins = createEventPlugins({
     authConfig,
     plugins,
     type: 'linkAccount',
   });
 
-  if (linkAccountPlugins.length === 0) return undefined;
-
   async function linkAccountEvent({ account, profile, user }) {
+    logger.info({
+      event: 'auth_link_account',
+      user: {
+        id: user.id,
+        roles: user.roles,
+        sub: user.sub,
+        session_id: user.session_id,
+      },
+    });
     for (const plugin of linkAccountPlugins) {
       await plugin.fn({
         properties: plugin.properties ?? {},

diff --git a/packages/api/src/routes/auth/events/createSignInEvent.js b/packages/api/src/routes/auth/events/createSignInEvent.js
@@ -16,16 +16,25 @@
 
 import createEventPlugins from './createEventPlugins.js';
 
-function createSignInEvent({ authConfig, plugins }) {
+function createSignInEvent({ authConfig, logger, plugins }) {
   const signInPlugins = createEventPlugins({
     authConfig,
     plugins,
     type: 'signIn',
   });
 
-  if (signInPlugins.length === 0) return undefined;
-
+  // TODO: Log provider
   async function signInEvent({ account, isNewUser, profile, user }) {
+    logger.info({
+      event: 'auth_sign_in',
+      isNewUser,
+      user: {
+        id: user.id,
+        roles: user.roles,
+        sub: user.sub,
+        session_id: user.session_id,
+      },
+    });
     for (const plugin of signInPlugins) {
       await plugin.fn({
         properties: plugin.properties ?? {},

diff --git a/packages/api/src/routes/auth/events/createSignOutEvent.js b/packages/api/src/routes/auth/events/createSignOutEvent.js
@@ -16,25 +16,28 @@
 
 import createEventPlugins from './createEventPlugins.js';
 
-function createSignOutEvent({ authConfig, plugins }) {
-  const signInPlugins = createEventPlugins({
+function createSignOutEvent({ authConfig, logger, plugins }) {
+  const signOutPlugins = createEventPlugins({
     authConfig,
     plugins,
     type: 'signOut',
   });
 
-  if (signInPlugins.length === 0) return undefined;
-
-  async function signInEvent({ session, token }) {
-    for (const plugin of signInPlugins) {
+  async function signOutEvent({ session, token }) {
+    console.log({ session, token });
+    // logger.info({
+    //   event: 'auth_sign_out',
+    //   user: session.user,
+    // });
+    for (const plugin of signOutPlugins) {
       await plugin.fn({
         properties: plugin.properties ?? {},
         session,
         token,
       });
     }
   }
-  return signInEvent;
+  return signOutEvent;
 }
 
 export default createSignOutEvent;
diff --git a/packages/api/src/routes/auth/events/createUpdateUserEvent.js b/packages/api/src/routes/auth/events/createUpdateUserEvent.js
@@ -16,16 +16,23 @@
 
 import createEventPlugins from './createEventPlugins.js';
 
-function createUpdateUserEvent({ authConfig, plugins }) {
+function createUpdateUserEvent({ authConfig, logger, plugins }) {
   const updateUserPlugins = createEventPlugins({
     authConfig,
     plugins,
     type: 'updateUser',
   });
 
-  if (updateUserPlugins.length === 0) return undefined;
-
   async function updateUserEvent({ user }) {
+    logger.info({
+      event: 'auth_update_user',
+      user: {
+        id: user.id,
+        roles: user.roles,
+        sub: user.sub,
+        session_id: user.session_id,
+      },
+    });
     for (const plugin of updateUserPlugins) {
       await plugin.fn({
         properties: plugin.properties ?? {},

diff --git a/packages/api/src/routes/auth/getNextAuthConfig.js b/packages/api/src/routes/auth/getNextAuthConfig.js
@@ -51,8 +51,7 @@ function getNextAuthConfig({ authJson, logger, plugins, secrets }) {
   nextAuthConfig.events = createEvents({ authConfig, logger, plugins });
   nextAuthConfig.logger = createLogger({ logger });
   nextAuthConfig.providers = createProviders({ authConfig, plugins });
-
-  nextAuthConfig.debug = authConfig.debug;
+  nextAuthConfig.debug = authConfig.debug ?? logger?.isLevelEnabled('debug') === true;
   nextAuthConfig.pages = authConfig.authPages;
   nextAuthConfig.session = authConfig.session;
   nextAuthConfig.theme = authConfig.theme;

diff --git a/packages/server/lib/apiWrapper.js b/packages/server/lib/apiWrapper.js
@@ -47,6 +47,7 @@ function apiWrapper(handler) {
         operators,
         secrets: getSecretsFromEnv(),
         session,
+        req,
       });
       logRequest({ context });
       // Await here so that if handler throws it is caught.

diff --git a/packages/server/lib/log/logRequest.js b/packages/server/lib/log/logRequest.js
@@ -30,6 +30,10 @@ function logRequest({ context, metadata = {} }) {
       sub: user.sub,
       session_id: user.session_id, // TODO: Implement session id
     },
+    url: context.req.url,
+    method: context.req.method,
+    resolvedUrl: context.nextContext?.resolvedUrl,
+    hostname: context.req.hostname,
     headers: {
       'accept-language': headers['accept-language'],
       'sec-ch-ua-mobile': headers['sec-ch-ua-mobile'],
@@ -59,13 +63,7 @@ function logRequest({ context, metadata = {} }) {
   });
   // TODO:
   // Next local? nextContext.locale, nextContext.locales, nextContext.defaultLocale
-  // console.log('url', nextContext.req?.url);
-  // console.log('method', nextContext.req?.method);
-  // console.log('hostname', nextContext.req?.hostname);
-  // console.log('resolvedUrl', nextContext.resolvedUrl);
   // console.log('params', nextContext.params);
-  // console.log('context', context);
-  // console.log('nextContext', nextContext);
 }
 
 export default logRequest;

diff --git a/packages/server/lib/serverSidePropsWrapper.js b/packages/server/lib/serverSidePropsWrapper.js
@@ -42,6 +42,8 @@ function serverSidePropsWrapper(handler) {
         headers: req.headers,
         logger,
         session,
+        nextContext,
+        req,
       });
       logRequest({ context });
       // Await here so that if handler throws it is caught.