Skip to content

Phase 2: Logging, middleware, health checks, and setup_app()#5

Merged
manavgup merged 1 commit into
mainfrom
phase-2/logging-middleware
Mar 30, 2026
Merged

Phase 2: Logging, middleware, health checks, and setup_app()#5
manavgup merged 1 commit into
mainfrom
phase-2/logging-middleware

Conversation

@manavgup
Copy link
Copy Markdown
Owner

@manavgup manavgup commented Mar 30, 2026

Summary

  • Logging — LogConfig, recursive sensitive data masking, StructuredLogger with correlation ID contextvar
  • Middleware — CorrelationIdMiddleware (UUID per request), RequestLoggingMiddleware (method/path/status/duration), SecurityHeadersMiddleware (6 headers)
  • Health — GET /health + GET /health/detailed
  • FastStackConfig — dataclass with boolean toggles for every feature
  • setup_app() — one-call registration with per-feature enable/disable

Test coverage

31 new tests (100 total):

  • Masking: nested dicts, depth limit, case-insensitive, non-mutating
  • Middleware: correlation ID generation/propagation, security headers, non-override
  • Health: liveness and detailed endpoints
  • setup_app(): defaults, individual disable, CORS enable/disable

How to test

make check     # lint + typecheck + 100 tests pass

Or check CI on this PR — all 4 status checks should be green.

Part of

Phase 2 in #1

🤖 Generated with Claude Code

@manavgup @claude
Phase 2: Logging, middleware, health checks, and setup_app()
8328b54 
- logging/config.py: LogConfig dataclass
- logging/masking.py: Recursive sensitive data masking (depth-limited, non-mutating)
- logging/structured_logger.py: StructuredLogger + correlation_id contextvar
- middleware/correlation_id.py: UUID per request, X-Correlation-ID header
- middleware/request_logging.py: method/path/status/duration logging
- middleware/security_headers.py: HSTS, X-Frame-Options, etc.
- health/endpoints.py: GET /health + GET /health/detailed
- settings/config.py: FastStackConfig dataclass (toggles for all features)
- setup.py: setup_app() one-call registration with per-feature toggles

31 new tests (100 total) covering:
- Sensitive data masking (nested dicts, depth limit, case-insensitive)
- Correlation ID generation and propagation
- Security headers presence and non-override behavior
- Health endpoints
- setup_app() with all defaults and with features individually disabled
- CORS enable/disable

Part of Phase 2 in #1

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@manavgup manavgup merged commit f0ffd21 into main Mar 30, 2026
4 checks passed
@manavgup manavgup deleted the phase-2/logging-middleware branch March 30, 2026 19:39
@manavgup manavgup mentioned this pull request Mar 30, 2026
Open
46 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@manavgup