Skip to content

feat: add structured logging, API metrics, request tracing, and audit logs#39

Merged
mighty840 merged 2 commits intomainfrom
feat/structured-logger-metrics-audit
Mar 9, 2026
Merged

feat: add structured logging, API metrics, request tracing, and audit logs#39
mighty840 merged 2 commits intomainfrom
feat/structured-logger-metrics-audit

Conversation

@mighty840
Copy link
Copy Markdown
Owner

@mighty840 mighty840 commented Mar 2, 2026
edited
Loading

Summary

  • Replace all console.* calls with pino structured logger (JSON in prod, pretty in dev, silent in test)
  • Add request ID middleware (x-request-id header) for end-to-end tracing
  • Add pino-http middleware replacing morgan for HTTP request logging
  • Add API metrics collector that records per-request metrics (method, path, status, response time) to a new ApiMetric table
  • Add audit log system with fire-and-forget auditLog() helper used across 8 controllers (staff, menu-item, category, order, coupon, settings, location, automation)
  • Add Developer API endpoints: GET /api/developer/metrics, GET /api/developer/metrics/endpoints, GET /api/developer/audit-logs
  • Add Admin > Developer > API Metrics page with time range selector, stat cards, request/response time charts (Recharts), and top endpoints table
  • Add Admin > Developer > Audit Log page with entity/action/search filters and paginated table
  • Metrics visible to MANAGER+, audit log restricted to SUPER_ADMIN only

Closes #14

Test plan

  • Run npx prisma migrate dev — migration creates api_metrics and audit_logs tables
  • Start server — structured JSON/pretty logs appear, no console.* output
  • Make HTTP requests — verify x-request-id response header present
  • Check api_metrics table has rows after requests
  • Perform admin actions (create/update/delete menu items, etc.) — verify audit_logs table has rows
  • Log in as MANAGER — Developer > API Metrics page shows charts and endpoint data
  • Log in as SUPER_ADMIN — Developer > Audit Log page shows entries
  • Log in as MANAGER — Audit Log route redirects (SUPER_ADMIN only)
  • Log in as STAFF — Developer section not visible in nav

🤖 Generated with Claude Code

@mighty840 @claude
feat: add structured logging, API metrics, request tracing, and audit…
f38de6c 
… logs

Replace all console.* calls with pino structured logger. Add request ID
middleware for tracing, pino-http for HTTP logging, per-request metrics
collection to DB, and a fire-and-forget audit log system for admin actions.

- Add pino/pino-http, remove morgan
- Add ApiMetric and AuditLog Prisma models with migration
- Add requestId, httpLogger, metricsCollector middleware
- Add auditLog() helper used across 8 controllers
- Add /api/developer endpoints (metrics + audit logs)
- Add Developer section in admin with API Metrics and Audit Log pages
- Metrics visible to MANAGER+, audit log restricted to SUPER_ADMIN

Closes #14

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@mighty840 mighty840 force-pushed the feat/structured-logger-metrics-audit branch from 1cbaf65 to f38de6c Compare March 9, 2026 08:13
@mighty840 @claude
fix: catch synchronous errors in auditLog to prevent test timeouts
549d2cd 
Wrap the fire-and-forget audit log write in try-catch so that when
prisma.auditLog is undefined (e.g. in mocked test environments), the
synchronous TypeError is caught instead of bubbling up and preventing
the controller from sending a response.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@mighty840 mighty840 merged commit 5e3f455 into main Mar 9, 2026
8 checks passed
@mighty840 mighty840 deleted the feat/structured-logger-metrics-audit branch March 9, 2026 09:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Replace console.* calls with structured logger (pino or winston)

1 participant

@mighty840