Skip to content

Commit

Permalink
Add additional logging for requests
Browse files Browse the repository at this point in the history
  • Loading branch information
Kagemaru committed Dec 27, 2023
1 parent 324149d commit 3e4358e
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 6 deletions.
25 changes: 25 additions & 0 deletions app/controllers/application_controller.rb
Original file line number Diff line number Diff line change
@@ -1,8 +1,33 @@
class ApplicationController < ActionController::Base
before_action :set_sentry_context

around_action :global_request_logging

private

def global_request_logging
http_request_header_keys = request.headers.env.keys
# http_request_header_keys = request.headers.env.keys.select{|header_name| header_name.match("^HTTP.*|^X-User.*")}
# http_request_headers = request.headers.env.select{|header_name, header_value| http_request_header_keys.index(header_name)}
msg = {
request_method: request.method,
ip: request.ip,
remote_ip: request.remote_ip,
url: request.url,
fullpath: request.fullpath,
user_agent: ('"' + request.user_agent.to_s + '"'),
headers: request.headers,
token: ActionController::HttpAuthentication::Token.token_and_options(request),
params: params
}

begin
yield
ensure
puts response.body
end
end

def set_sentry_context
Raven.user_context(sentry_user_context)
Raven.extra_context(sentry_extra_context)
Expand Down
40 changes: 34 additions & 6 deletions config/initializers/rack-attack.rb
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,6 @@

Rack::Attack.enabled = ENV.fetch('ENABLE_RACK_ATTACK', Rails.env.production?.to_s).in?(%w[true 1])

ActiveSupport::Notifications.subscribe(/rack_attack/) do |name, start, finish, request_id, payload|
# request object available in payload[:request]
request = payload[:request]
Rails.logger.warn "RACK ATTACK #{name} - #{request.ip} - #{request.url}"
end

safelist_ips = ENV.fetch('RACK_ATTACK_SAFELIST_IPS', '').split(',').map(&:strip)

safelist_ips.each do |ip_or_subnet|
Expand All @@ -17,3 +11,37 @@

Rack::Attack.safelist_ip(ip_or_subnet)
end

ActiveSupport::Notifications.subscribe(/rack_attack/) do |name, start, finish, request_id, payload|
# request object available in payload[:request]
request = payload[:request]
Rails.logger.warn "RACK ATTACK #{name} - #{request.ip} - #{request.url}"
end

ActiveSupport::Notifications.subscribe('rack.attack') do |_name, _start, _finish, _request_id, req|
req = req[:request]
# msg = [req.env['rack.attack.match_type'], req.ip, req.request_method, req.fullpath, ('"' + req.user_agent.to_s + '"')].join(' ')
hash = {
match_type: req.env['rack.attack.match_type'],
request: {
request_method: req.request_method,
ip: req.ip,
remote_ip: req.remote_ip,
url: req.url,
fullpath: req.fullpath,
user_agent: ('"' + req.user_agent.to_s + '"'),
headers: request.headers,
params: req[:params]
}
}

msg = Hash[*hash.sort.flatten].to_json

logger = Logger.new('log/rack-attack.log')

if %i[throttle blocklist].include?(req.env['rack.attack.match_type'])
logger.error(msg)
else
logger.info(msg)
end
end

0 comments on commit 3e4358e

Please sign in to comment.