Security News
OpenJS: “XZ Utils Cyberattack Likely Not an Isolated Incident”
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
@americanairlines/controller-interceptor
Advanced tools
Weekly downloads
Readme
Written in Typescript
Controller Interceptor is a small Typescript package that allows for the interception of requests made to an ExpressJS service. Controller interceptor also attaches a TraceId to the request headers. The TraceId is implemented synchronously and does not use async-storage. This is to avoid the performance impact caused by calling async storage each request.
To install
$ npm i @americanairlines/controller-interceptor
Create your interceptor
const interceptor = require("@americanairlines/controller-interceptor");
function beforeController(requestInfo) {
let { requestId, method, url, params, headers, body } = requestInfo;
console.log("RequestId " + requestId);
console.log("Request Type " + method);
console.log("Request Url " + url);
console.log("Request Params " + params);
console.log("Request Headers " + headers);
console.log("Request Body" + body);
}
function afterController(requestInfo) {
let { requestId, method, url, params, headers, body } = requestInfo;
console.log("RequestId " + requestId);
console.log("Request Type " + method);
console.log("Request Url " + url);
console.log("Request Params " + params);
console.log("Request Headers " + headers);
console.log("Request Body" + body);
}
module.exports.default = interceptor(beforeController, afterController);
Attach interceptor as middleware in ExpressJS
const express = require("express");
const interceptor = require("../path/to/interceptor");
const app = express();
app.use(interceptor);
app.listen(3000);
The trace ids are of the format X-Trace-Id
. The instanceId is generated when the server starts, and the requestId is generated when the route is called. This allows for tracing calls to specific routes as well as tracing requests to a specific instance of a service.
This is the logging object with the request info that the handler functions have access to.
RequestInfo = {
requestId: string; // The trace Id of the request
method: string; // The http method of the request
url: string; // The url that the request was made to
params: Object; // The params passed to the request
headers: Object; // The header object of the incoming/outgoing request
body: Body; // The body of the incoming/outgoing request
}
These functions are not passed the actual body or header objects, just copies of them. You are not able to mutate these fields in the handler functions.
You can pass options to the interceptor.
const options = {
instanceIdLength: 6,
requestIdLength: 16,
};
// This will cause the interceptor to generate a trace id with 6 digits for for the instance id and 16 digits for the request id length
module.exports.default = interceptor(
beforeController,
afterController,
options
);
Steven Paulino Charlie Albright
FAQs
A simple interceptor for ExpressJs for logging/tracing purposes.
The npm package @americanairlines/controller-interceptor receives a total of 1 weekly downloads. As such, @americanairlines/controller-interceptor popularity was classified as not popular.
We found that @americanairlines/controller-interceptor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
Company News
Come meet the Socket team at BSidesSF and RSA! We're sponsoring several fun networking events and we would love to see you there.
Security News
OSI is starting a conversation aimed at removing the excuse of the SaaS loophole for companies navigating licensing and the complexities of doing business with open source.