1.优化接口/api/v1/getPlayerGameRecord
2.增加接口日志记录接口request和response
This commit is contained in:
201
server/app/api/middleware/ApiAccessLogMiddleware.php
Normal file
201
server/app/api/middleware/ApiAccessLogMiddleware.php
Normal file
@@ -0,0 +1,201 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace app\api\middleware;
|
||||
|
||||
use support\Log;
|
||||
use Throwable;
|
||||
use Webman\Http\Request;
|
||||
use Webman\Http\Response;
|
||||
use Webman\MiddlewareInterface;
|
||||
|
||||
/**
|
||||
* 记录 /api 相关接口的访问参数与响应摘要(敏感头、敏感字段脱敏)
|
||||
*/
|
||||
class ApiAccessLogMiddleware implements MiddlewareInterface
|
||||
{
|
||||
private const REQUEST_PARAM_MAX_LEN = 4096;
|
||||
|
||||
private const RESPONSE_BODY_MAX_LEN = 8192;
|
||||
|
||||
/** 请求头名称(小写) */
|
||||
private const SENSITIVE_HEADER_NAMES = [
|
||||
'auth-token',
|
||||
'token',
|
||||
'authorization',
|
||||
'cookie',
|
||||
];
|
||||
|
||||
/** 参数键名(小写匹配) */
|
||||
private const SENSITIVE_PARAM_KEYS = [
|
||||
'password',
|
||||
'secret',
|
||||
'signature',
|
||||
'token',
|
||||
'auth-token',
|
||||
'auth_token',
|
||||
'old_token',
|
||||
];
|
||||
|
||||
public function process(Request $request, callable $handler): Response
|
||||
{
|
||||
$startedAt = microtime(true);
|
||||
$response = null;
|
||||
$thrown = null;
|
||||
try {
|
||||
$response = $handler($request);
|
||||
return $response;
|
||||
} catch (Throwable $e) {
|
||||
$thrown = $e;
|
||||
throw $e;
|
||||
} finally {
|
||||
$durationMs = round((microtime(true) - $startedAt) * 1000, 3);
|
||||
$requestLog = $this->buildRequestLog($request);
|
||||
$responseLog = null;
|
||||
if ($response instanceof Response) {
|
||||
$responseLog = $this->buildResponseLog($response);
|
||||
}
|
||||
|
||||
Log::info('api_access', [
|
||||
'request' => $requestLog,
|
||||
'response' => $responseLog,
|
||||
'duration_ms' => $durationMs,
|
||||
'exception' => $thrown ? [
|
||||
'class' => $thrown::class,
|
||||
'message' => $thrown->getMessage(),
|
||||
] : null,
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array<string, mixed>
|
||||
*/
|
||||
private function buildRequestLog(Request $request): array
|
||||
{
|
||||
$headers = $request->header();
|
||||
if (!is_array($headers)) {
|
||||
$headers = [];
|
||||
}
|
||||
$headersOut = [];
|
||||
foreach ($headers as $name => $value) {
|
||||
$nameStr = strtolower((string) $name);
|
||||
if ($this->isSensitiveHeaderName($nameStr)) {
|
||||
$headersOut[$nameStr] = $this->maskToken(is_string($value) ? $value : (string) $value);
|
||||
} else {
|
||||
$headersOut[$nameStr] = $value;
|
||||
}
|
||||
}
|
||||
|
||||
$get = $request->get();
|
||||
$post = $request->post();
|
||||
$params = [];
|
||||
if (is_array($get)) {
|
||||
$params = array_merge($params, $get);
|
||||
}
|
||||
if (is_array($post)) {
|
||||
$params = array_merge($params, $post);
|
||||
}
|
||||
$params = $this->sanitizeForLog($params);
|
||||
|
||||
$paramsJson = json_encode($params, JSON_UNESCAPED_UNICODE | JSON_INVALID_UTF8_SUBSTITUTE);
|
||||
if (!is_string($paramsJson)) {
|
||||
$paramsJson = '';
|
||||
}
|
||||
if (strlen($paramsJson) > self::REQUEST_PARAM_MAX_LEN) {
|
||||
$paramsJson = substr($paramsJson, 0, self::REQUEST_PARAM_MAX_LEN) . '...(truncated)';
|
||||
}
|
||||
|
||||
return [
|
||||
'method' => $request->method(),
|
||||
'path' => $request->path(),
|
||||
'uri' => $request->uri(),
|
||||
'ip' => method_exists($request, 'getRealIp') ? $request->getRealIp() : ($request->getRemoteIp() ?? ''),
|
||||
'content_type' => $request->header('content-type', ''),
|
||||
'headers' => $headersOut,
|
||||
'params' => $paramsJson,
|
||||
'agent_id' => $request->agent_id ?? null,
|
||||
'player_id' => $request->player_id ?? null,
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array<string, mixed>
|
||||
*/
|
||||
private function buildResponseLog(Response $response): array
|
||||
{
|
||||
$raw = method_exists($response, 'rawBody') ? $response->rawBody() : '';
|
||||
if (!is_string($raw)) {
|
||||
$raw = '';
|
||||
}
|
||||
$bodyForLog = $raw;
|
||||
$decoded = json_decode($raw, true);
|
||||
if (is_array($decoded)) {
|
||||
$sanitized = $this->sanitizeForLog($decoded);
|
||||
$encoded = json_encode($sanitized, JSON_UNESCAPED_UNICODE | JSON_INVALID_UTF8_SUBSTITUTE);
|
||||
if (is_string($encoded)) {
|
||||
$bodyForLog = $encoded;
|
||||
}
|
||||
}
|
||||
if (strlen($bodyForLog) > self::RESPONSE_BODY_MAX_LEN) {
|
||||
$bodyForLog = substr($bodyForLog, 0, self::RESPONSE_BODY_MAX_LEN) . '...(truncated)';
|
||||
}
|
||||
|
||||
return [
|
||||
'status' => $response->getStatusCode(),
|
||||
'body' => $bodyForLog,
|
||||
];
|
||||
}
|
||||
|
||||
private function isSensitiveHeaderName(string $name): bool
|
||||
{
|
||||
return in_array($name, self::SENSITIVE_HEADER_NAMES, true);
|
||||
}
|
||||
|
||||
private function isSensitiveParamKey(string $keyLower): bool
|
||||
{
|
||||
foreach (self::SENSITIVE_PARAM_KEYS as $s) {
|
||||
if ($keyLower === $s) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
private function maskToken(string $value): string
|
||||
{
|
||||
$t = trim($value);
|
||||
if ($t === '') {
|
||||
return '';
|
||||
}
|
||||
if (strlen($t) <= 12) {
|
||||
return '***';
|
||||
}
|
||||
return substr($t, 0, 8) . '***' . substr($t, -4);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param mixed $value
|
||||
* @return mixed
|
||||
*/
|
||||
private function sanitizeForLog($value)
|
||||
{
|
||||
if (!is_array($value)) {
|
||||
return $value;
|
||||
}
|
||||
$out = [];
|
||||
foreach ($value as $k => $v) {
|
||||
$keyLower = is_string($k) ? strtolower($k) : '';
|
||||
if ($keyLower !== '' && $this->isSensitiveParamKey($keyLower)) {
|
||||
$out[$k] = '***';
|
||||
continue;
|
||||
}
|
||||
if (is_array($v)) {
|
||||
$out[$k] = $this->sanitizeForLog($v);
|
||||
continue;
|
||||
}
|
||||
$out[$k] = $v;
|
||||
}
|
||||
return $out;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user