diff --git a/apps/bff/src/common/config/throttler.config.ts b/apps/bff/src/common/config/throttler.config.ts index c32ea65b..911731a5 100644 --- a/apps/bff/src/common/config/throttler.config.ts +++ b/apps/bff/src/common/config/throttler.config.ts @@ -14,7 +14,7 @@ export const createThrottlerConfig = (configService: ConfigService): ThrottlerMo // Stricter rate limiting for authentication endpoints { name: "auth", - ttl: configService.get("AUTH_RATE_LIMIT_TTL", 900000), // 15 minutes + ttl: configService.get("AUTH_RATE_LIMIT_TTL", 600000), // 10 minutes limit: configService.get("AUTH_RATE_LIMIT_LIMIT", 3), // 3 attempts }, ]; diff --git a/apps/bff/src/common/logging/logging.module.ts b/apps/bff/src/common/logging/logging.module.ts index ca766703..a49b71a3 100644 --- a/apps/bff/src/common/logging/logging.module.ts +++ b/apps/bff/src/common/logging/logging.module.ts @@ -8,6 +8,35 @@ import { LoggerModule } from "nestjs-pino"; pinoHttp: { level: process.env.LOG_LEVEL || "info", name: process.env.APP_NAME || "customer-portal-bff", + + // Reduce HTTP request/response noise + autoLogging: { + ignore: (req) => { + // Skip logging for health checks and static assets + const url = req.url || ''; + return url.includes('/health') || + url.includes('/favicon') || + url.includes('/_next/') || + url.includes('/api/auth/session'); // Skip frequent session checks + } + }, + + // Custom serializers to reduce response body logging + serializers: { + req: (req) => ({ + method: req.method, + url: req.url, + // Don't log headers or body in production + ...(process.env.NODE_ENV === 'development' && { + headers: req.headers + }) + }), + res: (res) => ({ + statusCode: res.statusCode, + // Don't log response body to reduce noise + }) + }, + transport: process.env.NODE_ENV === "development" ? { @@ -15,7 +44,8 @@ import { LoggerModule } from "nestjs-pino"; options: { colorize: true, translateTime: "yyyy-mm-dd HH:MM:ss", - ignore: "pid,hostname", + ignore: "pid,hostname,req,res", // Hide request/response details in pretty output + messageFormat: "{msg}", }, } : undefined, @@ -23,6 +53,8 @@ import { LoggerModule } from "nestjs-pino"; paths: [ "req.headers.authorization", "req.headers.cookie", + "req.body", // Redact request bodies + "res.body", // Redact response bodies "password", "token", "secret", diff --git a/apps/portal/src/app/checkout/page.tsx b/apps/portal/src/app/checkout/page.tsx index 44665a79..1f627ea9 100644 --- a/apps/portal/src/app/checkout/page.tsx +++ b/apps/portal/src/app/checkout/page.tsx @@ -1,6 +1,6 @@ "use client"; -import { useState, useEffect, useMemo, Suspense } from "react"; +import { useState, useEffect, useMemo, useCallback, Suspense } from "react"; import { useSearchParams, useRouter } from "next/navigation"; import { PageLayout } from "@/components/layout/page-layout"; import { ShieldCheckIcon, ExclamationTriangleIcon } from "@heroicons/react/24/outline"; @@ -245,23 +245,15 @@ function CheckoutContent() { } }; - const handleAddressConfirmed = (address?: Address) => { - console.log("🎯 PARENT: handleAddressConfirmed called with:", address); - console.log("🎯 PARENT: Current addressConfirmed state before:", addressConfirmed); + const handleAddressConfirmed = useCallback((address?: Address) => { setAddressConfirmed(true); setConfirmedAddress(address || null); - console.log("🎯 PARENT: addressConfirmed state set to true"); + }, []); - // Force a log after state update (in next tick) - setTimeout(() => { - console.log("🎯 PARENT: addressConfirmed state after update:", addressConfirmed); - }, 0); - }; - - const handleAddressIncomplete = () => { + const handleAddressIncomplete = useCallback(() => { setAddressConfirmed(false); setConfirmedAddress(null); - }; + }, []); if (checkoutState.loading) { return ( diff --git a/apps/portal/src/components/checkout/address-confirmation.tsx b/apps/portal/src/components/checkout/address-confirmation.tsx index 8bba30d5..6b692198 100644 --- a/apps/portal/src/components/checkout/address-confirmation.tsx +++ b/apps/portal/src/components/checkout/address-confirmation.tsx @@ -128,19 +128,9 @@ export function AddressConfirmation({ }; const handleConfirmAddress = () => { - console.log("🏠 CONFIRM ADDRESS CLICKED", { - billingInfo, - hasAddress: !!billingInfo?.address, - address: billingInfo?.address, - }); - if (billingInfo?.address) { - console.log("🏠 Calling onAddressConfirmed with:", billingInfo.address); onAddressConfirmed(billingInfo.address); setAddressConfirmed(true); - console.log("🏠 Address confirmed state set to true"); - } else { - console.log("🏠 No billing info or address available"); } }; diff --git a/docs/LOGGING_LEVELS.md b/docs/LOGGING_LEVELS.md new file mode 100644 index 00000000..c3b396a5 --- /dev/null +++ b/docs/LOGGING_LEVELS.md @@ -0,0 +1,96 @@ +# 📊 Logging Configuration Guide + +## Quick Log Level Changes + +### Using the Script (Recommended) +```bash +# Check current level +./scripts/set-log-level.sh + +# Set to minimal logging (production-like) +./scripts/set-log-level.sh warn + +# Set to normal development logging +./scripts/set-log-level.sh info + +# Set to detailed debugging +./scripts/set-log-level.sh debug +``` + +### Manual Configuration +Edit `.env` file: +```bash +LOG_LEVEL="info" # Change this value +``` + +## Log Levels Explained + +| Level | Numeric | What You'll See | Best For | +|-------|---------|-----------------|----------| +| `error` | 0 | Only critical errors | Production monitoring | +| `warn` | 1 | Warnings + errors | Quiet development | +| `info` | 2 | General operations | **Normal development** ⭐ | +| `debug` | 3 | Detailed debugging | Troubleshooting issues | +| `trace` | 4 | Very verbose tracing | Deep debugging | + +## What's Been Optimized + +### ✅ Reduced Noise +- **HTTP requests/responses**: Filtered out health checks, static assets +- **Request bodies**: Hidden by default (security + noise reduction) +- **Response bodies**: Hidden by default (reduces overwhelming output) +- **Session checks**: Frequent `/api/auth/session` calls ignored + +### ✅ Cleaner Output +- **Pretty formatting**: Colored, timestamped logs in development +- **Message focus**: Emphasizes actual log messages over metadata +- **Structured data**: Still available but not overwhelming + +### ✅ Security Enhanced +- **Sensitive data**: Automatically redacted (tokens, passwords, etc.) +- **Production ready**: No debug info exposed to customers + +## Common Scenarios + +### 🔇 Too Much Noise? +```bash +./scripts/set-log-level.sh warn +``` + +### 🐛 Debugging Issues? +```bash +./scripts/set-log-level.sh debug +``` + +### 🚀 Normal Development? +```bash +./scripts/set-log-level.sh info +``` + +### 📊 Production Monitoring? +```bash +./scripts/set-log-level.sh error +``` + +## Environment Variables + +```bash +# Core logging +LOG_LEVEL="info" # Main log level +DISABLE_HTTP_LOGGING="false" # Set to "true" to disable HTTP logs entirely + +# Application context +APP_NAME="customer-portal-bff" # Service name in logs +NODE_ENV="development" # Affects log formatting +``` + +## Restart Required + +After changing log levels, restart your development server: +```bash +# Stop current server (Ctrl+C) +# Then restart +pnpm dev +``` + +The new log level will take effect immediately. diff --git a/packages/shared/src/logger.ts b/packages/shared/src/logger.ts index 235491d4..a19fbeb4 100644 --- a/packages/shared/src/logger.ts +++ b/packages/shared/src/logger.ts @@ -25,21 +25,26 @@ export const logger = pino({ colorize: true, translateTime: "yyyy-mm-dd HH:MM:ss", ignore: "pid,hostname", + messageFormat: "{msg}", // Cleaner message format + hideObject: false, // Show structured data but cleaner }, } : undefined, }), - // Security: redact sensitive fields + // Security: redact sensitive fields and reduce noise redact: { paths: [ "req.headers.authorization", "req.headers.cookie", + "req.body", // Hide request bodies + "res.body", // Hide response bodies "password", "token", "secret", "jwt", "apiKey", + "data", // Hide large data objects ], remove: true, }, diff --git a/scripts/set-log-level.sh b/scripts/set-log-level.sh new file mode 100755 index 00000000..359bf20e --- /dev/null +++ b/scripts/set-log-level.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +# Script to easily change log levels +# Usage: ./scripts/set-log-level.sh [error|warn|info|debug|trace] + +if [ $# -eq 0 ]; then + echo "Current LOG_LEVEL: $(grep LOG_LEVEL .env | cut -d'=' -f2 | tr -d '"')" + echo "" + echo "Usage: $0 [error|warn|info|debug|trace]" + echo "" + echo "Log Levels:" + echo " error - Only errors (least verbose)" + echo " warn - Warnings and errors" + echo " info - General information (recommended)" + echo " debug - Detailed debugging info" + echo " trace - Very detailed tracing (most verbose)" + exit 0 +fi + +LEVEL=$1 + +# Validate log level +case $LEVEL in + error|warn|info|debug|trace) + ;; + *) + echo "Invalid log level: $LEVEL" + echo "Valid levels: error, warn, info, debug, trace" + exit 1 + ;; +esac + +# Update .env file +if [[ "$OSTYPE" == "darwin"* ]]; then + # macOS + sed -i '' "s/LOG_LEVEL=\".*\"/LOG_LEVEL=\"$LEVEL\"/" .env +else + # Linux + sed -i "s/LOG_LEVEL=\".*\"/LOG_LEVEL=\"$LEVEL\"/" .env +fi + +echo "✅ Log level changed to: $LEVEL" +echo "🔄 Restart your development server to apply changes"