✨ Improved x-request-id handling

- Currently, we create a request ID for internal use if one isn't set & this is used in logs - If a custom request ID is set via X-Request-ID header, this gets logged, however, we don't return this with the response - Means that a custom ID gets lost on the way back out, and makes tracing requests through a system trickier - This change ensures that if X-Request-ID is set on the request, it is also set on the response so that requests can be properly traced - It's easy to set this in e.g. nginx so that the feature becomes available - Ghost doens't need to do this - Note: also split request id handling out into new middleware
2024-11-30 21:40:39 +03:00 · 2019-09-22 18:20:05 +01:00 · 2019-09-22 18:20:05 +01:00 · 0107ac848a
commit 0107ac848a
parent 24e730fa25
4 changed files with 25 additions and 6 deletions
--- a/core/server/web/parent-app.js
+++ b/core/server/web/parent-app.js
@ -15,6 +15,7 @@ module.exports = function setupParentApp(options = {}) {
    // (X-Forwarded-Proto header will be checked, if present)
    parentApp.enable('trust proxy');

+    parentApp.use(shared.middlewares.requestId);
    parentApp.use(shared.middlewares.logRequest);

    // Register event emmiter on req/res to trigger cache invalidation webhook event
--- a/core/server/web/shared/middlewares/index.js
+++ b/core/server/web/shared/middlewares/index.js
@ -59,6 +59,10 @@ module.exports = {
        return require('./pretty-urls');
    },

+    get requestId() {
+        return require('./request-id');
+    },
+
    get serveFavicon() {
        return require('./serve-favicon');
    },
--- a/core/server/web/shared/middlewares/log-request.js
+++ b/core/server/web/shared/middlewares/log-request.js
@ -1,17 +1,13 @@
-const uuid = require('uuid');
 const common = require('../../../lib/common');

 /**
- * @TODO:
- * - move middleware to ignition?
+ * @TODO: move this middleware to ignition?
 */
 module.exports = function logRequest(req, res, next) {
-    const startTime = Date.now(),
-        requestId = req.get('X-Request-ID') || uuid.v4();
+    const startTime = Date.now();

    function logResponse() {
        res.responseTime = (Date.now() - startTime) + 'ms';
-        req.requestId = requestId;
        req.userId = req.user ? (req.user.id ? req.user.id : req.user) : null;

        if (req.err && req.err.statusCode !== 404) {
--- a/core/server/web/shared/middlewares/request-id.js
+++ b/core/server/web/shared/middlewares/request-id.js
@ -0,0 +1,18 @@
+const uuid = require('uuid');
+
+/**
+ * @TODO: move this middleware to ignition?
+ */
+module.exports = (req, res, next) => {
+    const requestId = req.get('X-Request-ID') || uuid.v4();
+
+    // Set a value for internal use
+    req.requestId = requestId;
+
+    // If the header was set on the request, return it on the response
+    if (req.get('X-Request-ID')) {
+        res.set('X-Request-ID', requestId);
+    }
+
+    next();
+};