How to use the express-winston.requestWhitelist function in express-winston
To help you get started, we’ve selected a few express-winston examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
garage-it / SmartHouse-backend / src / config / express.js View on Github 
app.use(cookieParser());
app.use(compress());
app.use(methodOverride());
app.use(passport.initialize());
app.use(passport.session());
// disable 'X-Powered-By' header in response
app.disable('x-powered-by');
// enable CORS - Cross Origin Resource Sharing
app.use(cors());
// enable detailed API logging in dev env
if (config.env === 'development') {
expressWinston.requestWhitelist.push('body');
expressWinston.responseWhitelist.push('body');
app.use(expressWinston.logger({
winstonInstance,
meta: true, // optional: log meta data about request (defaults to true)
msg: 'HTTP {{req.method}} {{req.url}} {{res.statusCode}} {{res.responseTime}}ms',
colorStatus: true // Color the status code (default green, 3XX cyan, 4XX yellow, 5XX red).
}));
}
if (config.staticPath) {
/* eslint-disable no-console */
console.log('Serve static files from: \x1b[36m' + config.staticPath + '\x1b[0m');
/* eslint-enable no-console */
app.use(express.static(config.staticPath));
}app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(compress());
app.use(methodOverride());
// secure apps by setting various HTTP headers
app.use(helmet());
// enable CORS - Cross Origin Resource Sharing
app.use(cors());
// enable detailed API logging in dev env
if (config.env === 'development') {
expressWinston.requestWhitelist.push('body');
expressWinston.responseWhitelist.push('body');
app.use(expressWinston.logger({
winstonInstance,
meta: true, // optional: log meta data about request (defaults to true)
msg: 'HTTP {{req.method}} {{req.url}} {{res.statusCode}} {{res.responseTime}}ms',
colorStatus: true // Color the status code (default green, 3XX cyan, 4XX yellow, 5XX red).
}));
}
// mount all routes on /api path
app.use('/repairnator-mongo-api', routes);
// if error is not an instanceOf APIError, convert it.
app.use((err, req, res, next) => {
if (err instanceof expressValidation.ValidationError) {
// validation error contains errors which is an array of error each containing message[]app.use(cookieParser());
app.use(compress());
app.use(methodOverride());
// secure apps by setting various HTTP headers
app.use(helmet());
// enable CORS - Cross Origin Resource Sharing
app.use(cors());
// This is really just a test output and should be the first thing you see
winstonInstance.info('The application is starting...');
// enable detailed API logging in dev env
if (config.env === 'development') {
expressWinston.requestWhitelist.push('body');
expressWinston.responseWhitelist.push('body');
app.use(expressWinston.logger({
winstonInstance,
meta: true, // optional: log meta data about request (defaults to true)
msg: 'HTTP {{req.method}} {{req.url}} {{res.statusCode}} {{res.responseTime}}ms',
colorStatus: true, // Color the status code (default green, 3XX cyan, 4XX yellow, 5XX red).
}));
}
// Get API Version from .env (or else assume 1.0)
const baseUrl = `/api/v${config.apiVersion}`;
// mount all routes on /api path
app.use(`${baseUrl}`, routes);
// if error is not an instanceOf APIError, convert it.app.use(passport.session())
// configure passport for Auth
passport.use(User.createStrategy())
passport.serializeUser(User.serializeUser())
passport.deserializeUser(User.deserializeUser())
// secure apps by setting various HTTP headers
app.use(helmet())
// enable CORS - Cross Origin Resource Sharing
app.use(cors())
// enable detailed API logging in dev env
if (config.env === 'development') {
expressWinston.requestWhitelist.push('body')
expressWinston.responseWhitelist.push('body')
app.use(
expressWinston.logger({
winstonInstance,
meta: true, // optional: log meta data about request (defaults to true)
msg: 'HTTP {{req.method}} {{req.url}} {{res.statusCode}} {{res.responseTime}}ms',
colorStatus: true, // Color the status code (default green, 3XX cyan, 4XX yellow, 5XX red).
}),
)
}
// mount all routes on /api path
app.use('/', routes)
// if error is not an instanceOf APIError, convert it.
app.use((err, req, res, next) => {} else {
app.use(morgan('dev'))
}
app.use(bodyParser.urlencoded({ extended: true, }))
app.use(bodyParser.json())
app.use(compression())
app.use(cookieParser())
app.use(cors())
app.use(helmet())
app.use(methodOverride())
// enable detailed API logging in all env except test
if (env.NODE_ENV !== 'test') {
expressWinston.requestWhitelist.push('body')
expressWinston.responseWhitelist.push('body')
app.use(expressWinston.logger({
winstonInstance,
meta: true, // optional: log meta data about request (defaults to true)
msg: 'HTTP {{req.method}} {{req.url}} {{res.statusCode}} {{res.responseTime}}ms',
colorStatus: true, // Color the status code (default green, 3XX cyan, 4XX yellow, 5XX red).
}))
}
/**
* @apiDescription Mounts api routes at /api
* @apiGroup API
*/
app.use('/api', routes)
// catch 404 and forward to error handlerexport default app => {
app.use(compression())
app.use(bodyParser.urlencoded({ extended: true }))
app.use(bodyParser.json())
app.use(passport.initialize())
app.use(cors({
credentials: true,
origin: process.env.FRONT_ORIGIN // Change allowed origin url for production
}))
app.use(methodOverride())
if (isDev && !isTest) {
app.use(morgan('dev'))
expressWinston.requestWhitelist.push('body')
expressWinston.responseWhitelist.push('body')
app.use(
expressWinston.logger({
winstonInstance,
meta: true,
msg:
'HTTP {{req.method}} {{req.url}} {{res.statusCode}} {{res.responseTime}}ms',
colorStatus: true
}),
)
}
}req.metadata.version = request_metadata.version
}
next()
})
app.use(clsify(session))
app.use(function (req, res, next) {
session.set('context', {req: req, res: res})
next()
})
if (config.secret) {
app.use(requestId({secret: config.secret, namespace: config.serverName}))
}
// Adds optional express logging to winston logger
expressWinston.requestWhitelist = _.concat(expressWinston.requestWhitelist, ['body', 'log_ip', 'log_url'])
app.use(expressWinston.logger({
winstonInstance: logger({logentries_api_key: process.env.LETOKEN}),
meta: true,
colorStatus: true
}))
app.use(function (req, res, next) {
var ip = req.headers['x-forwarded-for'] || (req.connection && req.connection.remoteAddress)
ip = ip || (req.socket && req.socket.remoteAddress) || (req.connection && req.connection.socket && req.connection.socket.remoteAddress)
var parsed_url = url.parse(req.url) || {}
var log_url = (parsed_url.pathname && parsed_url.pathname.toLowerCase()) || ''
log_url = log_url.substring(0, getNthOccurrenceIndex(log_url, '/', 3))
// for log-entries to parse Key-Value-Pairs ("/" in value is causing problems)
req.log_ip = "'" + ip + "'"
req.log_url = "'" + log_url + "'"
next()
})import pug from 'pug'
import { jii } from './jii'
const app = express()
app.use(logger('dev'))
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: true }))
app.use(compress())
app.use(methodOverride())
app.use(cors())
app.set('view engine', 'pug')
if (app.get('env') === 'development') {
expressWinston.requestWhitelist.push('body')
expressWinston.responseWhitelist.push('body')
app.use(expressWinston.logger({
winstonInstance,
msg: 'HTTP {{req.method}} {{req.url}} {{req.statusCode}} {{res.responseTime}}ms',
colorStatus: true,
}))
}
app.use((req, res, next) => {
res.setHeader('X-Powered-By', `${jii.name} ${jii.version}`)
next()
})
app.use(express.static(`${__dirname}/../public`))
app.use(routes)
export default appexport default app => {
app.use(compression());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(passport.initialize());
app.use(helmet());
app.use(cors(corsWhiteList));
app.use(methodOverride());
if (isDev && !isTest) {
app.use(morgan('dev'));
expressWinston.requestWhitelist.push('body');
expressWinston.responseWhitelist.push('body');
app.use(
expressWinston.logger({
winstonInstance,
meta: true,
msg:
'HTTP {{req.method}} {{req.url}} {{res.statusCode}} {{res.responseTime}}ms',
colorStatus: true,
}),
);
}
};export default app => {
app.use(compression());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(passport.initialize());
app.use(helmet());
app.use(cors());
app.use(expressStatusMonitor());
app.use(methodOverride());
if (isDev && !isTest) {
app.use(morgan('dev'));
expressWinston.requestWhitelist.push('body');
expressWinston.responseWhitelist.push('body');
app.use(
expressWinston.logger({
winstonInstance,
meta: true,
msg:
'HTTP {{req.method}} {{req.url}} {{res.statusCode}} {{res.responseTime}}ms',
colorStatus: true,
}),
);
}
};express-winston
express.js middleware for winstonjs/winston
