https://github.com/core-go/middleware

https://github.com/core-go/middleware

middleware middleware-log

Last synced: 7 days ago
JSON representation

• Host: GitHub
• URL: https://github.com/core-go/middleware
• Owner: core-go
• Created: 2020-09-25T09:26:34.000Z (almost 5 years ago)
• Default Branch: main
• Last Pushed: 2024-09-01T15:10:13.000Z (10 months ago)
• Last Synced: 2025-02-27T05:41:06.942Z (4 months ago)
• Topics: middleware, middleware-log
• Language: Go
• Homepage:
• Size: 96.7 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# middleware

Middleware logging is a technique used in software development, particularly in web and microservices applications, to log important information about incoming requests, outgoing responses, and the operations performed by the application.

- [core-go/middleware](https://github.com/core-go/middleware) is designed to integrate with middleware logging seamlessly for existing Go libraries: [Echo](https://github.com/labstack/echo), [Gin](https://github.com/gin-gonic/gin), or net/http ([Gorilla mux](https://github.com/gorilla/mux), [Go-chi](https://github.com/go-chi/chi)), with any logging libraries ([zap](https://pkg.go.dev/go.uber.org/zap), [logrus](https://github.com/sirupsen/logrus)), to log request headers, request body, response status code, body content, response time, and size

- Especially, [core-go/middleware](https://github.com/core-go/middleware) supported to encrypt sensitive data, which is useful for Financial Products (to comply with PCI-DSS standards) and Healthcare (to comply with HIPAA regulations)

- You can refer to [middleware-log-tracing](https://www.linkedin.com/pulse/middleware-log-tracing-go-duc-nguyen-uh0pc) at my [Linked In](https://vn.linkedin.com/in/duc-nguyen-437240239?trk=article-ssr-frontend-pulse_publisher-author-card) for more details.

### A typical micro service

- When you zoom one micro service, the flow is as below, and you can see "middleware" in the full picture:

  ![A typical micro service](https://cdn-images-1.medium.com/max/800/1*d9kyekAbQYBxH-C6w38XZQ.png)

## Content for logging

### Request

#### Features

- Log Request Method and URL: Log the HTTP method (GET, POST, etc.) and the requested URL.

- Log Request Headers: Option to log request headers for debugging purposes.

- Log Request Body: Option to log the request body (with configurable size limits to avoid logging large payloads).

#### Benefits

- Debugging: Helps in tracing and debugging issues by providing complete information about incoming requests.

- Monitoring: Provides visibility into the types of requests being received.

### Response

#### Features

- Log Response Status Code: Log the HTTP status code of the response.

- Log Response Headers: Option to log response headers.

- Log Response Body: Option to log the response body (with configurable size limits to avoid logging large payloads).

#### Benefits

- Debugging: Assists in diagnosing issues by providing complete information about the responses sent by the server.

- Auditing: Helps in auditing and reviewing server responses for compliance and monitoring purposes.

### Response Time

#### Features

- Log Response Time: Calculate and log the time taken to process each request.

#### Benefits

- Performance Monitoring: Helps in identifying slow requests and performance bottlenecks.

- Optimization: Provides data to optimize and improve server response times.

### Response Size

#### Features

- Log Response Size: Log the size of the response payload in bytes.

#### Benefits

- Bandwidth Monitoring: Helps in monitoring and managing bandwidth usage.

- Optimization: Provides insights into the response sizes to optimize payloads and improve performance.

## Features

### Middleware Integration

#### Features

- Middleware Function: Designed to integrate seamlessly with existing Go libraries: [Echo](https://github.com/labstack/echo), [Gin](https://github.com/gin-gonic/gin), or net/http ([Gorilla mux](https://github.com/gorilla/mux), [Go-chi](https://github.com/go-chi/chi)).

  - Sample for [Echo](https://github.com/labstack/echo) is at [go-echo-sql-sample](https://github.com/go-tutorials/go-echo-sql-sample)

  - Sample for [Gin](https://github.com/gin-gonic/gin) is at [go-gin-sql-sample](https://github.com/go-tutorials/go-gin-sql-sample)

  - Sample for [Gorilla mux](https://github.com/gorilla/mux) is at [go-sql-sample](https://github.com/go-tutorials/go-sql-sample) 

- Context Handling: Pass context to handle request-specific data throughout the middleware chain.

#### Benefits

- Ease of Use: Simplifies the integration of logging into existing web applications.

- Consistency: Ensures consistent logging across different parts of the application.

### Logging Libraries Integration

- Do not depend on any logging libraries.

- Already supported to integrate with [zap](https://pkg.go.dev/go.uber.org/zap), [logrus](https://github.com/sirupsen/logrus)

- Can be integrated with any logging library.

### Sensitive Data Encryption

#### Features

- Mask/Encrypt sensitive data in the request and response bodies.

- Sensitive Data Identification: identify and encrypt specific fields in JSON payloads.

#### Benefits:

- Security: Protects sensitive information from being exposed in logs.

- Compliance: Helps meet security and compliance requirements by safeguarding sensitive data.

- Ease of Use: Simplifies the integration of encryption/masking into any existing applications.

- Consistency: Ensures that sensitive data is consistently encrypted or masked across all logged requests and responses

#### Samples:

- Sample for [Echo](https://github.com/labstack/echo) is at [go-echo-sql-sample](https://github.com/go-tutorials/go-echo-sql-sample)

- Sample for [Gin](https://github.com/gin-gonic/gin) is at [go-gin-sql-sample](https://github.com/go-tutorials/go-gin-sql-sample)

- Sample for [Gorilla mux](https://github.com/gorilla/mux) is at [go-sql-sample](https://github.com/go-tutorials/go-sql-sample)

### Enable/Disable Logging

#### Features

- Enable/Disable Logging: Allow users to turn on or off logging for requests, responses, headers, and bodies independently.

- Logging Levels: Support different logging levels (e.g., INFO, DEBUG, ERROR) to control the verbosity of logs.

#### Benefits

- Flexibility: Provides users with the flexibility to configure logging based on their needs and environment.

- Efficiency: Reduces overhead by allowing selective logging, especially in production environments.

### Asynchronous Logging

#### Features

- Non-Blocking Logs: Implement asynchronous logging to ensure that logging does not block request processing.

- Log Buffering: Use buffering to improve logging performance and reduce latency.

#### Benefits:

- Performance: Improves the overall performance of the application by reducing logging overhead.

- Scalability: Allows the application to handle high-throughput logging without performance degradation.

## Use Cases of Sensitive Data Encryption

### Financial Transactions

- Benefit: Encrypting sensitive financial data, such as credit card numbers and transaction details, helps comply with PCI-DSS standards and secures financial transactions from exposure in logs.

### Healthcare

- Benefit: Encrypting patient data such as medical records and health information in logs ensures compliance with HIPAA regulations and protects patient privacy.

### E-commerce

- Benefit: Protecting customer information, such as addresses and payment details, enhances customer trust and protects the e-commerce platform from potential data breaches.

## Benefits of Middleware Logging

#### Debugging and Troubleshooting

- Provides detailed logs that help developers debug and troubleshoot issues in the application by tracing the flow of requests and responses.

#### Monitoring and Alerting

- Enables monitoring of application performance and behavior, allowing for real-time alerting on errors, slow responses, and unusual activity.

#### Performance Optimization

- Logs performance metrics that can be analyzed to identify bottlenecks, optimize resource usage, and improve overall application performance.

#### Security and Compliance

- Helps in tracking access and usage patterns, detecting security incidents, and complying with regulatory requirements by logging relevant information.

#### Auditing

- Provides an audit trail of user actions and system operations, which is essential for security audits and forensic analysis.

## Conclusion

Middleware logging is a critical aspect of building robust, maintainable, and secure applications, providing valuable insights and aiding in the continuous improvement of the software.

## Installation

Please make sure to initialize a Go module before installing core-go/middleware:

```shell

go get -u github.com/core-go/middleware

```

Import:

```go

import "github.com/core-go/middleware"

```

## Appendix

### Microservice Architect

![Microservice Architect](https://cdn-images-1.medium.com/max/800/1*vKeePO_UC73i7tfymSmYNA.png)

### Cross-cutting concerns

- "middleware" in the full picture of cross-cutting concerns

  ![cross-cutting concerns](https://cdn-images-1.medium.com/max/800/1*y088T4NoJNrL9sqrKeSyqw.png)