Join Log in
Score:1
avatar Server

More explicit Nginx logs

kr flag
SoftTimur

I use nginx in my MacOS to test third-party authentications such as Google and Twitter in localhost. As a result, on my local website https://localhost:8000/..., I could engage with www.funfun.io for third-party authentications.

Here is the nginx configuration file:

worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    log_format my_log '{ "time": "$time_iso8601", '
        '"remote_addr": "$remote_addr", '
        '"status": "$status", '
        '"request": "$request", '
        '"request_method": "$request_method", '
        '"http_referrer": "$http_referer", '
        '"http_x_forwarded_for": "$http_x_forwarded_for", '
        '"host": "$host", '
        '"server_name": "$server_name", '
        '"upstream_address": "$upstream_addr", '
        '"upstream_status": "$upstream_status", }';

    access_log /usr/local/var/log/nginx/my_log_access.log my_log;

    upstream funfun {
        server 178.62.87.72:443;
    }

    server {
        listen              443 ssl;
        server_name localhost;
        ssl_certificate /etc/ssl/localhost/localhost.crt;
        ssl_certificate_key /etc/ssl/localhost/localhost.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_session_timeout 1d;
        ssl_stapling off;
        ssl_stapling_verify off;
        add_header Strict-Transport-Security max-age=15768000;
        add_header X-Frame-Options "";
        proxy_ssl_name "www.funfun.io";
        proxy_ssl_server_name on;

        location ~ /socialLoginSuccess {
            rewrite ^ '/#/socialLoginSuccess' redirect;
        }

        location ~ /auth/(.*) {
            proxy_pass  https://funfun/10studio/auth/$1?$query_string;
            proxy_set_header Host localhost;
        }
    }
    include servers/*;
}

Here is part of logs:

{ "time": "2021-11-11T01:02:44+01:00", "remote_addr": "127.0.0.1", "status": "204", "request": "OPTIONS /10studio/auth/logout HTTP/1.1", "request_method": "OPTIONS", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "204" }
{ "time": "2021-11-11T01:02:44+01:00", "remote_addr": "127.0.0.1", "status": "200", "request": "POST /10studio/auth/logout HTTP/1.1", "request_method": "POST", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "200" }
{ "time": "2021-11-11T01:02:47+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /10studio/auth/google HTTP/1.1", "request_method": "GET", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "302" }
{ "time": "2021-11-11T01:02:50+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /auth/google/callback?code=4%2F0AX4XfWihw3erIiZok3Yk8jZ5hjcg4sT35YLuZAp5h3qIDZvC_BuHSlvbRiTSh4Sobo_Wbw&scope=email+profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+openid&authuser=0&prompt=consent HTTP/1.1", "request_method": "GET", "http_referrer": "https://accounts.google.com/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "302" }
{ "time": "2021-11-11T01:02:50+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /auth/signinSuccess HTTP/1.1", "request_method": "GET", "http_referrer": "https://accounts.google.com/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "302" }
{ "time": "2021-11-11T01:02:50+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /socialLoginSuccess HTTP/1.1", "request_method": "GET", "http_referrer": "https://accounts.google.com/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "-", "upstream_status": "-" }
{ "time": "2021-11-11T01:03:00+01:00", "remote_addr": "127.0.0.1", "status": "200", "request": "GET /10studio/10studio/auth/tokenTie?t=1636588979945 HTTP/1.1", "request_method": "GET", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "200" }
{ "time": "2021-11-11T01:03:00+01:00", "remote_addr": "127.0.0.1", "status": "200", "request": "GET /10studio/10studio/auth/tokenTie?t=1636588979993 HTTP/1.1", "request_method": "GET", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "200" }

I realize that, for normal requests (e.g., https://localhost:8000/#/home) without auth or socialLoginSuccess, there is no log recorded. Does anyone know how I could modify my nginx configuration file to record also their logs?

Additionally, what I would like to see from the logs, is that a request like https://localhost/10studio/auth/google is indeed past to the proxied server at https://178.62.87.72:443/10studio/auth/.... But from the current logs, it is not very obvious. Does anyone know how I could modify my nginx configuration file to make it more explicit?

73
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.