daniel156161/simple-nanoshare
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

feat(logging): add NanoShare wide event instrumentation
Build and Push Docker Container / build-and-push (push) Failing after 51s
Details

Browse Source 
- Register quart_common wide-event logging during app setup so every HTTP request emits one canonical structured event.

- Replace the inline security middleware with reusable quart_common security middleware wiring and move skip path configuration into app constants.

- Add NanoShare-specific wide-event context for health checks, auth/error handlers, file list/edit/delete/serve flows and upload outcomes.

- Rename runtime logging/project metadata from simple-picoshare to nanoshare where it is emitted in service context.

- Update my_helpers and quart_common submodules for Convex/wide-event integration and reusable security middleware support.

- Add NanoShare middleware tests covering safe user context, client IP enrichment, missing Convex handling and Convex security lookup failures.
This commit is contained in:
Daniel Dolezal
2026-05-13 20:22:43 +02:00
parent 26536a3cde
commit 9c731d6e67
12 changed files with 208 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
routes/side/main.py
+12
View File
@@ -3,6 +3,7 @@ from my_modules.functions import get_ip
from my_modules.app.setup import LIMITER
from my_modules.app.logger import logger
from my_modules.expiry import parse_expires
from quart_common.web.wide_event import add_wide_event_context
from quart import (
Blueprint,
@@ -40,12 +41,14 @@ async def index():
@side_main_bp.route('/access')
@login_required
async def access_list(user):
add_wide_event_context(nanoshare={"operation": "access_list"})
access_data = await current_app.convex.get_all_access(user_id=user['sub'])
return await render_template("views/webpage/access/list.htm", access_logs=access_data)
@side_main_bp.route('/files')
@login_required
async def files_list(user):
add_wide_event_context(nanoshare={"operation": "files_list"})
files_data = await current_app.convex.get_files(user_id=user['sub'])
return await render_template("views/webpage/files/list.htm",
files=files_data
@@ -54,6 +57,7 @@ async def files_list(user):
@side_main_bp.route('/files/<path:file_id>/info')
@login_required
async def file_info(file_id, user):
add_wide_event_context(nanoshare={"operation": "file_info", "file_id": file_id})
files_data = await current_app.convex.get_files(user_id=user["sub"])
file_data = find_file(files_data, file_id)
if not file_data:
@@ -71,6 +75,7 @@ async def file_info(file_id, user):
@side_main_bp.route("/files/<path:file_id>/edit")
@login_required
async def file_edit(file_id, user):
add_wide_event_context(nanoshare={"operation": "file_edit", "file_id": file_id})
file_data = await current_app.convex.get_file_informations(file_id=file_id, user_id=user["sub"])
if not file_data:
abort(404)
@@ -83,6 +88,7 @@ async def file_edit(file_id, user):
@side_main_bp.put("/api/file/<path:file_id>")
@login_required
async def file_edit_api(file_id, user):
add_wide_event_context(nanoshare={"operation": "file_update", "file_id": file_id})
files_data = await current_app.convex.get_files(user_id=user["sub"])
if not find_file(files_data, file_id):
return jsonify({"ok": False, "error": "File not found"}), 404
@@ -115,6 +121,7 @@ async def file_edit_api(file_id, user):
@side_main_bp.delete("/api/file/<path:file_id>")
@login_required
async def file_delete_api(file_id, user):
add_wide_event_context(nanoshare={"operation": "file_delete", "file_id": file_id})
files_data = await current_app.convex.get_files(user_id=user["sub"])
if not find_file(files_data, file_id):
return jsonify({"ok": False, "error": "File not found"}), 404
@@ -125,10 +132,12 @@ async def file_delete_api(file_id, user):
@side_main_bp.route("/-<file_id>")
@LIMITER.limit("10 per minute;500 per hour;")
async def serve_file(file_id: str):
add_wide_event_context(nanoshare={"operation": "serve_file", "file_id": file_id})
file_data = await current_app.convex.get_file(file_id=file_id)
disable_logging = False
if not file_data:
add_wide_event_context(nanoshare={"operation_status": "not_found"})
abort(404)
user = session.get('user')
@@ -136,6 +145,7 @@ async def serve_file(file_id: str):
disable_logging = True
if file_data.get("expired", None):
add_wide_event_context(nanoshare={"operation_status": "expired", "owner_request": disable_logging})
if not disable_logging:
await current_app.convex.add_file_access(file_id=file_id, ip_address=get_ip(), user_agent=request.user_agent, status="expired")
return Response("This file has expired.", status=410, headers={
@@ -149,10 +159,12 @@ async def serve_file(file_id: str):
force_download = request.args.get("download") in {"1", "true", "yes"}
if not file_data.get('db_image_url', None):
add_wide_event_context(nanoshare={"operation_status": "missing_storage", "owner_request": disable_logging})
if not disable_logging:
await current_app.convex.add_file_access(file_id=file_id, ip_address=get_ip(), user_agent=request.user_agent, status="error")
abort(404)
add_wide_event_context(nanoshare={"operation_status": "served", "owner_request": disable_logging, "content_type": content_type, "download": force_download})
if not disable_logging:
await current_app.convex.add_file_access(file_id=file_id, ip_address=get_ip(), user_agent=request.user_agent, status="ok")