feat(logging): add NanoShare wide event instrumentation

- Register quart_common wide-event logging during app setup so every HTTP request emits one canonical structured event. - Replace the inline security middleware with reusable quart_common security middleware wiring and move skip path configuration into app constants. - Add NanoShare-specific wide-event context for health checks, auth/error handlers, file list/edit/delete/serve flows and upload outcomes. - Rename runtime logging/project metadata from simple-picoshare to nanoshare where it is emitted in service context. - Update my_helpers and quart_common submodules for Convex/wide-event integration and reusable security middleware support. - Add NanoShare middleware tests covering safe user context, client IP enrichment, missing Convex handling and Convex security lookup failures.
2026-05-13 20:22:43 +02:00
parent 26536a3cde
commit 9c731d6e67
12 changed files with 208 additions and 40 deletions
@@ -1,6 +1,7 @@
 from my_modules.decoratory.header import login_required
 from my_modules.expiry import parse_expires, ensure_utc
 from my_modules.file_meta import iso_stamp_filename, format_size
+from quart_common.web.wide_event import add_wide_event_context

 from quart import Blueprint, request, jsonify, current_app
 import asyncio, hashlib
@@ -73,10 +74,13 @@ async def api_upload(user):
  text = form.get('text', '')
  orphan_registry = getattr(current_app, 'orphan_storage_registry', None)

+  add_wide_event_context(nanoshare={"operation": "upload", "has_file": bool(files.get('file')), "has_text": bool(text.strip())})
+
  uploaded = files.get('file')
  expires_at_dt = ensure_utc(parse_expires(expires_raw))

  if not uploaded and not text.strip():
+    add_wide_event_context(nanoshare={"operation_status": "missing_content"})
    return jsonify({'ok': False, 'error': 'No content provided'}), 400

  content_type = None
@@ -84,6 +88,7 @@ async def api_upload(user):
  # --- binary upload path ---
  if uploaded:
    fname = uploaded.filename or ''
+    add_wide_event_context(nanoshare={"upload_type": "file", "filename_present": bool(fname)})
    ctype = uploaded.mimetype or 'application/octet-stream'
    content_type = ctype
    storage_id = None
@@ -115,6 +120,7 @@ async def api_upload(user):
      )
      if storage_id:
        reused_orphan_storage_id = True
+        add_wide_event_context(nanoshare={"reused_orphan_storage_id": True})
      else:
        storage_id, sent_size = await current_app.convex.send_stream_to_storage(stream=stream,content_type=content_type)
        size_bytes = sent_size
@@ -128,6 +134,7 @@ async def api_upload(user):
      )
      if storage_id:
        reused_orphan_storage_id = True
+        add_wide_event_context(nanoshare={"reused_orphan_storage_id": True})
      else:
        storage_id = await current_app.convex.send_to_storage(data=data, content_type=content_type)
      size_bytes = len(data)
@@ -151,6 +158,7 @@ async def api_upload(user):

  # --- text upload path ---
  elif text.strip():
+    add_wide_event_context(nanoshare={"upload_type": "text"})
    data = text.encode('utf-8')
    fname = iso_stamp_filename('pasted', 'txt')
    fingerprint = fingerprint_bytes(data)
@@ -160,6 +168,8 @@ async def api_upload(user):
      else None
    )
    reused_orphan_storage_id = bool(storage_id)
+    if reused_orphan_storage_id:
+      add_wide_event_context(nanoshare={"reused_orphan_storage_id": True})
    if not storage_id:
      storage_id = await current_app.convex.send_to_storage(
        data=data, content_type='text/plain'
@@ -183,4 +193,5 @@ async def api_upload(user):
        await orphan_registry.remember(user['sub'], fingerprint, storage_id)
      raise

+  add_wide_event_context(nanoshare={"operation_status": "uploaded", "content_type": content_type})
  return jsonify({'ok': True})