bennetgallein/vat-api.eu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b0e78086f42e4672eae6fad58ad89c23cb0330f0
vat-api.eu/server/middleware/requestLogger.ts
Bennet Gallein b0e78086f4 feat: anonymize IPs via HMAC before persisting to MongoDB 
GDPR compliance — IPs are HMAC-SHA256'd (truncated to 16 hex chars)
before being pushed to the Redis queue, so only pseudonymous tokens
are ever stored.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-14 10:30:20 +01:00

20 lines
545 B
TypeScript
Raw Blame History

export default defineEventHandler((event) => {
const path = getRequestURL(event).pathname;
if (!path.startsWith("/api/v1/rates")) return;
const ip = getRequestIP(event, { xForwardedFor: true }) ?? "127.0.0.1";
const method = event.method;
const userAgent = getRequestHeader(event, "user-agent") ?? "";
event.node.res.on("finish", () => {
logRequest({
ip: anonymizeIp(ip),
path,
method,
statusCode: event.node.res.statusCode,
userAgent,
timestamp: new Date().toISOString(),
});
});
});
Reference in New Issue View Git Blame Copy Permalink