vat-api.eu/server/utils/requestLogger.ts

import { createHmac } from "node:crypto";

export interface RequestLogEntry {
  ip: string;
  path: string;
  method: string;
  statusCode: number;
  userAgent: string;
  timestamp: string;
}

export function anonymizeIp(ip: string): string {
  const secret = useRuntimeConfig().adminPassword || "default-hmac-key";
  return createHmac("sha256", secret).update(ip).digest("hex").slice(0, 16);
}

export function logRequest(data: RequestLogEntry): void {
  try {
    const redis = getRedis();
    redis.lpush("request-logs", JSON.stringify(data)).catch(() => {});
  } catch {
    // Never let logging break API responses
  }
}