From c453a5f2add61121fbdc61ed5272df108d9ff187 Mon Sep 17 00:00:00 2001
From: nai-degen <khoners@protonmail.com>
Date: Fri, 10 Nov 2023 22:41:36 -0600
Subject: [PATCH] logs usertoken lookup attempts

---
 src/server.ts                | 9 ++++++---
 src/user/web/self-service.ts | 9 +++++++++
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/server.ts b/src/server.ts
index 920ccd7..55aa95f 100644
--- a/src/server.ts
+++ b/src/server.ts
@@ -25,9 +25,7 @@ app.use(
   pinoHttp({
     quietReqLogger: true,
     logger,
-    autoLogging: {
-      ignore: ({ url }) => ["/health"].includes(url as string),
-    },
+    autoLogging: { ignore: ({ url }) => ["/health"].includes(url as string) },
     redact: {
       paths: [
         "req.headers.cookie",
@@ -40,6 +38,11 @@ app.use(
       ],
       censor: "********",
     },
+    customProps: (req) => {
+      const user = (req as express.Request).user;
+      if (user) return { userToken: `...${user.token.slice(-5)}` };
+      return {};
+    },
   })
 );
 
diff --git a/src/user/web/self-service.ts b/src/user/web/self-service.ts
index bd6811d..4046245 100644
--- a/src/user/web/self-service.ts
+++ b/src/user/web/self-service.ts
@@ -31,6 +31,10 @@ router.get("/lookup", (_req, res) => {
 router.post("/lookup", (req, res) => {
   const token = req.body.token;
   const user = userStore.getUser(token);
+  req.log.info(
+    { token: truncateToken(token), success: !!user },
+    "User self-service lookup"
+  );
   if (!user) {
     req.session.flash = { type: "error", message: "Invalid user token." };
     return res.redirect("/user/lookup");
@@ -67,4 +71,9 @@ router.post("/edit-nickname", (req, res) => {
   return res.redirect("/user/lookup");
 });
 
+function truncateToken(token: string) {
+  const sliceLength = Math.max(Math.floor(token.length / 8), 1);
+  return `${token.slice(0, sliceLength)}...${token.slice(-sliceLength)}`;
+}
+
 export { router as selfServiceRouter };