feat: add an option to disable header masking for a route

algoan · Sep 13, 2024 · ffc7776 · ffc7776
1 parent 3559108
commit ffc7776
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 1 deletion.
diff --git a/packages/logging-interceptor/src/log.decorator.ts b/packages/logging-interceptor/src/log.decorator.ts
@@ -28,6 +28,10 @@ export interface MaskingOptions {
    * If it is an array of strings, it will mask only the specified fields.
    */
   response?: string[] | boolean;
+  /**
+   * If true, it will disable the header masking.
+   */
+  disableHeaderMask?: boolean;
 }
 
 /**

diff --git a/packages/logging-interceptor/src/logging.interceptor.ts b/packages/logging-interceptor/src/logging.interceptor.ts
@@ -150,7 +150,8 @@ export class LoggingInterceptor implements NestInterceptor {
 
     // eslint-disable-next-line @typescript-eslint/strict-boolean-expressions
     const maskedBody = options?.mask?.request ? this.maskData(body, options.mask.request) : body;
-    const maskedHeaders = this.maskHeaders(headers);
+    // eslint-disable-next-line @typescript-eslint/strict-boolean-expressions
+    const maskedHeaders = options?.mask?.disableHeaderMask ? headers : this.maskHeaders(headers);
 
     this.logger.log(
       {

diff --git a/packages/logging-interceptor/test/logging.interceptor.test.ts b/packages/logging-interceptor/test/logging.interceptor.test.ts
@@ -483,6 +483,17 @@ describe('Logging interceptor', () => {
       expect(logSpy.mock.calls[0][0].headers.authorization).toBe('Bearer JWT');
     });
 
+    it('should not mask a request header is disableHeaderMasking is true', async () => {
+      const interceptor = app.get(ApplicationConfig).getGlobalInterceptors()[0] as LoggingInterceptor;
+      interceptor.setMask({ requestHeader: {} });
+      const logSpy: jest.SpyInstance = jest.spyOn(Logger.prototype, 'log');
+      const url: string = `/cats/header`;
+
+      await request(app.getHttpServer()).post(url).set('authorization', 'Bearer JWT').expect(HttpStatus.CREATED);
+
+      expect(logSpy.mock.calls[0][0].headers.authorization).toBe('Bearer JWT');
+    });
+
     it('should not mask a request header if the corresponding mask is false', async () => {
       const interceptor = app.get(ApplicationConfig).getGlobalInterceptors()[0] as LoggingInterceptor;
       interceptor.setMask({ requestHeader: { authorization: false } });

diff --git a/packages/logging-interceptor/test/test-app/cats/cats.controller.ts b/packages/logging-interceptor/test/test-app/cats/cats.controller.ts
@@ -48,6 +48,22 @@ export class CatsController {
     return { id: 1, ...payload };
   }
 
+  @Post('header')
+  @Log({
+    mask: {
+      request: ['birthdate', 'interests.description', 'address', 'enemies'],
+      response: ['id', 'birthdate', 'interests.description', 'address', 'enemies'],
+      disableHeaderMask: true,
+    },
+  })
+  public createCatUnmaskedHeader(@Body() payload: CreateCatDto) {
+    if (payload.name === 'dog') {
+      throw new BadRequestException({ message: 'You cannot name a cat dog' });
+    }
+
+    return { id: 1, ...payload };
+  }
+
   @Get()
   @Log({
     mask: {