src/Component/EventSubscriber/ApiLogSubscriber.php line 48

Open in your IDE?
  1. <?php
  3. namespace App\Component\EventSubscriber;
  5. use App\Component\Traits\EntityManagerTrait;
  6. use App\Component\Traits\Service\RepositoryServiceTrait;
  7. use App\Controller\Api\AbstractApiController;
  8. use App\Entity\Historique\Actionutilisateur\Api;
  9. use App\Entity\User;
  10. use Doctrine\ORM\Exception\ORMException;
  11. use Doctrine\ORM\OptimisticLockException;
  12. use Psr\Log\LoggerInterface;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  15. use Symfony\Component\HttpKernel\Event\TerminateEvent;
  16. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  18. class ApiLogSubscriber extends AbstractApiController
  19. {
  20. use EntityManagerTrait;
  21. use RepositoryServiceTrait;
  23. /**
  24. * @var LoggerInterface
  25. */
  26. private LoggerInterface $logger;
  27. /**
  28. * @var TokenStorageInterface
  29. */
  30. private TokenStorageInterface $tokenStorage;
  32. /**
  33. * ApiLogSubscriber constructor.
  34. * @param LoggerInterface $logger
  35. * @param TokenStorageInterface $tokenStorage
  36. */
  37. public function __construct(LoggerInterface $logger, TokenStorageInterface $tokenStorage)
  38. {
  39. $this->logger = $logger;
  40. $this->tokenStorage = $tokenStorage;
  41. }
  43. /**
  44. * @param ExceptionEvent $event
  45. * @throws ORMException
  46. * @throws OptimisticLockException
  47. */
  48. public function onKernelException(ExceptionEvent $event)
  49. {
  50. $this->addLog($event);
  51. }
  53. /**
  54. * @param ExceptionEvent|TerminateEvent $event
  55. * @throws ORMException
  56. * @throws OptimisticLockException
  57. */
  58. private function addLog($event)
  59. {
  60. $request = $event->getRequest();
  62. // On filtre sur les appels à l'api
  63. if (substr($request->getRequestUri(), 0, 5) != '/api/') {
  64. return;
  65. }
  67. // Les appels à ne pas mettre dans les logs
  68. if (in_array($request->getRequestUri(), [
  69. '/api/ping/',
  70. '/api/v2/ping',
  71. ])) {
  72. return;
  73. }
  75. $content = $request->getContent();
  77. $tmp = json_decode($content);
  78. if (is_object($tmp) && property_exists($tmp, 'password')) {
  79. $tmp->password = '***';
  80. $content = json_encode($tmp);
  81. }
  83. $user = $this->getApiUser($event);
  85. $uri = $request->getRequestUri();
  86. $method = $request->getMethod();
  88. if ($event instanceof TerminateEvent) {
  89. $response = $event->getResponse();
  90. /** @var Response $response */
  91. $responseText = $response->getContent();
  92. $status = $response->getStatusCode();
  93. } else {
  94. /** @var ExceptionEvent $event */
  95. $responseText = $event->getThrowable()->getMessage().PHP_EOL.$event->getThrowable()->getTraceAsString();
  96. $status = $event->getThrowable()->getCode();
  97. }
  99. if ($status == 0) {
  100. // pas de double log en cas d'exception
  101. return;
  102. }
  104. $headers = $request->headers->all();
  105. $token = $request->headers->get('x-auth-token');
  107. $this->addMonolog($uri, $content, $responseText, $method, $status, $headers);
  108. $this->addSqlLog($user, $uri, $content, $method, $responseText, $status, $token);
  109. }
  111. /**
  112. * @param ExceptionEvent|TerminateEvent $event
  113. * @return User|null
  114. */
  115. private function getApiUser($event): ?User
  116. {
  117. if ($event->getRequest()->getRequestUri() == '/api/login/' || $event->getRequest()->getRequestUri(
  118. ) == '/api/v2/login') {
  119. $username = json_decode($event->getRequest()->getContent())->username ?? null;
  120. if ($username) {
  121. return $this->repositoryService->getUser()->findOneByUsername($username);
  122. }
  123. }
  125. $headers = $event->getRequest()->headers;
  127. if ($headers->get('X-Auth-Token')) {
  128. $user = $this->repositoryService->getUser()->findOneByApiToken($headers->get('X-Auth-Token'));
  129. if ($user instanceof User) {
  130. return $user;
  131. }
  132. }
  134. return null;
  135. }
  137. public function addMonolog($uri, $content, $response, $method, $status, $headers)
  138. {
  139. switch ($status) {
  140. case Response::HTTP_OK:
  141. $logType = 'info';
  142. break;
  143. case Response::HTTP_UNAUTHORIZED:
  144. $logType = 'notice';
  145. break;
  146. default:
  147. $logType = 'error';
  148. }
  149. $this->logger->$logType($method.' '.$uri, [
  150. 'status' => $status,
  151. 'request body' => $content,
  152. 'response' => json_decode($response, true),
  153. 'headers' => $headers,
  154. ]);
  155. }
  157. /**
  158. * @param User|null $user
  159. * @param $uri
  160. * @param $content
  161. * @param $method
  162. * @param $response
  163. * @param $status
  164. * @param $token
  165. * @throws ORMException
  166. * @throws OptimisticLockException
  167. */
  168. public function addSqlLog(?User $user, $uri, $content, $method, $response, $status, $token)
  169. {
  170. if (!$this->entityManager->isOpen()) {
  171. $this->entityManager = $this->entityManager->create(
  172. $this->entityManager->getConnection(),
  173. $this->entityManager->getConfiguration(),
  174. $this->entityManager->getEventManager()
  175. );
  176. }
  178. $log = new Api();
  179. $log->setUri($uri)
  180. ->setBody($content)
  181. ->setMethod($method)
  182. ->setResponse($response)
  183. ->setStatus($status)
  184. ->setToken($token);
  186. if ($user && $user->getId()) {
  187. $log->setUser($this->entityManager->getReference(User::class, $user->getId()));
  188. }
  190. $this->entityManager->persist($log);
  191. $this->entityManager->flush();
  192. }
  194. /**
  195. * @param TerminateEvent $event
  196. * @throws ORMException
  197. * @throws OptimisticLockException
  198. */
  199. public function onKernelTerminate(TerminateEvent $event)
  200. {
  201. $this->addLog($event);
  202. }
  203. }