Skip to content

[TASK/FEATURE] Add Detailed Logging for Forbidden Access #64

New issue
New issue
Open
Open
[TASK/FEATURE] Add Detailed Logging for Forbidden Access#64
Labels
OSCILinks to OSCI pipeline for points & rewards
@CappyCap17

Description

@CappyCap17
CappyCap17
opened on Sep 7, 2025

📝 Task Description

Describing: This task does proposes adding detailed logging to the authorizeRoles middleware of the project. The goal is to improve debugging and security auditing by recording essential information whenever an authenticated user is denied access to a protected route due to insufficient permissions. Thus helping with securing user data and app safety.

🎯 Goal

The goal is to improve security and debugging by adding a logging feature to record every unauthorized access attempt on the backend.

🛠 Steps to Complete

  1. Using Winston library for logging stuff

  2. Creating a Logger Utility: A central module to initialize and configure the logger, which allows for consistent use across the application.

  3. then Integrate into Middleware: Add a logger.warn() statement within the authorizeRoles middleware.

  4. Log Key Data: The log will capture the user ID, their role, the required roles, and the route they attempted to access.

  5. Using .env: An environment variable will be used to control the logging level, allowing for different levels of detail in various environments (e.g., development vs. production).

⏳ Expected Completion Time

1 Day at 7 Sep before 6:30 pm IST

@devayanm I am a part of OSCI'25 and would like to work on this issue. Please assign me so that i can enhance the project. I have already half worked on this and I will simultaneously send you pull request as time is running.

Metadata

Metadata

Assignees

No one assigned

    Labels

    OSCILinks to OSCI pipeline for points & rewards

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions