Adiciona requestId em requisições

docker/config/nginx/sapl.conf

@@ -4,6 +4,13 @@ upstream sapl_server {
 
 }
 
+# Se o cliente já manda X-Request-ID, reaproveita; senão, usa $request_id (nginx)
+map $http_x_request_id $req_id {
+    default $http_x_request_id;
+    ""      $request_id;
+}
+
+
 server {
 
     listen   80;
@@ -30,7 +37,9 @@ server {
              return 204;
         }
 
+        proxy_set_header X-Request-ID $req_id;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
         proxy_set_header Host $http_host;
         proxy_redirect off;
         proxy_pass http://sapl_server;
@@ -45,10 +54,11 @@ server {
     }
 
     location / {
+        proxy_set_header X-Request-ID $req_id;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
         proxy_set_header Host $http_host;
         proxy_redirect off;
-
         proxy_pass http://sapl_server;
     }
 

sapl/logging/filters.py

@@ -0,0 +1,21 @@
+# sapl/logging/filters.py
+import logging
+import contextvars
+
+_request_id = contextvars.ContextVar("request_id", default="-")
+
+
+def set_request_id(value: str):
+    _request_id.set(value)
+
+
+def get_request_id() -> str:
+    return _request_id.get()
+
+
+class RequestIdFilter(logging.Filter):
+    def filter(self, record: logging.LogRecord) -> bool:
+        # garante que SEMPRE existe
+        if not hasattr(record, "request_id"):
+            record.request_id = get_request_id()
+        return True

sapl/middleware/request_id.py

@@ -0,0 +1,24 @@
+import uuid
+from sapl.logging.filters import set_request_id
+
+HEADER_NAME = "HTTP_X_REQUEST_ID"
+RESPONSE_HEADER = "X-Request-ID"
+
+
+def _new_id():
+    return uuid.uuid4().hex
+
+
+class RequestIdMiddleware:
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        # recebe `request_id` do nginx ou do cliente senão cria um
+        request_id = request.META.get(HEADER_NAME) or _new_id()
+        request_id = str(request_id)[:64]
+        request.request_id = request_id
+        set_request_id(request_id)
+        response = self.get_response(request)
+        response[RESPONSE_HEADER] = request_id
+        return response

sapl/settings.py

@@ -138,11 +138,12 @@ HAYSTACK_CONNECTIONS = {
 }
 
 MIDDLEWARE = [
+    'sapl.middleware.request_id.RequestIdMiddleware',
     'django_prometheus.middleware.PrometheusBeforeMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.locale.LocaleMiddleware',
     'django.middleware.common.CommonMiddleware',
-    'sapl.endpoint_restriction_middleware.EndpointRestrictionMiddleware',
+    'sapl.middleware.endpoint_restriction.EndpointRestrictionMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
@@ -150,7 +151,7 @@ MIDDLEWARE = [
     'django.middleware.security.SecurityMiddleware',
     'whitenoise.middleware.WhiteNoiseMiddleware',
     'waffle.middleware.WaffleMiddleware',
-    'sapl.middleware.CheckWeakPasswordMiddleware',
+    'sapl.middleware.check_password.CheckWeakPasswordMiddleware',
     'django_prometheus.middleware.PrometheusAfterMiddleware',
 ]
 if DEBUG:
@@ -421,32 +422,37 @@ LOGGING = {
         'require_debug_true': {
             '()': 'django.utils.log.RequireDebugTrue',
         },
+        'request_id': {
+            "()": 'sapl.logging.filters.RequestIdFilter',
+        },
     },
     'formatters': {
         'verbose': {
-            'format': '%(levelname)s %(asctime)s ' + host + ' %(pathname)s %(name)s:%(funcName)s:%(lineno)d %(message)s'
+            'format': '%(levelname)s %(asctime)s [%(request_id)s] ' + host + '%(pathname)s %(name)s:%(funcName)s:%('
+                                                                            'lineno)d %(message)s '
         },
         'simple': {
-            'format': '%(levelname)s %(asctime)s - %(message)s'
+            'format': '%(levelname)s %(asctime)s [%(request_id)s] - %(message)s'
         },
     },
     'handlers': {
         'console': {
             'level': 'INFO',
             'class': 'logging.StreamHandler',
-            'filters': ['require_debug_true'],
+            'filters': ['request_id', 'require_debug_true'],
             'formatter': 'simple',
         },
         'console_verbose': {
             'level': 'DEBUG',
             'class': 'logging.StreamHandler',
-            'filters': ['require_debug_true'],
+            'filters': ['request_id', 'require_debug_true'],
             'formatter': 'verbose',
         },
         'applogfile': {
             'level': 'INFO',
             'class': 'logging.handlers.RotatingFileHandler',
             'filename': 'sapl.log',
+            'filters': ['request_id'],
             'maxBytes': 1024 * 1024 * 15,  # 15MB
             'backupCount': 10,
             'formatter': 'verbose',