HttpLoggerMiddleware is a powerful and configurable middleware for logging HTTP requests and responses in your NestJS
application.
It provides detailed logs about incoming requests and completed responses, including HTTP method, URL, headers, response
status, and processing duration.
Additional features include masking sensitive headers, ignoring specific paths, and supporting custom loggers.
| Feature | Description |
|---|---|
| 📥 Detailed request and response logging | Logs HTTP method, URL, headers, status codes, and duration |
| 🔒 Sensitive header masking | Allows masking sensitive headers like Authorization or Cookie |
| 🚫 Path ignoring | Ignore logging on specific paths |
| 📝 Custom log message formatting | Customize incoming and completed request log messages |
| 🛠 Custom logger support | Use your own LoggerService or fallback to NestJS global logger |
Successful responses logged with log, errors with error |
|
| ⚙️ Framework compatibility | Works with both Express and Fastify |
Install the package using npm or yarn:
npm install @samofprog/nestjs-http-logger
# or
yarn add @samofprog/nestjs-http-loggerUse the middleware in your NestJS bootstrap file:
import { HttpLoggerMiddleware } from '@samofprog/nestjs-http-logger';
import { NestFactory } from '@nestjs/core';
import { AppModule } from './app.module';
async function bootstrap() {
const app = await NestFactory.create(AppModule);
app.use(HttpLoggerMiddleware.create());
await app.listen(3000);
}
bootstrap();You can customize the middleware behavior with options:
app.use(HttpLoggerMiddleware.create({
ignorePaths: ['/health', '/metrics'],
sensitiveHeaders: ['authorization', 'cookie'],
sanitizeHeaders: (headers) => {
const sanitized = { ...headers };
['authorization', 'cookie'].forEach(key => {
if (sanitized[key]) sanitized[key] = '[REDACTED]';
});
return sanitized;
},
incomingRequestMessage: (details) =>
`Incoming: ${details.method} ${details.url} → headers: ${JSON.stringify(details.headers)}`,
completedRequestMessage: (details) =>
`Completed: ${details.method} ${details.url} ← status ${details.statusCode} in ${details.durationMs} ms`,
}));| Option | Type | Description | Default |
|---|---|---|---|
logger |
LoggerService |
Custom logger implementing NestJS LoggerService interface. |
NestJS default logger |
ignorePaths |
string[] |
List of URL paths to ignore from logging. | [] |
sensitiveHeaders |
string[] |
List of header names to mask in logs (case-insensitive). | [] |
sanitizeHeaders |
(headers: Record<string, any>) => Record<string, any> |
Function to transform headers before logging (e.g., to mask values). | Identity function (no change) |
incomingRequestMessage |
(details) => string |
Function returning the log message for incoming requests. Receives { method, url, headers }. |
Default formatted string |
completedRequestMessage |
(details) => string |
Function returning the log message for completed requests. Receives { method, url, statusCode, durationMs }. |
Default formatted string |
app.use(HttpLoggerMiddleware.create({
ignorePaths: ['/health', '/metrics'],
sensitiveHeaders: ['authorization', 'cookie'],
}));app.use(HttpLoggerMiddleware.create({
sanitizeHeaders: (headers) => {
const sanitized = { ...headers };
if (sanitized['authorization']) sanitized['authorization'] = '[TOKEN REDACTED]';
if (sanitized['cookie']) sanitized['cookie'] = '[COOKIE REDACTED]';
return sanitized;
}
}));import { Logger } from '@nestjs/common';
const customLogger = new Logger('MyCustomLogger');
app.use(HttpLoggerMiddleware.create({ logger: customLogger }));This package is open-source and available under the MIT License.