@hexmon_tech/audit-express
v2.0.0
Published
Express middleware for audit logging with request context.
Maintainers
anuragkmr45Readme
@hexmon_tech/audit-express
Express middleware for audit logging. Attaches req.audit with request-scoped
context populated from headers and extractor functions.
Install
pnpm add @hexmon_tech/audit-express
npm install @hexmon_tech/audit-expressCompatibility
- Node.js >= 18
- Express 4.18+ required as a peer dependency
- Automatically extends
@hexmon_tech/audit-coreand@hexmon_tech/audit-node
Usage
import express from 'express';
import { createAuditLogger } from '@hexmon_tech/audit-core';
import { createAuditMiddleware } from '@hexmon_tech/audit-express';
const app = express();
const audit = createAuditLogger({ service: 'api', environment: 'dev' });
app.use(
createAuditMiddleware(audit, {
getActor: (req) => req.user,
getTenantId: (req) => req.headers['x-tenant-id'] as string | undefined,
getOrgId: (req) => req.headers['x-org-id'] as string | undefined,
getSessionId: (req) => req.session?.id,
}),
);
app.post('/login', async (req, res) => {
await req.audit.log({
action: 'user.login',
outcome: 'SUCCESS',
actor: { type: 'user', id: req.user.id },
metadata: { authMethod: 'password' },
});
res.json({ ok: true });
});Context Auto-Capture
The middleware captures:
requestIdfromx-request-id(or a custom extractor)ipfromreq.iporx-forwarded-foruserAgentfromuser-agentrouteandmethod(added to event metadata undermetadata.http)
Type Augmentation
req.audit is typed via module augmentation so handlers can access the audit logger directly.
Peer Dependencies
express is a peer dependency so the middleware does not bundle framework runtime code.
Install Express in your application or workspace root.