更明确的 Nginx 日志

tag-icon tag-icon nginx authentication localhost
更明确的 Nginx 日志

我在 MacOS 中使用 nginx 在 localhost 中测试第三方身份验证,例如 Google 和 Twitter。因此,在我的本地网站上https://localhost:8000/...,我可以进行www.funfun.io第三方身份验证。

以下是 nginx 配置文件:

worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    log_format my_log '{ "time": "$time_iso8601", '
        '"remote_addr": "$remote_addr", '
        '"status": "$status", '
        '"request": "$request", '
        '"request_method": "$request_method", '
        '"http_referrer": "$http_referer", '
        '"http_x_forwarded_for": "$http_x_forwarded_for", '
        '"host": "$host", '
        '"server_name": "$server_name", '
        '"upstream_address": "$upstream_addr", '
        '"upstream_status": "$upstream_status", }';

    access_log /usr/local/var/log/nginx/my_log_access.log my_log;

    upstream funfun {
        server 178.62.87.72:443;
    }

    server {
        listen              443 ssl;
        server_name localhost;
        ssl_certificate /etc/ssl/localhost/localhost.crt;
        ssl_certificate_key /etc/ssl/localhost/localhost.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_session_timeout 1d;
        ssl_stapling off;
        ssl_stapling_verify off;
        add_header Strict-Transport-Security max-age=15768000;
        add_header X-Frame-Options "";
        proxy_ssl_name "www.funfun.io";
        proxy_ssl_server_name on;

        location ~ /socialLoginSuccess {
            rewrite ^ '/#/socialLoginSuccess' redirect;
        }

        location ~ /auth/(.*) {
            proxy_pass  https://funfun/10studio/auth/$1?$query_string;
            proxy_set_header Host localhost;
        }
    }
    include servers/*;
}

以下是部分日志:

{ "time": "2021-11-11T01:02:44+01:00", "remote_addr": "127.0.0.1", "status": "204", "request": "OPTIONS /10studio/auth/logout HTTP/1.1", "request_method": "OPTIONS", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "204" }
{ "time": "2021-11-11T01:02:44+01:00", "remote_addr": "127.0.0.1", "status": "200", "request": "POST /10studio/auth/logout HTTP/1.1", "request_method": "POST", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "200" }
{ "time": "2021-11-11T01:02:47+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /10studio/auth/google HTTP/1.1", "request_method": "GET", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "302" }
{ "time": "2021-11-11T01:02:50+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /auth/google/callback?code=4%2F0AX4XfWihw3erIiZok3Yk8jZ5hjcg4sT35YLuZAp5h3qIDZvC_BuHSlvbRiTSh4Sobo_Wbw&scope=email+profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+openid&authuser=0&prompt=consent HTTP/1.1", "request_method": "GET", "http_referrer": "https://accounts.google.com/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "302" }
{ "time": "2021-11-11T01:02:50+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /auth/signinSuccess HTTP/1.1", "request_method": "GET", "http_referrer": "https://accounts.google.com/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "302" }
{ "time": "2021-11-11T01:02:50+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /socialLoginSuccess HTTP/1.1", "request_method": "GET", "http_referrer": "https://accounts.google.com/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "-", "upstream_status": "-" }
{ "time": "2021-11-11T01:03:00+01:00", "remote_addr": "127.0.0.1", "status": "200", "request": "GET /10studio/10studio/auth/tokenTie?t=1636588979945 HTTP/1.1", "request_method": "GET", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "200" }
{ "time": "2021-11-11T01:03:00+01:00", "remote_addr": "127.0.0.1", "status": "200", "request": "GET /10studio/10studio/auth/tokenTie?t=1636588979993 HTTP/1.1", "request_method": "GET", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "200" }

我意识到,对于https://localhost:8000/#/home没有auth或的正常请求(例如) socialLoginSuccess,没有记录日志。有人知道如何修改我的 nginx 配置文件以记录它们的日志吗?

此外,我希望从日志中看到,像这样的请求https://localhost/10studio/auth/google确实已到达代理服务器https://178.62.87.72:443/10studio/auth/...。但从当前日志来看,这并不明显。有人知道我该如何修改 nginx 配置文件以使其更明确吗?

相关内容