feat: auth metric and trace (#4063)

2026-02-12 04:18:54 +00:00 · 2023-09-06 12:20:06 +08:00
parent d29514c995
commit ef3d3a34e2
9 changed files with 143 additions and 42 deletions
--- a/apps/server/src/metrics/metrics.ts
+++ b/apps/server/src/metrics/metrics.ts
@@ -22,4 +22,7 @@ export class Metrics implements OnModuleDestroy {
  jwstCodecMerge = metricsCreator.counter('jwst_codec_merge');
  jwstCodecDidnotMatch = metricsCreator.counter('jwst_codec_didnot_match');
  jwstCodecFail = metricsCreator.counter('jwst_codec_fail');
+
+  authCounter = metricsCreator.counter('auth');
+  authFailCounter = metricsCreator.counter('auth_fail', ['reason']);
 }
--- a/apps/server/src/modules/auth/next-auth.controller.ts
+++ b/apps/server/src/modules/auth/next-auth.controller.ts
@@ -19,6 +19,7 @@ import type { AuthAction, NextAuthOptions } from 'next-auth';
 import { AuthHandler } from 'next-auth/core';

 import { Config } from '../../config';
+import { Metrics } from '../../metrics/metrics';
 import { PrismaService } from '../../prisma/service';
 import { CloudThrottlerGuard, Throttle } from '../../throttler';
 import { NextAuthOptionsProvide } from './next-auth-options';
@@ -37,7 +38,8 @@ export class NextAuthController {
    readonly prisma: PrismaService,
    private readonly authService: AuthService,
    @Inject(NextAuthOptionsProvide)
-    private readonly nextAuthOptions: NextAuthOptions
+    private readonly nextAuthOptions: NextAuthOptions,
+    private readonly metrics: Metrics
  ) {
    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
    this.callbackSession = nextAuthOptions.callbacks!.session;
@@ -52,6 +54,7 @@ export class NextAuthController {
    @Query() query: Record<string, any>,
    @Next() next: NextFunction
  ) {
+    this.metrics.authCounter(1, {});
    const [action, providerId] = req.url // start with request url
      .slice(BASE_URL.length) // make relative to baseUrl
      .replace(/\?.*/, '') // remove query part, use only path part
@@ -83,6 +86,7 @@ export class NextAuthController {
    const options = this.nextAuthOptions;
    if (req.method === 'POST' && action === 'session') {
      if (typeof req.body !== 'object' || typeof req.body.data !== 'object') {
+        this.metrics.authFailCounter(1, { reason: 'invalid_session_data' });
        throw new BadRequestException(`Invalid new session data`);
      }
      const user = await this.updateSession(req, req.body.data);
@@ -130,6 +134,9 @@ export class NextAuthController {
      if (!req.headers?.referer) {
        res.redirect('https://community.affine.pro/c/insider-general/');
      } else {
+        this.metrics.authFailCounter(1, {
+          reason: 'no_early_access_permission',
+        });
        res.status(403);
        res.json({
          url: 'https://community.affine.pro/c/insider-general/',