v1.12.0-rc.7

fix: get real ip for rate limit key
v1.12.0-rc.6
2025-11-10 04:22:32 +10:00 · 2025-06-27 22:17:45 +10:00 · 2025-06-27 22:17:02 +10:00 · 2025-06-27 21:46:16 +10:00 · 2025-06-27 21:44:51 +10:00
13 changed files with 439 additions and 122 deletions
--- a/apps/remix/package.json
+++ b/apps/remix/package.json
@ -101,5 +101,5 @@
    "vite-plugin-babel-macros": "^1.0.6",
    "vite-tsconfig-paths": "^5.1.4"
  },
-  "version": "1.12.0-rc.5"
+  "version": "1.12.0-rc.7"
 }
--- a/apps/remix/server/router.ts
+++ b/apps/remix/server/router.ts
@ -1,11 +1,16 @@
 import { Hono } from 'hono';
 import { rateLimiter } from 'hono-rate-limiter';
 import { contextStorage } from 'hono/context-storage';
+import { requestId } from 'hono/request-id';
+import type { RequestIdVariables } from 'hono/request-id';
+import type { Logger } from 'pino';

 import { tsRestHonoApp } from '@documenso/api/hono';
 import { auth } from '@documenso/auth/server';
 import { API_V2_BETA_URL } from '@documenso/lib/constants/app';
 import { jobsClient } from '@documenso/lib/jobs/client';
+import { getIpAddress } from '@documenso/lib/universal/get-ip-address';
+import { logger } from '@documenso/lib/utils/logger';
 import { openApiDocument } from '@documenso/trpc/server/open-api';

 import { filesRoute } from './api/files';
@ -15,8 +20,9 @@ import { openApiTrpcServerHandler } from './trpc/hono-trpc-open-api';
 import { reactRouterTrpcServer } from './trpc/hono-trpc-remix';

 export interface HonoEnv {
-  Variables: {
+  Variables: RequestIdVariables & {
    context: AppContext;
+    logger: Logger;
  };
 }

@ -30,7 +36,11 @@ const rateLimitMiddleware = rateLimiter({
  windowMs: 60 * 1000, // 1 minute
  limit: 100, // 100 requests per window
  keyGenerator: (c) => {
-    return c.req.header('x-forwarded-for') || c.req.header('x-real-ip') || 'unknown';
+    try {
+      return getIpAddress(c.req.raw);
+    } catch (error) {
+      return 'unknown';
+    }
  },
  message: {
    error: 'Too many requests, please try again later.',
@ -47,6 +57,20 @@ app.use(appContext);
 * RR7 app middleware.
 */
 app.use('*', appMiddleware);
+app.use('*', requestId());
+app.use(async (c, next) => {
+  const metadata = c.get('context').requestMetadata;
+
+  const honoLogger = logger.child({
+    requestId: c.var.requestId,
+    ipAddress: metadata.ipAddress,
+    userAgent: metadata.userAgent,
+  });
+
+  c.set('logger', honoLogger);
+
+  await next();
+});

 // Apply rate limit to /api/v1/*
 app.use('/api/v1/*', rateLimitMiddleware);
--- a/package-lock.json
+++ b/package-lock.json
@ -1,12 +1,12 @@
 {
  "name": "@documenso/root",
-  "version": "1.12.0-rc.5",
+  "version": "1.12.0-rc.7",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "@documenso/root",
-      "version": "1.12.0-rc.5",
+      "version": "1.12.0-rc.7",
      "workspaces": [
        "apps/*",
        "packages/*"
@ -89,7 +89,7 @@
    },
    "apps/remix": {
      "name": "@documenso/remix",
-      "version": "1.12.0-rc.5",
+      "version": "1.12.0-rc.7",
      "dependencies": {
        "@documenso/api": "*",
        "@documenso/assets": "*",
@ -13312,6 +13312,15 @@
      "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==",
      "license": "MIT"
    },
+    "node_modules/atomic-sleep": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/atomic-sleep/-/atomic-sleep-1.0.0.tgz",
+      "integrity": "sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=8.0.0"
+      }
+    },
    "node_modules/attr-accept": {
      "version": "2.2.5",
      "resolved": "https://registry.npmjs.org/attr-accept/-/attr-accept-2.2.5.tgz",
@ -14937,7 +14946,6 @@
      "version": "2.0.20",
      "resolved": "https://registry.npmjs.org/colorette/-/colorette-2.0.20.tgz",
      "integrity": "sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==",
-      "dev": true,
      "license": "MIT"
    },
    "node_modules/colors": {
@ -16119,6 +16127,15 @@
        "url": "https://github.com/sponsors/kossnocorp"
      }
    },
+    "node_modules/dateformat": {
+      "version": "4.6.3",
+      "resolved": "https://registry.npmjs.org/dateformat/-/dateformat-4.6.3.tgz",
+      "integrity": "sha512-2P0p0pFGzHS5EMnhdxQi7aJN+iMheud0UhG4dlE1DLAlvL8JHjJJTX/CSm4JXwV0Ka5nGk3zC5mcb5bUQUxxMA==",
+      "license": "MIT",
+      "engines": {
+        "node": "*"
+      }
+    },
    "node_modules/dayjs": {
      "version": "1.11.13",
      "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.13.tgz",
@ -18241,6 +18258,12 @@
        "node": ">=4"
      }
    },
+    "node_modules/fast-copy": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/fast-copy/-/fast-copy-3.0.2.tgz",
+      "integrity": "sha512-dl0O9Vhju8IrcLndv2eU4ldt1ftXMqqfgN4H1cpmGV7P6jeB9FwpN9a2c8DPGE1Ys88rNUJVYDHq73CGAGOPfQ==",
+      "license": "MIT"
+    },
    "node_modules/fast-deep-equal": {
      "version": "3.1.3",
      "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
@ -18309,6 +18332,21 @@
      "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==",
      "license": "MIT"
    },
+    "node_modules/fast-redact": {
+      "version": "3.5.0",
+      "resolved": "https://registry.npmjs.org/fast-redact/-/fast-redact-3.5.0.tgz",
+      "integrity": "sha512-dwsoQlS7h9hMeYUq1W++23NDcBLV4KqONnITDV9DjfS3q1SgDGVrBdvvTLUotWtPSD7asWDV9/CmsZPy8Hf70A==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/fast-safe-stringify": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/fast-safe-stringify/-/fast-safe-stringify-2.1.1.tgz",
+      "integrity": "sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA==",
+      "license": "MIT"
+    },
    "node_modules/fast-uri": {
      "version": "3.0.6",
      "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.0.6.tgz",
@ -21653,7 +21691,6 @@
      "version": "3.1.1",
      "resolved": "https://registry.npmjs.org/joycon/-/joycon-3.1.1.tgz",
      "integrity": "sha512-34wB/Y7MW7bzjKRjUKTa46I2Z7eV62Rkhva+KkopW7Qvv/OSWBqvkSY7vusOPrNuZcUG3tApvdVgNB8POj3SPw==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">=10"
@ -26084,6 +26121,15 @@
      "integrity": "sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg==",
      "license": "MIT"
    },
+    "node_modules/on-exit-leak-free": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/on-exit-leak-free/-/on-exit-leak-free-2.1.2.tgz",
+      "integrity": "sha512-0eJJY6hXLGf1udHwfNftBqH+g73EU4B504nZeKpz1sYRKafAghwxEJunB2O7rDZkL4PGfsMVnTXZ2EjibbqcsA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=14.0.0"
+      }
+    },
    "node_modules/on-finished": {
      "version": "2.4.1",
      "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz",
@ -26903,6 +26949,82 @@
        "node": ">=0.10.0"
      }
    },
+    "node_modules/pino": {
+      "version": "9.7.0",
+      "resolved": "https://registry.npmjs.org/pino/-/pino-9.7.0.tgz",
+      "integrity": "sha512-vnMCM6xZTb1WDmLvtG2lE/2p+t9hDEIvTWJsu6FejkE62vB7gDhvzrpFR4Cw2to+9JNQxVnkAKVPA1KPB98vWg==",
+      "license": "MIT",
+      "dependencies": {
+        "atomic-sleep": "^1.0.0",
+        "fast-redact": "^3.1.1",
+        "on-exit-leak-free": "^2.1.0",
+        "pino-abstract-transport": "^2.0.0",
+        "pino-std-serializers": "^7.0.0",
+        "process-warning": "^5.0.0",
+        "quick-format-unescaped": "^4.0.3",
+        "real-require": "^0.2.0",
+        "safe-stable-stringify": "^2.3.1",
+        "sonic-boom": "^4.0.1",
+        "thread-stream": "^3.0.0"
+      },
+      "bin": {
+        "pino": "bin.js"
+      }
+    },
+    "node_modules/pino-abstract-transport": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/pino-abstract-transport/-/pino-abstract-transport-2.0.0.tgz",
+      "integrity": "sha512-F63x5tizV6WCh4R6RHyi2Ml+M70DNRXt/+HANowMflpgGFMAym/VKm6G7ZOQRjqN7XbGxK1Lg9t6ZrtzOaivMw==",
+      "license": "MIT",
+      "dependencies": {
+        "split2": "^4.0.0"
+      }
+    },
+    "node_modules/pino-abstract-transport/node_modules/split2": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/split2/-/split2-4.2.0.tgz",
+      "integrity": "sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==",
+      "license": "ISC",
+      "engines": {
+        "node": ">= 10.x"
+      }
+    },
+    "node_modules/pino-pretty": {
+      "version": "13.0.0",
+      "resolved": "https://registry.npmjs.org/pino-pretty/-/pino-pretty-13.0.0.tgz",
+      "integrity": "sha512-cQBBIVG3YajgoUjo1FdKVRX6t9XPxwB9lcNJVD5GCnNM4Y6T12YYx8c6zEejxQsU0wrg9TwmDulcE9LR7qcJqA==",
+      "license": "MIT",
+      "dependencies": {
+        "colorette": "^2.0.7",
+        "dateformat": "^4.6.3",
+        "fast-copy": "^3.0.2",
+        "fast-safe-stringify": "^2.1.1",
+        "help-me": "^5.0.0",
+        "joycon": "^3.1.1",
+        "minimist": "^1.2.6",
+        "on-exit-leak-free": "^2.1.0",
+        "pino-abstract-transport": "^2.0.0",
+        "pump": "^3.0.0",
+        "secure-json-parse": "^2.4.0",
+        "sonic-boom": "^4.0.1",
+        "strip-json-comments": "^3.1.1"
+      },
+      "bin": {
+        "pino-pretty": "bin.js"
+      }
+    },
+    "node_modules/pino-pretty/node_modules/help-me": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/help-me/-/help-me-5.0.0.tgz",
+      "integrity": "sha512-7xgomUX6ADmcYzFik0HzAxh/73YlKR9bmFzf51CZwR+b6YtzU2m0u49hQCqV6SvlqIqsaxovfwdvbnsw3b/zpg==",
+      "license": "MIT"
+    },
+    "node_modules/pino-std-serializers": {
+      "version": "7.0.0",
+      "resolved": "https://registry.npmjs.org/pino-std-serializers/-/pino-std-serializers-7.0.0.tgz",
+      "integrity": "sha512-e906FRY0+tV27iq4juKzSYPbUj2do2X2JX4EzSca1631EB2QJQUqGbDuERal7LCtOpxl6x3+nvo9NPZcmjkiFA==",
+      "license": "MIT"
+    },
    "node_modules/pirates": {
      "version": "4.0.7",
      "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.7.tgz",
@ -27780,6 +27902,22 @@
      "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==",
      "license": "MIT"
    },
+    "node_modules/process-warning": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/process-warning/-/process-warning-5.0.0.tgz",
+      "integrity": "sha512-a39t9ApHNx2L4+HBnQKqxxHNs1r7KF+Intd8Q/g1bUh6q0WIp9voPXJ/x0j+ZL45KF1pJd9+q2jLIRMfvEshkA==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/fastify"
+        },
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/fastify"
+        }
+      ],
+      "license": "MIT"
+    },
    "node_modules/progress": {
      "version": "2.0.3",
      "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz",
@ -28017,6 +28155,12 @@
      ],
      "license": "MIT"
    },
+    "node_modules/quick-format-unescaped": {
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/quick-format-unescaped/-/quick-format-unescaped-4.0.4.tgz",
+      "integrity": "sha512-tYC1Q1hgyRuHgloV/YXs2w15unPVh8qfu/qCTfhTYamaw7fyhumKa2yGpdSo87vY32rIclj+4fWYQXUMs9EHvg==",
+      "license": "MIT"
+    },
    "node_modules/quick-lru": {
      "version": "4.0.1",
      "resolved": "https://registry.npmjs.org/quick-lru/-/quick-lru-4.0.1.tgz",
@ -29408,6 +29552,15 @@
      "integrity": "sha512-onYyVhBNr4CmAxFsKS7bz+uTLRakypIe4R+5A824vBSkQy/hB3fZepoVEf8OVAxzLvK+H/jm9TzpI3ETSm64Kg==",
      "license": "MIT"
    },
+    "node_modules/real-require": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/real-require/-/real-require-0.2.0.tgz",
+      "integrity": "sha512-57frrGM/OCTLqLOAh0mhVA9VBMHd+9U7Zb2THMGdBUoZVOtGbJzjxsYGDJ3A9AYYCP4hn6y1TVbaOfzWtm5GFg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 12.13.0"
+      }
+    },
    "node_modules/recharts": {
      "version": "2.15.3",
      "resolved": "https://registry.npmjs.org/recharts/-/recharts-2.15.3.tgz",
@ -30459,6 +30612,15 @@
        "url": "https://github.com/sponsors/ljharb"
      }
    },
+    "node_modules/safe-stable-stringify": {
+      "version": "2.5.0",
+      "resolved": "https://registry.npmjs.org/safe-stable-stringify/-/safe-stable-stringify-2.5.0.tgz",
+      "integrity": "sha512-b3rppTKm9T+PsVCBEOUR46GWI7fdOs00VKZ1+9c1EWDaDMvjQc6tUwuFyIprgGgTcWoVHSKrU8H31ZHA2e0RHA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10"
+      }
+    },
    "node_modules/safer-buffer": {
      "version": "2.1.2",
      "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
@ -30524,6 +30686,12 @@
        "node": ">=4"
      }
    },
+    "node_modules/secure-json-parse": {
+      "version": "2.7.0",
+      "resolved": "https://registry.npmjs.org/secure-json-parse/-/secure-json-parse-2.7.0.tgz",
+      "integrity": "sha512-6aU+Rwsezw7VR8/nyvKTx8QpWH9FrcYiXXlqC4z5d5XQBDRqtbfsRjnwGyqbi3gddNtWHuEk9OANUotL26qKUw==",
+      "license": "BSD-3-Clause"
+    },
    "node_modules/selderee": {
      "version": "0.11.0",
      "resolved": "https://registry.npmjs.org/selderee/-/selderee-0.11.0.tgz",
@ -31085,6 +31253,15 @@
        "url": "https://github.com/chalk/ansi-styles?sponsor=1"
      }
    },
+    "node_modules/sonic-boom": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/sonic-boom/-/sonic-boom-4.2.0.tgz",
+      "integrity": "sha512-INb7TM37/mAcsGmc9hyyI6+QR3rR1zVRu36B0NeGXKnOOLiZOfER5SA+N7X7k3yUYRzLWafduTDvJAfDswwEww==",
+      "license": "MIT",
+      "dependencies": {
+        "atomic-sleep": "^1.0.0"
+      }
+    },
    "node_modules/sort-keys": {
      "version": "5.1.0",
      "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-5.1.0.tgz",
@ -32350,6 +32527,15 @@
        "node": ">=0.8"
      }
    },
+    "node_modules/thread-stream": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/thread-stream/-/thread-stream-3.1.0.tgz",
+      "integrity": "sha512-OqyPZ9u96VohAyMfJykzmivOrY2wfMSf3C5TtFJVgN+Hm6aj+voFhlK+kZEIv2FBh1X6Xp3DlnCOfEQ3B2J86A==",
+      "license": "MIT",
+      "dependencies": {
+        "real-require": "^0.2.0"
+      }
+    },
    "node_modules/through": {
      "version": "2.3.8",
      "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz",
@ -36015,6 +36201,8 @@
        "oslo": "^0.17.0",
        "pdf-lib": "^1.17.1",
        "pg": "^8.11.3",
+        "pino": "^9.7.0",
+        "pino-pretty": "^13.0.0",
        "playwright": "1.52.0",
        "posthog-js": "^1.245.0",
        "posthog-node": "^4.17.0",
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "private": true,
-  "version": "1.12.0-rc.5",
+  "version": "1.12.0-rc.7",
  "scripts": {
    "build": "turbo run build",
    "dev": "turbo run dev --filter=@documenso/remix",
--- a/packages/api/hono.ts
+++ b/packages/api/hono.ts
@ -8,10 +8,12 @@ import { testCredentialsHandler } from '@documenso/lib/server-only/public-api/te
 import { listDocumentsHandler } from '@documenso/lib/server-only/webhooks/zapier/list-documents';
 import { subscribeHandler } from '@documenso/lib/server-only/webhooks/zapier/subscribe';
 import { unsubscribeHandler } from '@documenso/lib/server-only/webhooks/zapier/unsubscribe';
+// This is a bit nasty. Todo: Extract
+import type { HonoEnv } from '@documenso/remix/server/router';

 // This is bad, ts-router will be created on each request.
 // But don't really have a choice here.
-export const tsRestHonoApp = new Hono();
+export const tsRestHonoApp = new Hono<HonoEnv>();

 tsRestHonoApp
  .get('/openapi', (c) => c.redirect('https://openapi-v1.documenso.com'))
--- a/packages/api/v1/middleware/authenticated.ts
+++ b/packages/api/v1/middleware/authenticated.ts
@ -5,6 +5,7 @@ import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
 import { getApiTokenByToken } from '@documenso/lib/server-only/public-api/get-api-token-by-token';
 import type { ApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
 import { extractRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
+import { logger } from '@documenso/lib/utils/logger';

 type B = {
  // appRoute: any;
@ -62,6 +63,17 @@ export const authenticatedMiddleware = <
        },
      };

+      // Todo: Get from Hono context instead.
+      logger.info({
+        ipAddress: metadata.requestMetadata.ipAddress,
+        userAgent: metadata.requestMetadata.userAgent,
+        auth: 'api',
+        source: 'apiV1',
+        path: request.url,
+        userId: apiToken.user.id,
+        apiTokenId: apiToken.id,
+      });
+
      return await handler(
        {
          ...args,
--- a/packages/lib/package.json
+++ b/packages/lib/package.json
@ -27,7 +27,6 @@
    "@lingui/core": "^5.2.0",
    "@lingui/macro": "^5.2.0",
    "@lingui/react": "^5.2.0",
-    "jose": "^6.0.0",
    "@noble/ciphers": "0.4.0",
    "@noble/hashes": "1.3.2",
    "@node-rs/bcrypt": "^1.10.0",
@ -37,6 +36,7 @@
    "@vvo/tzdb": "^6.117.0",
    "csv-parse": "^5.6.0",
    "inngest": "^3.19.13",
+    "jose": "^6.0.0",
    "kysely": "0.26.3",
    "luxon": "^3.4.0",
    "micro": "^10.0.1",
@ -44,6 +44,8 @@
    "oslo": "^0.17.0",
    "pdf-lib": "^1.17.1",
    "pg": "^8.11.3",
+    "pino": "^9.7.0",
+    "pino-pretty": "^13.0.0",
    "playwright": "1.52.0",
    "posthog-js": "^1.245.0",
    "posthog-node": "^4.17.0",
--- a/packages/lib/universal/get-ip-address.ts
+++ b/packages/lib/universal/get-ip-address.ts
@ -0,0 +1,39 @@
+export const getIpAddress = (req: Request) => {
+  // Check for forwarded headers first (common in proxy setups)
+  const forwarded = req.headers.get('x-forwarded-for');
+
+  if (forwarded) {
+    // x-forwarded-for can contain multiple IPs, take the first one
+    return forwarded.split(',')[0].trim();
+  }
+
+  // Check for real IP header (used by some proxies)
+  const realIp = req.headers.get('x-real-ip');
+
+  if (realIp) {
+    return realIp;
+  }
+
+  // Check for client IP header
+  const clientIp = req.headers.get('x-client-ip');
+
+  if (clientIp) {
+    return clientIp;
+  }
+
+  // Check for CF-Connecting-IP (Cloudflare)
+  const cfConnectingIp = req.headers.get('cf-connecting-ip');
+
+  if (cfConnectingIp) {
+    return cfConnectingIp;
+  }
+
+  // Check for True-Client-IP (Akamai and Cloudflare)
+  const trueClientIp = req.headers.get('true-client-ip');
+
+  if (trueClientIp) {
+    return trueClientIp;
+  }
+
+  throw new Error('No IP address found');
+};
--- a/packages/lib/utils/logger-legacy.ts
+++ b/packages/lib/utils/logger-legacy.ts
@ -0,0 +1,112 @@
+import Honeybadger from '@honeybadger-io/js';
+
+import { env } from './env';
+
+export const buildLogger = () => {
+  if (env('NEXT_PRIVATE_LOGGER_HONEY_BADGER_API_KEY')) {
+    return new HoneybadgerLogger();
+  }
+
+  return new DefaultLogger();
+};
+
+interface LoggerDescriptionOptions {
+  method?: string;
+  path?: string;
+  context?: Record<string, unknown>;
+
+  /**
+   * The type of log to be captured.
+   *
+   * Defaults to `info`.
+   */
+  level?: 'info' | 'error' | 'critical';
+}
+
+/**
+ * Basic logger implementation intended to be used in the server side for capturing
+ * explicit errors and other logs.
+ *
+ * Not intended to capture the request and responses.
+ */
+interface Logger {
+  log(message: string, options?: LoggerDescriptionOptions): void;
+
+  error(error: Error, options?: LoggerDescriptionOptions): void;
+}
+
+class DefaultLogger implements Logger {
+  log(_message: string, _options?: LoggerDescriptionOptions) {
+    // Do nothing.
+  }
+
+  error(_error: Error, _options?: LoggerDescriptionOptions): void {
+    // Do nothing.
+  }
+}
+
+class HoneybadgerLogger implements Logger {
+  constructor() {
+    if (!env('NEXT_PRIVATE_LOGGER_HONEY_BADGER_API_KEY')) {
+      throw new Error('NEXT_PRIVATE_LOGGER_HONEY_BADGER_API_KEY is not set');
+    }
+
+    Honeybadger.configure({
+      apiKey: env('NEXT_PRIVATE_LOGGER_HONEY_BADGER_API_KEY'),
+    });
+  }
+
+  /**
+   * Honeybadger doesn't really have a non-error logging system.
+   */
+  log(message: string, options?: LoggerDescriptionOptions) {
+    const { context = {}, level = 'info' } = options || {};
+
+    try {
+      Honeybadger.event({
+        message,
+        context: {
+          level,
+          ...context,
+        },
+      });
+    } catch (err) {
+      console.error(err);
+
+      // Do nothing.
+    }
+  }
+
+  error(error: Error, options?: LoggerDescriptionOptions): void {
+    const { context = {}, level = 'error', method, path } = options || {};
+
+    // const tags = [`level:${level}`];
+    const tags = [];
+
+    let errorMessage = error.message;
+
+    if (method) {
+      tags.push(`method:${method}`);
+
+      errorMessage = `[${method}]: ${error.message}`;
+    }
+
+    if (path) {
+      tags.push(`path:${path}`);
+    }
+
+    try {
+      Honeybadger.notify(errorMessage, {
+        context: {
+          level,
+          ...context,
+        },
+        tags,
+      });
+    } catch (err) {
+      console.error(err);
+
+      // Do nothing.
+    }
+  }
+}
--- a/packages/lib/utils/logger.ts
+++ b/packages/lib/utils/logger.ts
@ -1,112 +1,27 @@
-import Honeybadger from '@honeybadger-io/js';
+import { pino } from 'pino';

-import { env } from './env';
+// const transports: TransportTargetOptions[] = [];

-export const buildLogger = () => {
-  if (env('NEXT_PRIVATE_LOGGER_HONEY_BADGER_API_KEY')) {
-    return new HoneybadgerLogger();
-  }
+// if (env('NEXT_PRIVATE_LOGGING_DEV')) {
+// transports.push({
+//   target: 'pino-pretty',
+//   level: 'info',
+// });
+// }

-  return new DefaultLogger();
-};
+// const loggingFilePath = env('NEXT_PRIVATE_LOGGING_FILE_PATH');

-interface LoggerDescriptionOptions {
-  method?: string;
-  path?: string;
-  context?: Record<string, unknown>;
+// if (loggingFilePath) {
+//   transports.push({
+//     target: 'pino/file',
+//     level: 'info',
+//     options: {
+//       destination: loggingFilePath,
+//       mkdir: true,
+//     },
+//   });
+// }

-  /**
-   * The type of log to be captured.
-   *
-   * Defaults to `info`.
-   */
-  level?: 'info' | 'error' | 'critical';
-}
-
-/**
- * Basic logger implementation intended to be used in the server side for capturing
- * explicit errors and other logs.
- *
- * Not intended to capture the request and responses.
- */
-interface Logger {
-  log(message: string, options?: LoggerDescriptionOptions): void;
-
-  error(error: Error, options?: LoggerDescriptionOptions): void;
-}
-
-class DefaultLogger implements Logger {
-  log(_message: string, _options?: LoggerDescriptionOptions) {
-    // Do nothing.
-  }
-
-  error(_error: Error, _options?: LoggerDescriptionOptions): void {
-    // Do nothing.
-  }
-}
-
-class HoneybadgerLogger implements Logger {
-  constructor() {
-    if (!env('NEXT_PRIVATE_LOGGER_HONEY_BADGER_API_KEY')) {
-      throw new Error('NEXT_PRIVATE_LOGGER_HONEY_BADGER_API_KEY is not set');
-    }
-
-    Honeybadger.configure({
-      apiKey: env('NEXT_PRIVATE_LOGGER_HONEY_BADGER_API_KEY'),
-    });
-  }
-
-  /**
-   * Honeybadger doesn't really have a non-error logging system.
-   */
-  log(message: string, options?: LoggerDescriptionOptions) {
-    const { context = {}, level = 'info' } = options || {};
-
-    try {
-      Honeybadger.event({
-        message,
-        context: {
-          level,
-          ...context,
-        },
-      });
-    } catch (err) {
-      console.error(err);
-
-      // Do nothing.
-    }
-  }
-
-  error(error: Error, options?: LoggerDescriptionOptions): void {
-    const { context = {}, level = 'error', method, path } = options || {};
-
-    // const tags = [`level:${level}`];
-    const tags = [];
-
-    let errorMessage = error.message;
-
-    if (method) {
-      tags.push(`method:${method}`);
-
-      errorMessage = `[${method}]: ${error.message}`;
-    }
-
-    if (path) {
-      tags.push(`path:${path}`);
-    }
-
-    try {
-      Honeybadger.notify(errorMessage, {
-        context: {
-          level,
-          ...context,
-        },
-        tags,
-      });
-    } catch (err) {
-      console.error(err);
-
-      // Do nothing.
-    }
-  }
-}
+export const logger = pino({
+  level: 'info',
+});
--- a/packages/trpc/server/context.ts
+++ b/packages/trpc/server/context.ts
@ -1,14 +1,17 @@
 import type { Session } from '@prisma/client';
 import type { Context } from 'hono';
+import type { Logger } from 'pino';
 import { z } from 'zod';

 import type { SessionUser } from '@documenso/auth/server/lib/session/session';
 import { getOptionalSession } from '@documenso/auth/server/lib/utils/get-session';
 import type { ApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
 import { extractRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
+// This is a bit nasty. Todo: Extract
+import type { HonoEnv } from '@documenso/remix/server/router';

 type CreateTrpcContextOptions = {
-  c: Context;
+  c: Context<HonoEnv>;
  requestSource: 'app' | 'apiV1' | 'apiV2';
 };

@ -19,6 +22,7 @@ export const createTrpcContext = async ({
  const { session, user } = await getOptionalSession(c);

  const req = c.req.raw;
+  const logger = c.get('logger');

  const metadata: ApiRequestMetadata = {
    requestMetadata: extractRequestMetadata(req),
@ -36,6 +40,7 @@ export const createTrpcContext = async ({

  if (!session || !user) {
    return {
+      logger,
      session: null,
      user: null,
      teamId,
@ -45,6 +50,7 @@ export const createTrpcContext = async ({
  }

  return {
+    logger,
    session,
    user,
    teamId,
@ -66,4 +72,5 @@ export type TrpcContext = (
  teamId: number | undefined;
  req: Request;
  metadata: ApiRequestMetadata;
+  logger: Logger;
 };
--- a/packages/trpc/server/trpc.ts
+++ b/packages/trpc/server/trpc.ts
@ -65,7 +65,13 @@ const t = initTRPC
 /**
 * Middlewares
 */
-export const authenticatedMiddleware = t.middleware(async ({ ctx, next }) => {
+export const authenticatedMiddleware = t.middleware(async ({ ctx, next, path }) => {
+  const logger = ctx.logger.child({
+    path,
+    auth: ctx.metadata.auth,
+    source: ctx.metadata.source,
+  });
+
  const authorizationHeader = ctx.req.headers.get('authorization');

  // Taken from `authenticatedMiddleware` in `@documenso/api/v1/middleware/authenticated.ts`.
@ -79,6 +85,11 @@ export const authenticatedMiddleware = t.middleware(async ({ ctx, next }) => {

    const apiToken = await getApiTokenByToken({ token });

+    logger.info({
+      userId: apiToken.user.id,
+      apiTokenId: apiToken.id,
+    });
+
    return await next({
      ctx: {
        ...ctx,
@ -111,6 +122,11 @@ export const authenticatedMiddleware = t.middleware(async ({ ctx, next }) => {
    });
  }

+  logger.info({
+    userId: ctx.user.id,
+    apiTokenId: null,
+  });
+
  return await next({
    ctx: {
      ...ctx,
--- a/packages/trpc/utils/trpc-error-handler.ts
+++ b/packages/trpc/utils/trpc-error-handler.ts
@ -1,7 +1,7 @@
 import type { ErrorHandlerOptions } from '@trpc/server/unstable-core-do-not-import';

 import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
-import { buildLogger } from '@documenso/lib/utils/logger';
+import { buildLogger } from '@documenso/lib/utils/logger-legacy';

 const logger = buildLogger();
Author	SHA1	Message	Date
Lucas Smith	58d97518c8	v1.12.0-rc.7	2025-06-27 22:17:45 +10:00
Lucas Smith	20c8969272	fix: get real ip for rate limit key	2025-06-27 22:17:02 +10:00
Lucas Smith	85ac65e405	v1.12.0-rc.6	2025-06-27 21:46:16 +10:00
David Nguyen	e07a497b69	feat: api logging by pino (#1865 ) experiemental	2025-06-27 21:44:51 +10:00