This branch contains minor changes regarding the application logging and resolves #66 .
First, it re-introduces the loading of the logging config file on startup. As it is not part of the Git repo, a file named logging.conf needs to be created according to the needs of the respective environment. For this purpose the provided example configuration can be used -- just run cp logging.conf.example logging.conf. This is also considered in the deployment workflow which was also updated.
A second extension is the session tracking. For this the idea was followed to set a certain search session cookie value on the user's browser. This, of course, has also legal implications, but according to this text on datenschutz.org from May 2023 (in German) this seems to be OK and does not need an explicit opt-in from the users. (However, I'm not a lawyer.) I added an examplary debug log statement to the sources endpoint which generates log entries with unique session ids as follows:
This is meant as a starting point and can be extended as needed. Application log files can then later be analyzed in this regard. (I.e. which user search for what at what time?) However, in the current lgging setting, the deployed search engine only logs to the console. If this should be changed, please let me know.
This branch contains minor changes regarding the application logging and resolves #66 .
First, it re-introduces the loading of the logging config file on startup. As it is not part of the Git repo, a file named
logging.confneeds to be created according to the needs of the respective environment. For this purpose the provided example configuration can be used -- just runcp logging.conf.example logging.conf. This is also considered in the deployment workflow which was also updated.A second extension is the session tracking. For this the idea was followed to set a certain search session cookie value on the user's browser. This, of course, has also legal implications, but according to this text on datenschutz.org from May 2023 (in German) this seems to be OK and does not need an explicit opt-in from the users. (However, I'm not a lawyer.) I added an examplary debug log statement to the
sourcesendpoint which generates log entries with unique session ids as follows:This is meant as a starting point and can be extended as needed. Application log files can then later be analyzed in this regard. (I.e. which user search for what at what time?) However, in the current lgging setting, the deployed search engine only logs to the console. If this should be changed, please let me know.