chore(changelog): update changelog for v0.3.0

- Add debug logs for invalid and valid API key masking
- Log unsupported content types in middleware
- Log forwarded request URLs and response statuses from LT server

CHANGELOG.md

@@ -2,7 +2,22 @@
 
 All notable changes to this project will be documented in this file.
 
-## [unreleased]
+## [0.3.0](https://git.0xmax42.io/maxp/lt-auth-proxy/compare/v0.2.1..v0.3.0) - 2025-05-11
+
+### 🚀 Features
+
+- *(logging)* Add debug logs for key validation and request handling - ([3299419](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/32994197261e9ab5a46df5f90f2faed89cd68558))
+- *(utils)* Add utility to mask API keys - ([79dfbcf](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/79dfbcf053d613fe3fff63bfd24537a1665c9389))
+
+## [0.2.1](https://git.0xmax42.io/maxp/lt-auth-proxy/compare/v0.1.1..v0.2.1) - 2025-05-11
+
+### 🚀 Features
+
+- *(handler)* Sanitize sensitive fields in form data - ([b6763f7](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/b6763f748325bf9c4129c5230c5e8101f93a2388))
+
+### 🐛 Bug Fixes
+
+- *(auth)* Validate API key from POST body and handle content type - ([4326a2d](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/4326a2d92cb789b8bbed95d9e72b5cbadbafd93a))
 
 ### 🚜 Refactor
 
@@ -10,10 +25,12 @@ All notable changes to this project will be documented in this file.
 
 ### 📚 Documentation
 
+- *(readme)* Update Docker image size information - ([828494c](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/828494c92a3d517a35f2feece48af5cd6116f1d4))
 - *(readme)* Enhance documentation with usage and features - ([573fcf0](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/573fcf0e65b3446b7efdce6b1695722c9d757410))
 
 ### ⚙️ Miscellaneous Tasks
 
+- *(dockerfile)* Switch base image to debian and update curl setup - ([60dcc30](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/60dcc30c0d9bad5dc9c0b1e4f79a4cb53330a965))
 - *(readme)* Update image repository URL - ([7ea8e26](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/7ea8e26660b9c29ead8f5597647a96c27cc9dcb5))
 - *(workflows)* Rename build-docker.yml to build-nightly.yml - ([787bcdc](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/787bcdc1a20e85699b810082895d2a461216c9cf))
 

VERSION

@@ -1 +1 @@
-0.2.0
+0.3.0

src/ltProxyAuth.ts

@@ -1,5 +1,6 @@
 import { Middleware } from 'http-kernel/Types/mod.ts';
 import { Env } from './env.ts';
+import { maskApiKey } from './utils.ts';
 
 /**
  * Middleware that checks for a valid API key via form param.
@@ -17,12 +18,15 @@ export const authMiddleware: Middleware = async (ctx, next) => {
         const key = params.get('apiKey');
 
         if (!key || !Env.apiKeys.includes(key)) {
+            console.debug('Invalid API key:', maskApiKey(key));
             return new Response('Forbidden – Invalid API key', { status: 403 });
         }
     } else {
+        console.debug('Unsupported content type:', contentType);
         return new Response('Unsupported content type', { status: 415 });
     }
 
+    console.debug('Valid API key:', maskApiKey(ctx.req.headers.get('apiKey')));
     return await next();
 };
 

src/ltProxyHandler.ts

@@ -37,12 +37,16 @@ export const handler: Handler = async (ctx) => {
     const headers = new Headers(ctx.req.headers);
     headers.delete('content-length');
 
+    console.debug('Forwarding request to:', proxyUrl.toString());
+
     const forwarded = await fetch(proxyUrl.toString(), {
         method: ctx.req.method,
         headers,
         body,
     });
 
+    console.debug('Received response from LT server:', forwarded.status);
+
     const respHeaders = new Headers(forwarded.headers);
     return new Response(forwarded.body, {
         status: forwarded.status,

src/utils.ts

@@ -0,0 +1,6 @@
+export const maskApiKey = (key: string | null): string => {
+    if (!key) return '*****';
+    return key.length <= 5
+        ? '*'.repeat(key.length)
+        : key.slice(0, 5) + '*'.repeat(key.length - 5);
+};