Log appCode and from address in orderbook request_summary#4342
Open
squadgazzz wants to merge 1 commit intomainfrom
Open
Log appCode and from address in orderbook request_summary#4342squadgazzz wants to merge 1 commit intomainfrom
squadgazzz wants to merge 1 commit intomainfrom
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request implements traffic attribution by extracting appCode and sender addresses from order and quote requests for logging. It adds an app_code helper to OrderCreationAppData, introduces a RequestMetadata struct, and updates the request middleware and handlers to capture and log these fields. No critical issues found.
jmg-duarte
approved these changes
Apr 17, 2026
Contributor
jmg-duarte
left a comment
jmg-duarte
left a comment
There was a problem hiding this comment.
No blockers
The doc comment, IMO could be better; the rest is just nits/suggestions
Comment on lines
+488
to
+490
| /// Returns the `appCode` field from the full app data JSON, if present. | ||
| /// Returns `None` when only the hash is provided, when parsing fails, or | ||
| /// when the field is absent. |
Contributor
There was a problem hiding this comment.
Suggested change
| /// Returns the `appCode` field from the full app data JSON, if present. | |
| /// Returns `None` when only the hash is provided, when parsing fails, or | |
| /// when the field is absent. | |
| /// If the full app data is present, returns the app code; will return `None` in any other case (not present, parsing failure, etc). |
Comment on lines
+497
to
+500
| let full = match self { | ||
| Self::Hash { .. } => return None, | ||
| Self::Full { full } | Self::Both { full, .. } => full, | ||
| }; |
Contributor
There was a problem hiding this comment.
maybe?
Suggested change
| let full = match self { | |
| Self::Hash { .. } => return None, | |
| Self::Full { full } | Self::Both { full, .. } => full, | |
| }; | |
| let (Self::Full { full } | Self::Both { full, .. }) = self else { | |
| return None; | |
| }; |
Contributor
There was a problem hiding this comment.
this and post_quote look like middleware to me, did you explore that route or you think its overkill?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
When investigating traffic spikes on
/api/v1/quotethere's no way to tell whether elevated traffic is from a known integrator because the partner-identifying fields (appCodeinappData, and thefromaddress) live inside the POST body and aren't captured in therequest_summarylog. WAF CloudWatch logs also don't capture POST body, so today the only way to attribute traffic to a partner is to ask them directly. This change adds both fields torequest_summaryso future DDoS investigations can be completed entirely in Victoria Logs.Changes
OrderCreationAppData::app_code()helper that extracts theappCodefield from the full app data JSONRequestMetadataattached to responses frompost_quote_handlerandpost_order_handlersummarize_requestmiddleware now logsapp_codeandfromfields (both default tounsetfor endpoints that don't carry them)How to test
New unit tests. Then, use CloudWatch with the updated query.