Welcome back! In the last lessons, you learned how to validate incoming data and how to centralize error responses in your API. Now, let’s take another important step in building robust APIs: logging requests.

Logging means keeping a record of what happens in your API. This is very useful for several reasons:

• Debugging: If something goes wrong, logs help you see what requests were made and what data was sent.
• Monitoring: Logs let you track how your API is being used, which can help you spot unusual activity or performance issues.
• Auditing: Sometimes, you need to know who did what and when, especially for security or compliance reasons.

In this lesson, you will learn how to log requests in your Next.js API using middleware. Middleware is a special function that runs before your API route handles the request. This is a great place to add logging because it lets you capture every request in one place.

Middleware in Next.js is a function that runs before your API route or page is processed. It can be used for many things, such as authentication, logging, or modifying requests and responses.

Here’s how middleware fits into the request flow:

1. A request comes in from a client (like a browser or another server).
2. The middleware runs first. It can read or change the request, log information, or even stop the request.
3. If the middleware allows the request to continue, it moves on to your API route handler.

Middleware is a powerful way to add features to all or some of your API routes without repeating code in every file.

Here is a simple flow which demonstrates where middleware sits:

Let’s build a middleware that logs every API request. Here’s the code you’ll use in your src/middleware.ts file:

Let’s break down what’s happening here:

• Importing Next.js Middleware Tools:
  We import NextResponse and NextRequest from next/server. These help us work with requests and responses in middleware.

• The middleware Function:
  This function runs for every matching request.

  • const start = Date.now(); records the time when the request started.
  • const response = NextResponse.next(); lets the request continue to the API route.
  • We create a logEntry object with details about the request:
    • timestamp: When the request was received.

When logging headers, it's important to protect sensitive information. Logging data such as authorization tokens, cookies, or API keys can expose your users to security risks—especially if those logs are stored in a shared environment or sent to an external system.

To prevent this, we can sanitize or redact certain headers before including them in the log entry. Here's how you can update your middleware to do that:

Let’s break down what was added:

• We defined an array sensitiveHeaders that lists headers which shouldn't be logged in plain form.
• We then loop over all request headers and build a new object called sanitizedHeaders.
  • If a header is considered sensitive, we replace its value with the string 'REDACTED'.
  • Otherwise, we keep the actual value.
• Finally, we add this sanitized headers object to the logEntry.

By taking this extra step, we ensure that our logs are helpful for debugging and monitoring, but still respect privacy and security. Example log output with redacted headers:

In this lesson, you learned how to use middleware in Next.js to log every API request. You saw how middleware runs before your API route, how to capture useful information about each request, and how to target only your API routes with the config object.

Logging is a key part of building robust and maintainable APIs. It helps you debug problems, monitor usage, and keep your backend secure.

Now, you’re ready to practice what you’ve learned! In the next exercises, you’ll get hands-on experience with logging middleware and see how it works in real scenarios.

Congratulations on reaching the end of this lesson! You’ve learned how to validate data, handle errors, and log requests — three essential skills for building strong and modular APIs. Keep practicing and building, and you’ll keep getting better!