all(); // If logging an authentication request, mask the password in the log if ($request->isMethod('post') && $request->path() === 'api/login' && isset($data['password'])) { $data['password'] = 'REDACTED'; // Mask the password } // Log the request Log::info("API Request: {$request->method()}, {$request->fullUrl()}", [ 'headers' => $request->headers->all(), 'body' => $data, // Ensure the body is safely logged ]); // Continue processing the request $response = $next($request); // Log the response $responseContent = $response->getContent(); // If the response is JSON, decode it for better readability in the logs $decodedResponse = null; if ($response->headers->get('Content-Type') === 'application/json') { $decodedResponse = json_decode($responseContent, true); } // Log::info("API Response: {$response->status()}, {$request->fullUrl()}", [ // 'user' => Auth::user()?->email, // Optionally log the authenticated user email // 'headers' => $response->headers->all(), // 'body' => $decodedResponse ?? $responseContent, // Log decoded response if it's JSON // ]); Log::info("API Response: {$response->status()}, {$request->fullUrl()}"); return $response; } }