docs: consolidate documentation into organized structure

- Move 12 markdown files from root to docs/ subdirectories - Organize documentation by category: • docs/troubleshooting/ (1 file) - Technical troubleshooting guides • docs/deployment/ (4 files) - Deployment and security documentation • docs/guides/ (3 files) - Feature-specific guides • docs/planning/ (4 files) - Planning and improvement proposals Root directory cleanup: - Reduced from 16 to 4 markdown files in root - Only essential project files remain: • CLAUDE.md (AI instructions) • README.md (Main project readme) • CLEANUP_PLAN.md (Current cleanup plan) • SRC_STRUCTURE_IMPROVEMENTS.md (Structure improvements) This improves: ✅ Documentation discoverability ✅ Logical organization by purpose ✅ Clean root directory ✅ Better maintainability
2025-10-05 11:05:04 +02:00
parent 887847dde6
commit 5050c7d73a
36686 changed files with 196456 additions and 12398919 deletions
--- a/src/Framework/Http/Middlewares/WafMiddleware.php
+++ b/src/Framework/Http/Middlewares/WafMiddleware.php
@@ -14,6 +14,7 @@ use App\Framework\Http\Next;
 use App\Framework\Http\RequestStateManager;
 use App\Framework\Http\Responses\JsonResponse;
 use App\Framework\Logging\Logger;
+use App\Framework\Logging\ValueObjects\LogContext;
 use App\Framework\Waf\LayerResult;
 use App\Framework\Waf\WafEngine;

@@ -54,16 +55,16 @@ final readonly class WafMiddleware implements HttpMiddleware
            $this->wafEngine->registerLayer(new \App\Framework\Waf\Layers\XssLayer());
            $this->wafEngine->registerLayer(new \App\Framework\Waf\Layers\SuspiciousUserAgentLayer());

-            $this->logger->info('WAF security layers initialized', [
+            $this->logger->info('WAF security layers initialized', LogContext::withData([
                'layers_count' => 5,
                'health_status' => $this->wafEngine->getHealthStatus(),
-            ]);
+            ]));

        } catch (\Throwable $e) {
-            $this->logger->error('Failed to initialize WAF security layers', [
+            $this->logger->error('Failed to initialize WAF security layers', LogContext::withData([
                'error' => $e->getMessage(),
                'trace' => $e->getTraceAsString(),
-            ]);
+            ]));
        }
    }

@@ -79,7 +80,7 @@ final readonly class WafMiddleware implements HttpMiddleware
            $request = $context->request;

            // Debug log request details
-            $this->logger->debug('WAF analyzing request', [
+            $this->logger->debug('WAF analyzing request', LogContext::withData([
                'path' => $request->path ?? '/',
                'method' => $request->method->value ?? 'UNKNOWN',
                'query_params' => $request->queryParams,
@@ -91,36 +92,36 @@ final readonly class WafMiddleware implements HttpMiddleware
                    'blocking_mode' => $this->config->blockingMode,
                    'enabled_layers' => $this->config->enabledLayers,
                ],
-            ]);
+            ]));

            // Analyze request with WAF engine
            $wafResult = $this->wafEngine->analyze($request);

            // Debug log analysis result
-            $this->logger->debug('WAF analysis complete', [
+            $this->logger->debug('WAF analysis complete', LogContext::withData([
                'result_status' => $wafResult->getStatus()->value ?? 'unknown',
                'result_action' => $wafResult->getAction(),
                'layer_name' => $wafResult->getLayerName(),
                'message' => $wafResult->getMessage(),
                'has_detections' => $wafResult->hasDetections(),
                'detections_count' => $wafResult->hasDetections() ? count($wafResult->getDetections()->getAll()) : 0,
-            ]);
+            ]));

            // Handle based on result action
            switch ($wafResult->getAction()) {
                case LayerResult::ACTION_BLOCK:
-                    $this->logger->info('WAF blocking request', ['reason' => $wafResult->getMessage()]);
+                    $this->logger->info('WAF blocking request', LogContext::withData(['reason' => $wafResult->getMessage()]));

                    return $this->handleBlocked($context, $wafResult);

                case LayerResult::ACTION_SUSPICIOUS:
-                    $this->logger->info('WAF flagging suspicious request', ['reason' => $wafResult->getMessage()]);
+                    $this->logger->info('WAF flagging suspicious request', LogContext::withData(['reason' => $wafResult->getMessage()]));

                    return $this->handleSuspicious($context, $wafResult, $next);

                case LayerResult::ACTION_PASS:
                default:
-                    $this->logger->debug('WAF allowing request', ['reason' => $wafResult->getMessage()]);
+                    $this->logger->debug('WAF allowing request', LogContext::withData(['reason' => $wafResult->getMessage()]));

                    // Continue to next middleware
                    return $next($context);
@@ -128,12 +129,12 @@ final readonly class WafMiddleware implements HttpMiddleware

        } catch (\Throwable $e) {
            // Log WAF error but don't block request on WAF failure
-            $this->logger->error('WAF middleware error', [
+            $this->logger->error('WAF middleware error', LogContext::withData([
                'error' => $e->getMessage(),
                'trace' => $e->getTraceAsString(),
                'request_path' => $context->request->path ?? '/',
                'client_ip' => $context->request->server->getClientIp()?->value ?? 'unknown',
-            ]);
+            ]));

            // Continue processing on WAF error
            return $next($context);
@@ -149,14 +150,14 @@ final readonly class WafMiddleware implements HttpMiddleware
        $clientIp = $request->server->getClientIp()?->value ?? 'unknown';

        // Log security event
-        $this->logger->warning('WAF blocked request', [
+        $this->logger->warning('WAF blocked request', LogContext::withData([
            'reason' => $wafResult->getMessage(),
            'client_ip' => $clientIp,
            'path' => $request->path ?? '/',
            'user_agent' => $request->headers->get('User-Agent', ''),
            'detections' => $this->formatDetections($wafResult),
            'layer' => $wafResult->getLayerName(),
-        ]);
+        ]));

        if ($this->config->blockingMode) {
            // Return 403 Forbidden response
@@ -167,11 +168,11 @@ final readonly class WafMiddleware implements HttpMiddleware
            ], 403);
        } else {
            // Log-only mode - continue processing but log the threat
-            $this->logger->warning('WAF would block request (log-only mode)', [
+            $this->logger->warning('WAF would block request (log-only mode)', LogContext::withData([
                'reason' => $wafResult->getMessage(),
                'client_ip' => $clientIp,
                'path' => $request->path ?? '/',
-            ]);
+            ]));

            $response = new JsonResponse([
                'warning' => 'Request flagged by security policy',
@@ -191,14 +192,14 @@ final readonly class WafMiddleware implements HttpMiddleware
        $clientIp = $request->server->getClientIp()?->value ?? 'unknown';

        // Log suspicious activity
-        $this->logger->info('WAF flagged suspicious request', [
+        $this->logger->info('WAF flagged suspicious request', LogContext::withData([
            'reason' => $wafResult->getMessage(),
            'client_ip' => $clientIp,
            'path' => $request->path ?? '/',
            'user_agent' => $request->headers->get('User-Agent', ''),
            'detections' => $this->formatDetections($wafResult),
            'layer' => $wafResult->getLayerName(),
-        ]);
+        ]));

        // Continue to next middleware
        $resultContext = $next($context);