🔍 API Debugging

1
2
3
curl -v \
  -H "X-Request-Id: debug-$(uuidgen)" \
  http://localhost:8000/api/v1/cases

1
2
3
4
5
# Search logs by request ID
docker logs sea-api 2>&1 | grep "debug-abc123"

# Or in OpenObserve
# Query: request_id="debug-abc123"

1
2
3
4
5
6
7
8
9
10
11
12
# Check request body
curl -v -X POST http://localhost:8000/api/v1/cases \
  -H "Content-Type: application/json" \
  -d '{"title": ""}' 

# Response shows validation errors
{
  "error": {
    "code": "VALIDATION_ERROR",
    "details": [{"field": "title", "code": "REQUIRED"}]
  }
}

1
2
3
4
5
6
# Check token is present
curl -v http://localhost:8000/api/v1/cases \
  -H "Authorization: Bearer $TOKEN"

# Decode JWT to check expiry
echo $TOKEN | cut -d. -f2 | base64 -d | jq

1
2
3
4
5
# Check user roles in token
echo $TOKEN | cut -d. -f2 | base64 -d | jq '.roles'

# Compare with required permissions in logs
docker logs sea-api 2>&1 | grep "permission denied"

1
2
3
4
5
# Verify resource exists
psql $DATABASE_URL -c "SELECT id FROM cases WHERE id = 'case-123';"

# Check URL pattern matches routes
curl http://localhost:8000/openapi.json | jq '.paths | keys'

1
2
3
4
5
# Check rate limit headers
curl -v http://localhost:8000/api/v1/cases 2>&1 | grep -i rate

# Wait for reset
X-RateLimit-Reset: 1704067200

1
2
3
4
5
# Check application logs
docker logs sea-api --tail 100 | grep -A 10 "error"

# Check for stack trace
docker logs sea-api 2>&1 | grep -A 20 "Traceback"

1
2
3
4
5
6
7
8
# Enable timing
curl -o /dev/null -s -w "\
DNS: %{time_namelookup}s\n\
Connect: %{time_connect}s\n\
TLS: %{time_appconnect}s\n\
Start: %{time_starttransfer}s\n\
Total: %{time_total}s\n" \
http://localhost:8000/api/v1/cases

1
2
3
4
5
# Download spec
curl http://localhost:8000/openapi.json > openapi.json

# Validate request matches spec
# Use tools like openapi-spec-validator