ispectify_dio - Dart API docs

ispectify_dio is a Dio interceptor for the ISpect toolkit. It captures requests and responses, pairs them into correlated transactions by a request ID, and redacts sensitive data before logging.

Request, response, and error capture with headers, body, status, and duration.
Per-call redaction of auth headers, tokens, PII, and credit-card data. On by default.
Builder and factory presets for development, staging, and production setups.
Works with any Dio instance. Attach the interceptor and the rest is automatic.

Install

dependencies:
  dio: ^5.0.0
  ispectify: ^5.2.0-dev.10
  ispectify_dio: ^5.2.0-dev.10

Quick start

import 'package:dio/dio.dart';
import 'package:ispect/ispect.dart';
import 'package:ispectify_dio/ispectify_dio.dart';

final dio = Dio(BaseOptions(baseUrl: 'https://api.example.com'));

ISpect.run(
  () => runApp(const MyApp()),
  logger: logger,
  onInit: () {
    dio.interceptors.add(
      ISpectDioInterceptor(
        logger: logger,
        settings: const ISpectDioInterceptorSettings(
          printRequestHeaders: true,
          printResponseHeaders: true,
          printRequestData: true,
          printResponseData: true,
        ),
      ),
    );
  },
);

Settings

ISpectDioInterceptorSettings controls which parts of each call are captured and whether they are redacted before logging. enableRedaction defaults to true on every constructor.

const settings = ISpectDioInterceptorSettings(
  printRequestHeaders: true,
  printRequestData: true,
  printResponseHeaders: false,
  printResponseData: true,
  enableRedaction: true,
);

Preset factories

// Verbose. Full payloads, no redaction. Only for local development.
final dev = ISpectDioInterceptorSettingsBuilder.development().build();

// Redacted. Conservative defaults, body capture off.
final prod = ISpectDioInterceptorSettingsBuilder.production().build();

// Middle ground for staging environments.
final staging = ISpectDioInterceptorSettingsBuilder.staging().build();

Builder

final settings = ISpectDioInterceptorSettingsBuilder()
    .withRequestHeaders()
    .withResponseHeaders()
    .withoutRedaction() // not recommended, see "Data redaction" below.
    .build();

Data redaction

Sensitive data is masked before it reaches logs or observers. Redaction is on by default. The built-in rules cover auth headers, tokens, passwords, API keys, cookies, common PII (SSN, passport, driver's license), financial data (credit cards, IBAN), and phone numbers.

The same redactor runs beyond the initial capture. Supported exports, clipboard helpers, cURL generation, and observer payloads all pass through the same pipeline before data leaves the debug session.

Redaction works best paired with focused capture. Keep body and header logging off unless you actually need the payload, and register project-specific keys for the business identifiers only your application understands.

Custom keys and patterns

import 'package:ispectify/ispectify.dart';

final redactor = RedactionService(
  sensitiveKeys: {
    ...defaultSensitiveKeys,
    'x-custom-secret',
    'internal_token',
  },
  sensitiveKeyPatterns: [
    RegExp(r'my_app_secret_\w+', caseSensitive: false),
  ],
  // Keys where the value is replaced entirely instead of edge-masked.
  fullyMaskedKeys: {'filename'},
  placeholder: '***',
  visibleEdgeLength: 3,
  redactBinary: true,
  redactBase64: true,
);

Ignoring defaults

final redactor = RedactionService(
  // `?mobile=true` is a platform flag, not a phone number.
  ignoredKeys: {'mobile', 'platform_token'},
  ignoredValues: {'<test-token>', 'public-api-key'},
);

Disabling

Each interceptor accepts enableRedaction: false on its settings object. See the per-package README for the exact settings type.

Only disable redaction in isolated local or deterministic test environments. Exported sessions and observer events should be handled according to the data they contain.

Disable redaction on a single interceptor instance (only for deterministic replay in test environments):

ISpectDioInterceptor(
  logger: logger,
  settings: const ISpectDioInterceptorSettings(enableRedaction: false),
);

Supply a custom RedactionService:

ISpectDioInterceptor(
  logger: logger,
  redactor: RedactionService(
    sensitiveKeys: {...defaultSensitiveKeys, 'x-tenant-token'},
  ),
);

The ISpect toolkit

ISpect is a modular monorepo. Pick the packages your project needs. Each one works on its own.

Package	What it does
`ispect`	Flutter UI: debug panel, log viewer, navigation observer, inspector integration.
`ispect_layout`	Visual layout inspector with sizes, constraints, decorations, compare mode, and a color picker.
`ispectify`	Pure-Dart logging core: typed log entries, filtering, tracing, observers.
`ispectify_dio`	Dio HTTP interceptor with automatic redaction.
`ispectify_http`	`http` package interceptor with automatic redaction.
`ispectify_ws`	WebSocket traffic capture with automatic redaction.
`ispectify_db`	Database operation tracing for SQL, ORMs, and KV stores.
`ispectify_bloc`	BLoC event, state, transition, and error observer.
`ispectify_riverpod`	Riverpod provider add, update, dispose, and failure observer.

Contributing

Contributions are welcome. See CONTRIBUTING.md for guidelines, and open issues or pull requests at the ISpect repository.

License

MIT. See LICENSE.