feat: Implement centralized audit logging admin interface (refs #10)
Some checks failed
Deploy to Staging / Build Images (pull_request) Successful in 4m42s
Deploy to Staging / Deploy to Staging (pull_request) Successful in 37s
Deploy to Staging / Verify Staging (pull_request) Failing after 6s
Deploy to Staging / Notify Staging Ready (pull_request) Has been skipped
Deploy to Staging / Notify Staging Failure (pull_request) Successful in 6s
Some checks failed
Deploy to Staging / Build Images (pull_request) Successful in 4m42s
Deploy to Staging / Deploy to Staging (pull_request) Successful in 37s
Deploy to Staging / Verify Staging (pull_request) Failing after 6s
Deploy to Staging / Notify Staging Ready (pull_request) Has been skipped
Deploy to Staging / Notify Staging Failure (pull_request) Successful in 6s
- Add audit_logs table with categories, severities, and indexes - Create AuditLogService and AuditLogRepository - Add REST API endpoints for viewing and exporting logs - Wire audit logging into auth, vehicles, admin, and backup features - Add desktop AdminLogsPage with filters and CSV export - Add mobile AdminLogsMobileScreen with card layout - Implement 90-day retention cleanup job - Remove old AuditLogPanel from AdminCatalogPage Security fixes: - Escape LIKE special characters to prevent pattern injection - Limit CSV export to 5000 records to prevent memory exhaustion - Add truncation warning headers for large exports 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Eric Gullickson
@@ -11,6 +11,7 @@ import { termsConfig } from '../../terms-agreement/domain/terms-config';
|
||||
import { pool } from '../../../core/config/database';
|
||||
import { logger } from '../../../core/logging/logger';
|
||||
import { signupSchema, resendVerificationPublicSchema } from './auth.validation';
|
||||
import { auditLogService } from '../../audit-log';
|
||||
|
||||
export class AuthController {
|
||||
private authService: AuthService;
|
||||
@@ -66,6 +67,16 @@ export class AuthController {
|
||||
|
||||
logger.info('User signup successful', { email, userId: result.userId });
|
||||
|
||||
// Log signup to unified audit log
|
||||
await auditLogService.info(
|
||||
'auth',
|
||||
result.userId,
|
||||
`User signup: ${email}`,
|
||||
'user',
|
||||
result.userId,
|
||||
{ email, ipAddress: termsData.ipAddress }
|
||||
).catch(err => logger.error('Failed to log signup audit event', { error: err }));
|
||||
|
||||
return reply.code(201).send(result);
|
||||
} catch (error: any) {
|
||||
logger.error('Signup failed', { error, email: (request.body as any)?.email });
|
||||
@@ -254,6 +265,15 @@ export class AuthController {
|
||||
userId: userId.substring(0, 8) + '...',
|
||||
});
|
||||
|
||||
// Log password reset request to unified audit log
|
||||
await auditLogService.info(
|
||||
'auth',
|
||||
userId,
|
||||
'Password reset requested',
|
||||
'user',
|
||||
userId
|
||||
).catch(err => logger.error('Failed to log password reset audit event', { error: err }));
|
||||
|
||||
return reply.code(200).send(result);
|
||||
} catch (error: any) {
|
||||
logger.error('Failed to request password reset', {
|
||||
|
||||
Reference in New Issue
Block a user