openclaw/helpyourneighbour
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
helpyourneighbour/backend/middleware/auditLogger.js

33 lines
1.1 KiB
JavaScript
Raw Permalink Normal View History

feat: implement role-based access control and auth routes This commit implements the role-based access control system as outlined in the project documentation. It includes: - A requireRole middleware for protecting routes - Auth routes for registration, login, profile management - Audit logging for sensitive actions - Role management endpoints - Updated app.js to include audit logging middleware
2026-03-15 21:07:22 +00:00
// middleware/auditLogger.js
feat: implement role-based access control and auth routes
2026-03-16 00:07:16 +00:00
const db = require('../db');
feat: implement role-based access control and auth routes This commit implements the role-based access control system as outlined in the project documentation. It includes: - A requireRole middleware for protecting routes - Auth routes for registration, login, profile management - Audit logging for sensitive actions - Role management endpoints - Updated app.js to include audit logging middleware
2026-03-15 21:07:22 +00:00
feat: implement role-based access control and auth routes
2026-03-16 00:07:16 +00:00
/**
* Middleware zur Protokollierung sensibler Aktionen
* @param {string} action - Name der Aktion (z.B. 'USER_SUSPEND')
* @param {string} targetType - Typ des Zielobjekts (z.B. 'user')
* @returns {function} Express-Middleware-Funktion
*/
function auditLogger(action, targetType) {
return async (req, res, next) => {
try {
const timestamp = new Date().toISOString();
const actorUserId = req.user?.id || null;
const targetId = req.params.id || req.body.id || null;
const reason = req.body.reason || null;
feat: implement role-based access control and auth routes This commit implements the role-based access control system as outlined in the project documentation. It includes: - A requireRole middleware for protecting routes - Auth routes for registration, login, profile management - Audit logging for sensitive actions - Role management endpoints - Updated app.js to include audit logging middleware
2026-03-15 21:07:22 +00:00
feat: implement role-based access control and auth routes
2026-03-16 00:07:16 +00:00
// Audit-Eintrag in die Datenbank schreiben
await db.run(
'INSERT INTO audit_log (timestamp, actor_user_id, action, target_type, target_id, reason) VALUES (?, ?, ?, ?, ?, ?)',
[timestamp, actorUserId, action, targetType, targetId, reason]
);
feat: implement role-based access control and auth routes This commit implements the role-based access control system as outlined in the project documentation. It includes: - A requireRole middleware for protecting routes - Auth routes for registration, login, profile management - Audit logging for sensitive actions - Role management endpoints - Updated app.js to include audit logging middleware
2026-03-15 21:07:22 +00:00
feat: implement role-based access control and auth routes
2026-03-16 00:07:16 +00:00
next();
} catch (err) {
console.error('Audit logging failed:', err);
// Fehler bei Audit-Logging sollte nicht den Request blockieren
next();
}
};
feat: implement role-based access control and auth routes This commit implements the role-based access control system as outlined in the project documentation. It includes: - A requireRole middleware for protecting routes - Auth routes for registration, login, profile management - Audit logging for sensitive actions - Role management endpoints - Updated app.js to include audit logging middleware
2026-03-15 21:07:22 +00:00
}
module.exports = auditLogger;
Reference in a new issue Copy permalink