egg/OCR
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enable audit logging for authentication and task operations

Browse Source 
Add audit_service.log_event() calls to track key user activities:
- auth_login: successful and failed login attempts with IP/user agent
- auth_logout: single session and all sessions logout
- task_delete: task deletion with user context
- file_upload: file upload with filename, size, and type
- admin_cleanup: manual cleanup trigger with statistics

Each event captures client IP (from X-Forwarded-For/X-Real-IP headers),
user agent, and relevant metadata for compliance and debugging.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
egg
2025-12-14 12:46:20 +08:00
parent 73112db055
commit bbd68a2162
6 changed files with 226 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
openspec/changes/enable-audit-logging/tasks.md Normal file
View File

@@ -0,0 +1,33 @@
# Tasks: Enable Audit Logging
## 1. Helper Utilities
- [x] 1.1 Create helper function to extract client info (IP, user agent) from FastAPI Request
## 2. Authentication Events
- [x] 2.1 Log `auth_login` on successful/failed login in auth.py
- [x] 2.2 Log `auth_logout` on logout in auth.py
- [ ] 2.3 Log `auth_token_refresh` on token refresh (deferred - low priority)
## 3. Task Events
- [ ] 3.1 Log `task_create` when task is created (deferred - covered by file_upload)
- [ ] 3.2 Log `task_process` when task processing starts (deferred - background task)
- [ ] 3.3 Log `task_complete` when task completes (deferred - background task)
- [x] 3.4 Log `task_delete` when task is deleted
## 4. Admin Events
- [x] 4.1 Log `admin_cleanup` when manual cleanup is triggered
- [ ] 4.2 Log `admin_view_users` when admin views user list (deferred - low priority)
## 5. File Events
- [x] 5.1 Log `file_upload` when file is uploaded
## 6. Testing
- [ ] 6.1 Verify login creates audit log entry
- [ ] 6.2 Verify task operations create audit log entries
- [ ] 6.3 Verify audit logs page shows entries
- [x] 6.4 Test backend module imports
## Notes
- Core audit events implemented: login, logout, task delete, file upload, admin cleanup
- Background task events (task_process, task_complete) deferred - would require significant refactoring
- Low priority admin events deferred for future implementation