bbd68a2162
Add audit_service.log_event() calls to track key user activities: - auth_login: successful and failed login attempts with IP/user agent - auth_logout: single session and all sessions logout - task_delete: task deletion with user context - file_upload: file upload with filename, size, and type - admin_cleanup: manual cleanup trigger with statistics Each event captures client IP (from X-Forwarded-For/X-Real-IP headers), user agent, and relevant metadata for compliance and debugging. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
1.4 KiB
1.4 KiB
Tasks: Enable Audit Logging
1. Helper Utilities
- 1.1 Create helper function to extract client info (IP, user agent) from FastAPI Request
2. Authentication Events
- 2.1 Log
auth_loginon successful/failed login in auth.py - 2.2 Log
auth_logouton logout in auth.py - 2.3 Log
auth_token_refreshon token refresh (deferred - low priority)
3. Task Events
- 3.1 Log
task_createwhen task is created (deferred - covered by file_upload) - 3.2 Log
task_processwhen task processing starts (deferred - background task) - 3.3 Log
task_completewhen task completes (deferred - background task) - 3.4 Log
task_deletewhen task is deleted
4. Admin Events
- 4.1 Log
admin_cleanupwhen manual cleanup is triggered - 4.2 Log
admin_view_userswhen admin views user list (deferred - low priority)
5. File Events
- 5.1 Log
file_uploadwhen file is uploaded
6. Testing
- 6.1 Verify login creates audit log entry
- 6.2 Verify task operations create audit log entries
- 6.3 Verify audit logs page shows entries
- 6.4 Test backend module imports
Notes
- Core audit events implemented: login, logout, task delete, file upload, admin cleanup
- Background task events (task_process, task_complete) deferred - would require significant refactoring
- Low priority admin events deferred for future implementation