nhcarrigan/library
9
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests 54 Actions Releases 3 Activity

feat: security and auditing

Browse Source
This commit is contained in:
Naomi Carrigan
2026-02-04 16:48:08 -08:00
parent 11be34cd21
commit 0a654f423a
42 changed files with 2195 additions and 160 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/frontend/src/app/components/admin/admin-audit.component.ts
+373
View File
@@ -0,0 +1,373 @@
import { Component, OnInit, inject, signal } from '@angular/core';
import { CommonModule } from '@angular/common';
import { FormsModule } from '@angular/forms';
import { AuditLogService } from '../../services/audit.service';
import { AuthService } from '../../services/auth.service';
import { Router } from '@angular/router';
import type { AuditLog, AuditAction, AuditCategory } from '@library/shared-types';
@Component({
selector: 'app-admin-audit',
standalone: true,
imports: [CommonModule, FormsModule],
template: `
<div class="audit-container">
<h1>Audit Logs</h1>
@if (!authService.isAuthenticated() || !authService.user()?.isAdmin) {
<div class="unauthorized">
<p>You must be an admin to view this page.</p>
</div>
} @else {
<div class="filters">
<div class="filter-group">
<label for="category-filter">Category:</label>
<select
id="category-filter"
[(ngModel)]="selectedCategory"
(change)="loadLogs()"
>
<option value="">All Categories</option>
<option value="AUTH">Authentication</option>
<option value="CONTENT">Content</option>
<option value="ADMIN">Administration</option>
<option value="SECURITY">Security</option>
</select>
</div>
<div class="filter-group">
<label for="action-filter">Action:</label>
<select
id="action-filter"
[(ngModel)]="selectedAction"
(change)="loadLogs()"
>
<option value="">All Actions</option>
<option value="LOGIN">Login</option>
<option value="LOGOUT">Logout</option>
<option value="LOGIN_FAILED">Login Failed</option>
<option value="COMMENT_CREATE">Comment Created</option>
<option value="COMMENT_DELETE">Comment Deleted</option>
<option value="ENTRY_CREATE">Entry Created</option>
<option value="ENTRY_UPDATE">Entry Updated</option>
<option value="ENTRY_DELETE">Entry Deleted</option>
<option value="USER_BAN">User Banned</option>
<option value="USER_UNBAN">User Unbanned</option>
<option value="RATE_LIMIT_EXCEEDED">Rate Limit Exceeded</option>
<option value="CSRF_VALIDATION_FAILED">CSRF Failed</option>
<option value="UNAUTHORIZED_ACCESS">Unauthorized Access</option>
</select>
</div>
<div class="filter-group">
<label for="success-filter">Status:</label>
<select
id="success-filter"
[(ngModel)]="selectedSuccess"
(change)="loadLogs()"
>
<option value="">All</option>
<option value="true">Success</option>
<option value="false">Failed</option>
</select>
</div>
<button class="refresh-btn" (click)="loadLogs()">Refresh</button>
</div>
@if (loading()) {
<div class="loading">Loading audit logs...</div>
} @else if (logs().length === 0) {
<div class="no-logs">No audit logs found.</div>
} @else {
<div class="logs-table-container">
<table class="logs-table">
<thead>
<tr>
<th>Time</th>
<th>Category</th>
<th>Action</th>
<th>Details</th>
<th>Status</th>
</tr>
</thead>
<tbody>
@for (log of logs(); track log.id) {
<tr [class.failed]="!log.success">
<td class="time">{{ formatDate(log.createdAt) }}</td>
<td>
<span
class="category-badge"
[style.background-color]="auditService.getCategoryColor(log.category)"
>
{{ auditService.getCategoryLabel(log.category) }}
</span>
</td>
<td>{{ auditService.getActionLabel(log.action) }}</td>
<td class="details">{{ log.details ?? '-' }}</td>
<td>
<span class="status-badge" [class.success]="log.success" [class.failed]="!log.success">
{{ log.success ? '✓' : '✗' }}
</span>
</td>
</tr>
}
</tbody>
</table>
</div>
<div class="pagination">
<button
[disabled]="currentPage() <= 1"
(click)="goToPage(currentPage() - 1)"
>
Previous
</button>
<span>Page {{ currentPage() }} of {{ totalPages() }}</span>
<button
[disabled]="currentPage() >= totalPages()"
(click)="goToPage(currentPage() + 1)"
>
Next
</button>
</div>
}
}
</div>
`,
styles: [`
.audit-container {
max-width: 1400px;
margin: 0 auto;
padding: 2rem;
}
h1 {
color: #2d1b4e;
margin-bottom: 1.5rem;
}
.unauthorized {
text-align: center;
padding: 2rem;
background: #fef2f2;
border-radius: 8px;
color: #991b1b;
}
.filters {
display: flex;
gap: 1rem;
margin-bottom: 1.5rem;
flex-wrap: wrap;
align-items: flex-end;
background: rgba(255, 255, 255, 0.8);
padding: 1rem;
border-radius: 8px;
border: 1px solid #e5e7eb;
}
.filter-group {
display: flex;
flex-direction: column;
gap: 0.25rem;
}
.filter-group label {
font-size: 0.85rem;
color: #6b7280;
}
.filter-group select {
padding: 0.5rem;
border: 1px solid #d1d5db;
border-radius: 4px;
min-width: 150px;
}
.refresh-btn {
padding: 0.5rem 1rem;
background: #8b5cf6;
color: white;
border: none;
border-radius: 4px;
cursor: pointer;
}
.refresh-btn:hover {
background: #7c3aed;
}
.loading, .no-logs {
text-align: center;
padding: 2rem;
color: #6b7280;
}
.logs-table-container {
overflow-x: auto;
background: white;
border-radius: 8px;
border: 1px solid #e5e7eb;
}
.logs-table {
width: 100%;
border-collapse: collapse;
}
.logs-table th,
.logs-table td {
padding: 0.75rem 1rem;
text-align: left;
border-bottom: 1px solid #e5e7eb;
}
.logs-table th {
background: #f9fafb;
font-weight: 600;
color: #374151;
}
.logs-table tr:hover {
background: #f9fafb;
}
.logs-table tr.failed {
background: #fef2f2;
}
.logs-table tr.failed:hover {
background: #fee2e2;
}
.time {
white-space: nowrap;
font-size: 0.85rem;
color: #6b7280;
}
.category-badge {
display: inline-block;
padding: 0.25rem 0.5rem;
border-radius: 4px;
color: white;
font-size: 0.75rem;
font-weight: 500;
}
.details {
max-width: 400px;
overflow: hidden;
text-overflow: ellipsis;
white-space: nowrap;
}
.status-badge {
display: inline-block;
width: 24px;
height: 24px;
border-radius: 50%;
text-align: center;
line-height: 24px;
font-weight: bold;
}
.status-badge.success {
background: #dcfce7;
color: #16a34a;
}
.status-badge.failed {
background: #fee2e2;
color: #dc2626;
}
.pagination {
display: flex;
justify-content: center;
align-items: center;
gap: 1rem;
margin-top: 1rem;
padding: 1rem;
}
.pagination button {
padding: 0.5rem 1rem;
background: #8b5cf6;
color: white;
border: none;
border-radius: 4px;
cursor: pointer;
}
.pagination button:disabled {
background: #d1d5db;
cursor: not-allowed;
}
.pagination button:not(:disabled):hover {
background: #7c3aed;
}
`],
})
export class AdminAuditComponent implements OnInit {
authService = inject(AuthService);
auditService = inject(AuditLogService);
private router = inject(Router);
logs = signal<AuditLog[]>([]);
loading = signal(true);
currentPage = signal(1);
totalPages = signal(1);
selectedCategory = '';
selectedAction = '';
selectedSuccess = '';
ngOnInit() {
if (!this.authService.isAuthenticated() || !this.authService.user()?.isAdmin) {
this.router.navigate(['/']);
return;
}
this.loadLogs();
}
async loadLogs() {
this.loading.set(true);
try {
const filters: Record<string, unknown> = {
page: this.currentPage(),
limit: 50,
};
if (this.selectedCategory) {
filters['category'] = this.selectedCategory as AuditCategory;
}
if (this.selectedAction) {
filters['action'] = this.selectedAction as AuditAction;
}
if (this.selectedSuccess !== '') {
filters['success'] = this.selectedSuccess === 'true';
}
const response = await this.auditService.getLogs(filters);
this.logs.set(response.logs);
this.totalPages.set(response.totalPages);
} catch (error) {
console.error('Failed to load audit logs:', error);
} finally {
this.loading.set(false);
}
}
goToPage(page: number) {
this.currentPage.set(page);
this.loadLogs();
}
formatDate(date: Date | string): string {
const d = new Date(date);
return d.toLocaleString();
}
}
apps/frontend/src/app/components/admin/admin-users.component.ts
+268
View File
@@ -0,0 +1,268 @@
/**
* @copyright 2026 NHCarrigan
* @license Naomi's Public License
* @author Naomi Carrigan
*/
import { Component, OnInit, inject, signal } from '@angular/core';
import { CommonModule } from '@angular/common';
import { Router } from '@angular/router';
import { UserService } from '../../services/user.service';
import { AuthService } from '../../services/auth.service';
import { User } from '@library/shared-types';
@Component({
selector: 'app-admin-users',
standalone: true,
imports: [CommonModule],
template: `
<div class="admin-container">
<h2>User Management</h2>
@if (loading()) {
<p class="loading">Loading users...</p>
} @else if (error()) {
<p class="error">{{ error() }}</p>
} @else {
<div class="users-list">
@for (user of users(); track user.id) {
<div class="user-card" [class.banned]="user.isBanned">
<div class="user-info">
@if (user.avatarUrl) {
<img [src]="user.avatarUrl" [alt]="user.username" class="avatar" />
} @else {
<div class="avatar-placeholder">{{ user.username.charAt(0).toUpperCase() }}</div>
}
<div class="user-details">
<span class="username">{{ user.username }}</span>
<span class="email">{{ user.email }}</span>
@if (user.isAdmin) {
<span class="admin-badge">Admin</span>
}
@if (user.isBanned) {
<span class="banned-badge">Banned</span>
}
</div>
</div>
<div class="user-actions">
@if (!user.isAdmin) {
@if (user.isBanned) {
<button (click)="unbanUser(user.id)" class="btn btn-unban">Unban</button>
} @else {
<button (click)="banUser(user.id)" class="btn btn-ban">Ban</button>
}
}
</div>
</div>
} @empty {
<p class="no-users">No users found.</p>
}
</div>
}
</div>
`,
styles: [`
.admin-container {
max-width: 800px;
margin: 0 auto;
padding: 2rem;
}
h2 {
color: var(--witch-purple);
margin-bottom: 2rem;
}
.loading, .error, .no-users {
text-align: center;
padding: 2rem;
color: var(--witch-mauve);
}
.error {
color: var(--witch-rose);
}
.users-list {
display: flex;
flex-direction: column;
gap: 1rem;
}
.user-card {
display: flex;
justify-content: space-between;
align-items: center;
padding: 1rem 1.5rem;
background: var(--witch-moon);
border-radius: 8px;
box-shadow: 0 2px 8px var(--witch-shadow);
transition: all 0.3s;
}
.user-card.banned {
opacity: 0.7;
background: var(--witch-lavender);
}
.user-info {
display: flex;
align-items: center;
gap: 1rem;
}
.avatar {
width: 48px;
height: 48px;
border-radius: 50%;
object-fit: cover;
}
.avatar-placeholder {
width: 48px;
height: 48px;
border-radius: 50%;
background: var(--witch-purple);
color: var(--witch-moon);
display: flex;
align-items: center;
justify-content: center;
font-weight: bold;
font-size: 1.2rem;
}
.user-details {
display: flex;
flex-direction: column;
gap: 0.25rem;
}
.username {
font-weight: 600;
color: var(--witch-purple);
}
.email {
font-size: 0.85rem;
color: var(--witch-mauve);
}
.admin-badge {
display: inline-block;
background: var(--witch-rose);
color: var(--witch-moon);
padding: 0.15rem 0.5rem;
border-radius: 4px;
font-size: 0.75rem;
width: fit-content;
}
.banned-badge {
display: inline-block;
background: var(--witch-plum);
color: var(--witch-moon);
padding: 0.15rem 0.5rem;
border-radius: 4px;
font-size: 0.75rem;
width: fit-content;
}
.user-actions {
display: flex;
gap: 0.5rem;
}
.btn {
padding: 0.5rem 1rem;
border: none;
border-radius: 4px;
cursor: pointer;
font-size: 0.9rem;
transition: all 0.3s;
}
.btn:hover {
transform: translateY(-2px);
box-shadow: 0 4px 8px var(--witch-shadow);
}
.btn-ban {
background: var(--witch-rose);
color: var(--witch-moon);
}
.btn-ban:hover {
background: var(--witch-plum);
}
.btn-unban {
background: var(--witch-purple);
color: var(--witch-moon);
}
.btn-unban:hover {
background: var(--witch-mauve);
color: var(--witch-purple);
}
`]
})
export class AdminUsersComponent implements OnInit {
private userService = inject(UserService);
private authService = inject(AuthService);
private router = inject(Router);
users = signal<User[]>([]);
loading = signal(true);
error = signal<string | null>(null);
ngOnInit(): void {
if (!this.authService.isAdmin()) {
this.router.navigate(['/']);
return;
}
this.loadUsers();
}
private loadUsers(): void {
this.loading.set(true);
this.error.set(null);
this.userService.getAllUsers().subscribe({
next: (users) => {
this.users.set(users);
this.loading.set(false);
},
error: (err) => {
this.error.set(err.message ?? 'Failed to load users');
this.loading.set(false);
}
});
}
banUser(userId: string): void {
this.userService.banUser(userId).subscribe({
next: (updatedUser) => {
this.users.update(users =>
users.map(u => u.id === userId ? updatedUser : u)
);
},
error: (err) => {
this.error.set(err.message ?? 'Failed to ban user');
}
});
}
unbanUser(userId: string): void {
this.userService.unbanUser(userId).subscribe({
next: (updatedUser) => {
this.users.update(users =>
users.map(u => u.id === userId ? updatedUser : u)
);
},
error: (err) => {
this.error.set(err.message ?? 'Failed to unban user');
}
});
}
}