generated from nhcarrigan/template
feat: security and auditing
This commit is contained in:
@@ -0,0 +1,84 @@
|
||||
import { Injectable, inject } from '@angular/core';
|
||||
import { firstValueFrom } from 'rxjs';
|
||||
import { ApiService } from './api.service';
|
||||
import type { AuditLog, AuditLogFilters, AuditAction, AuditCategory } from '@library/shared-types';
|
||||
|
||||
interface AuditLogResponse {
|
||||
logs: AuditLog[];
|
||||
total: number;
|
||||
page: number;
|
||||
limit: number;
|
||||
totalPages: number;
|
||||
}
|
||||
|
||||
@Injectable({
|
||||
providedIn: 'root',
|
||||
})
|
||||
export class AuditLogService {
|
||||
private api = inject(ApiService);
|
||||
|
||||
async getLogs(filters: AuditLogFilters = {}): Promise<AuditLogResponse> {
|
||||
const params = new URLSearchParams();
|
||||
|
||||
if (filters.action) params.set('action', filters.action);
|
||||
if (filters.category) params.set('category', filters.category);
|
||||
if (filters.userId) params.set('userId', filters.userId);
|
||||
if (filters.success !== undefined) params.set('success', String(filters.success));
|
||||
if (filters.startDate) params.set('startDate', filters.startDate.toISOString());
|
||||
if (filters.endDate) params.set('endDate', filters.endDate.toISOString());
|
||||
if (filters.page) params.set('page', String(filters.page));
|
||||
if (filters.limit) params.set('limit', String(filters.limit));
|
||||
|
||||
const queryString = params.toString();
|
||||
const url = queryString ? `/audit?${queryString}` : '/audit';
|
||||
|
||||
return firstValueFrom(this.api.get<AuditLogResponse>(url));
|
||||
}
|
||||
|
||||
async getSecurityLogs(page = 1, limit = 50): Promise<AuditLogResponse> {
|
||||
return firstValueFrom(this.api.get<AuditLogResponse>(`/audit/security?page=${page}&limit=${limit}`));
|
||||
}
|
||||
|
||||
async getUserLogs(userId: string, page = 1, limit = 50): Promise<AuditLogResponse> {
|
||||
return firstValueFrom(this.api.get<AuditLogResponse>(`/audit/user/${userId}?page=${page}&limit=${limit}`));
|
||||
}
|
||||
|
||||
getActionLabel(action: AuditAction): string {
|
||||
const labels: Record<string, string> = {
|
||||
LOGIN: 'Login',
|
||||
LOGOUT: 'Logout',
|
||||
LOGIN_FAILED: 'Login Failed',
|
||||
COMMENT_CREATE: 'Comment Created',
|
||||
COMMENT_DELETE: 'Comment Deleted',
|
||||
ENTRY_CREATE: 'Entry Created',
|
||||
ENTRY_UPDATE: 'Entry Updated',
|
||||
ENTRY_DELETE: 'Entry Deleted',
|
||||
USER_BAN: 'User Banned',
|
||||
USER_UNBAN: 'User Unbanned',
|
||||
RATE_LIMIT_EXCEEDED: 'Rate Limit Exceeded',
|
||||
CSRF_VALIDATION_FAILED: 'CSRF Validation Failed',
|
||||
UNAUTHORIZED_ACCESS: 'Unauthorized Access',
|
||||
};
|
||||
return labels[action] ?? action;
|
||||
}
|
||||
|
||||
getCategoryLabel(category: AuditCategory): string {
|
||||
const labels: Record<string, string> = {
|
||||
AUTH: 'Authentication',
|
||||
CONTENT: 'Content',
|
||||
ADMIN: 'Administration',
|
||||
SECURITY: 'Security',
|
||||
};
|
||||
return labels[category] ?? category;
|
||||
}
|
||||
|
||||
getCategoryColor(category: AuditCategory): string {
|
||||
const colors: Record<string, string> = {
|
||||
AUTH: '#3b82f6', // blue
|
||||
CONTENT: '#10b981', // green
|
||||
ADMIN: '#8b5cf6', // purple
|
||||
SECURITY: '#ef4444', // red
|
||||
};
|
||||
return colors[category] ?? '#6b7280';
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user