audit

package
v1.6.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 10, 2026 License: GPL-3.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Detail 

func Detail(kv ...string) map[string]string

Detail builds a detail map from key-value string pairs. Pass nil for events with no detail.

func HandleListAuditLogs 

func HandleListAuditLogs(w http.ResponseWriter, r *http.Request)

HandleListAuditLogs godoc @Summary List audit log events @Description Returns a paginated list of audit events with optional filters. @Tags admin @Produce json @Security BearerAuth @Param event query string false "Filter by event type" @Param actor_id query string false "Filter by actor user ID" @Param limit query int false "Page size (default 50)" @Param offset query int false "Offset (default 0)" @Success 200 {object} AuditLogListResponse @Router /admin/api/audit-logs [get]

func Log 

func Log(event Event, actor Actor, targetType TargetType, targetID string, detail map[string]string, ip string)

Log records an audit event synchronously. Actor can be nil when the acting user is unknown (e.g. failed login). Detail can be nil for events with no extra data. Returns immediately if audit logging is disabled (retention is "0" or empty).

Types

type Actor 

type Actor interface {
	GetID() string
	GetUsername() string
}

Actor represents the user performing an action. Pass nil when the actor is unknown (e.g. failed login attempts). The user.User type satisfies this interface via GetID() and GetUsername() methods.

func ActorFromRequest 

func ActorFromRequest(r *http.Request) Actor

ActorFromRequest extracts the actor from a request's bearer token. Returns nil if the token is missing or invalid. Safe to use in packages that can't import pkg/user due to circular dependencies.

type AuditLog 

type AuditLog struct {
	ID            string
	Event         string
	ActorID       *string
	ActorUsername string
	TargetType    string
	TargetID      string
	Detail        string
	IPAddress     string
	CreatedAt     time.Time
}

AuditLog represents a single audit event stored in the database.

func ListAuditLogs 

func ListAuditLogs(event, actorID string, limit, offset int) ([]AuditLog, int, error)

ListAuditLogs returns a page of audit events matching the given filters, plus the total count of matching rows. Results are ordered newest-first.

func (*AuditLog) ToResponse 

func (a *AuditLog) ToResponse() AuditLogResponse

type AuditLogListResponse 

type AuditLogListResponse struct {
	Data  []AuditLogResponse `json:"data"`
	Total int                `json:"total"`
}

AuditLogListResponse wraps a page of audit events with a total count.

type AuditLogResponse 

type AuditLogResponse struct {
	ID            string  `json:"id"`
	Event         string  `json:"event"`
	ActorID       *string `json:"actor_id"`
	ActorUsername string  `json:"actor_username"`
	TargetType    string  `json:"target_type"`
	TargetID      string  `json:"target_id"`
	Detail        string  `json:"detail"`
	IPAddress     string  `json:"ip_address"`
	CreatedAt     string  `json:"created_at"`
}

AuditLogResponse is the JSON representation of an audit event.

type Event 

type Event string

Event identifies the type of audit event. 

const (
	EventLoginSuccess           Event = "login_success"
	EventLoginFailed            Event = "login_failed"
	EventMfaSuccess             Event = "mfa_success"
	EventMfaFailed              Event = "mfa_failed"
	EventPasskeyLoginSuccess    Event = "passkey_login_success"
	EventPasskeyLoginFailed     Event = "passkey_login_failed"
	EventPasswordChanged        Event = "password_changed"
	EventPasswordResetRequested Event = "password_reset_requested"
	EventPasswordResetCompleted Event = "password_reset_completed"
	EventUserCreated            Event = "user_created"
	EventUserUpdated            Event = "user_updated"
	EventUserDeactivated        Event = "user_deactivated"
	EventUserReactivated        Event = "user_reactivated"
	EventUserDeleted            Event = "user_deleted"
	EventUserUnlocked           Event = "user_unlocked"
	EventMfaEnrolled            Event = "mfa_enrolled"
	EventMfaDisabled            Event = "mfa_disabled"
	EventPasskeyAdded           Event = "passkey_added"
	EventPasskeyRemoved         Event = "passkey_removed"
	EventLogout                 Event = "logout"
	EventSessionRevoked         Event = "session_revoked"
	EventClientCreated          Event = "client_created"
	EventClientUpdated          Event = "client_updated"
	EventClientDeleted          Event = "client_deleted"
	EventSettingsUpdated        Event = "settings_updated"
	EventSettingsImported       Event = "settings_imported"
	EventFederationCreated      Event = "federation_created"
	EventFederationUpdated      Event = "federation_updated"
	EventFederationDeleted      Event = "federation_deleted"
	EventDeletionApproved       Event = "deletion_approved"
)

type SimpleActor 

type SimpleActor struct {
	ID       string
	Username string
}

SimpleActor is a lightweight Actor for cases where importing the user package would cause circular dependencies.

func (SimpleActor) GetID 

func (a SimpleActor) GetID() string

func (SimpleActor) GetUsername 

func (a SimpleActor) GetUsername() string

type TargetType 

type TargetType string

TargetType identifies the kind of entity affected by an audit event. 

const (
	TargetUser       TargetType = "user"
	TargetClient     TargetType = "client"
	TargetSession    TargetType = "session"
	TargetSettings   TargetType = "settings"
	TargetFederation TargetType = "federation"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.