tanstack.com/src/utils/audit.server.ts at github-app · TanStack/tanstack.com · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import { db } from '~/db/client'
import {
  loginHistory,
  auditLogs,
  type AuditAction,
  type OAuthProvider,
} from '~/db/schema'
import { getClientIp } from './request.server'

// Re-export for backwards compatibility
export { getClientIp }

// Record a login event
export async function recordLogin(opts: {
  userId: string
  provider: OAuthProvider
  isNewUser: boolean
  request: Request
}): Promise<void> {
  const { userId, provider, isNewUser, request } = opts

  await db.insert(loginHistory).values({
    userId,
    provider,
    isNewUser,
    ipAddress: getClientIp(request),
    userAgent: request.headers.get('user-agent') || undefined,
  })
}

// Record an audit log entry
export async function recordAuditLog(opts: {
  actorId: string
  action: AuditAction
  targetType: 'user' | 'role' | 'banner' | 'feed_entry' | 'feedback'
  targetId: string
  details?: Record<string, unknown>
  request?: Request
}): Promise<void> {
  const { actorId, action, targetType, targetId, details, request } = opts

  await db.insert(auditLogs).values({
    actorId,
    action,
    targetType,
    targetId,
    details: details ?? null,
    ipAddress: request ? getClientIp(request) : undefined,
    userAgent: request?.headers.get('user-agent') || undefined,
  })
}