feat(audit-logging): Implement Edge-compatible audit logging utility and safe logging module

- Added `auditLogEdge.js` for Edge Runtime compatible audit logging, including console logging and API fallback. - Introduced `auditLogSafe.js` for safe audit logging without direct database imports, ensuring compatibility across runtimes. - Enhanced `auth.js` to integrate safe audit logging for login actions, including success and failure cases. - Created middleware `auditLog.js` to facilitate audit logging for API routes with predefined configurations. - Updated `middleware.js` to allow API route access without authentication checks. - Added tests for audit logging functionality and Edge compatibility in `test-audit-logging.mjs` and `test-edge-compatibility.mjs`. - Implemented safe audit logging tests in `test-safe-audit-logging.mjs` to verify functionality across environments.
2025-07-09 23:08:16 +02:00
parent 90875db28b
commit b1a78bf7a8
20 changed files with 2943 additions and 130 deletions
--- a/test-edge-compatibility.mjs
+++ b/test-edge-compatibility.mjs
@@ -0,0 +1,83 @@
+/**
+ * Test Edge Runtime compatibility for audit logging
+ */
+
+// Test Edge Runtime detection
+console.log("Testing Edge Runtime compatibility...\n");
+
+// Simulate Edge Runtime environment
+const originalEdgeRuntime = global.EdgeRuntime;
+const originalNextRuntime = process.env.NEXT_RUNTIME;
+
+console.log("1. Testing in simulated Edge Runtime environment...");
+global.EdgeRuntime = "edge";
+process.env.NEXT_RUNTIME = "edge";
+
+// Import the audit logging functions
+const { logAuditEvent, getAuditLogs, AUDIT_ACTIONS, RESOURCE_TYPES } =
+	await import("./src/lib/auditLog.js");
+
+// Test logging in Edge Runtime
+logAuditEvent({
+	action: AUDIT_ACTIONS.PROJECT_VIEW,
+	userId: "test-user",
+	resourceType: RESOURCE_TYPES.PROJECT,
+	resourceId: "test-project",
+	details: { test: "edge runtime test" },
+});
+
+// Test querying in Edge Runtime
+const logs = getAuditLogs({ limit: 10 });
+console.log(`Queried logs in Edge Runtime: ${logs.length} results`);
+
+console.log("2. Testing in simulated Node.js Runtime environment...");
+// Restore Node.js environment
+delete global.EdgeRuntime;
+delete process.env.NEXT_RUNTIME;
+
+// Test logging in Node.js Runtime
+try {
+	logAuditEvent({
+		action: AUDIT_ACTIONS.PROJECT_CREATE,
+		userId: "test-user",
+		resourceType: RESOURCE_TYPES.PROJECT,
+		resourceId: "test-project-2",
+		details: { test: "nodejs runtime test" },
+	});
+	console.log("Node.js runtime logging: ✅ Success");
+} catch (error) {
+	console.log("Node.js runtime logging: ❌ Error:", error.message);
+}
+
+// Test querying in Node.js Runtime
+try {
+	const nodeLogs = getAuditLogs({ limit: 10 });
+	console.log(
+		`Node.js runtime querying: ✅ Success (${nodeLogs.length} results)`
+	);
+} catch (error) {
+	console.log("Node.js runtime querying: ❌ Error:", error.message);
+}
+
+// Restore original environment
+if (originalEdgeRuntime !== undefined) {
+	global.EdgeRuntime = originalEdgeRuntime;
+} else {
+	delete global.EdgeRuntime;
+}
+
+if (originalNextRuntime !== undefined) {
+	process.env.NEXT_RUNTIME = originalNextRuntime;
+} else {
+	delete process.env.NEXT_RUNTIME;
+}
+
+console.log("\n✅ Edge Runtime compatibility test completed!");
+console.log("\nKey points:");
+console.log(
+	"- Edge Runtime: Logs to console, returns empty arrays for queries"
+);
+console.log("- Node.js Runtime: Full database functionality");
+console.log('- API routes are configured with runtime: "nodejs"');
+console.log("- Middleware avoids database operations");
+console.log("- Error handling prevents runtime crashes");