b1a78bf7a8
- Added `auditLogEdge.js` for Edge Runtime compatible audit logging, including console logging and API fallback. - Introduced `auditLogSafe.js` for safe audit logging without direct database imports, ensuring compatibility across runtimes. - Enhanced `auth.js` to integrate safe audit logging for login actions, including success and failure cases. - Created middleware `auditLog.js` to facilitate audit logging for API routes with predefined configurations. - Updated `middleware.js` to allow API route access without authentication checks. - Added tests for audit logging functionality and Edge compatibility in `test-audit-logging.mjs` and `test-edge-compatibility.mjs`. - Implemented safe audit logging tests in `test-safe-audit-logging.mjs` to verify functionality across environments.
42 lines
1.0 KiB
JavaScript
42 lines
1.0 KiB
JavaScript
// Force this API route to use Node.js runtime
|
|
export const runtime = "nodejs";
|
|
|
|
import { NextResponse } from "next/server";
|
|
import { auth } from "@/lib/auth";
|
|
import { getAuditLogStats } from "@/lib/auditLog";
|
|
|
|
export async function GET(request) {
|
|
try {
|
|
const session = await auth();
|
|
|
|
if (!session?.user) {
|
|
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
// Only admins and project managers can view audit log statistics
|
|
if (!["admin", "project_manager"].includes(session.user.role)) {
|
|
return NextResponse.json({ error: "Forbidden" }, { status: 403 });
|
|
}
|
|
|
|
const { searchParams } = new URL(request.url);
|
|
|
|
const filters = {
|
|
startDate: searchParams.get("startDate") || null,
|
|
endDate: searchParams.get("endDate") || null,
|
|
};
|
|
|
|
const stats = await getAuditLogStats(filters);
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
data: stats,
|
|
});
|
|
} catch (error) {
|
|
console.error("Audit log stats API error:", error);
|
|
return NextResponse.json(
|
|
{ error: "Internal server error" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|