kjanat/livedash-node
1
0
Fork 0
mirror of https://github.com/kjanat/livedash-node.git synced 2026-01-16 11:32:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: address multiple code review issues across platform components

Browse Source 
- Fix maxUsers input validation to prevent negative values and handle NaN cases
- Enhance error handling in fetchCompany with detailed logging and context
- Implement actual cache invalidation logic with pattern-based clearing
- Add comprehensive cache optimization with memory management
- Remove unsafe type casting in performance history analytics
- Improve form validation and authentication patterns
- Update documentation to mask sensitive data in examples
This commit is contained in:
Kaj Kowalski
2025-07-13 12:52:54 +02:00
parent eee5286447
commit 53baa924cb
9 changed files with 379 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

181
app/api/admin/performance/route.ts
View File

@ -139,26 +139,19 @@ async function getPerformanceSummary() {
async function getPerformanceHistory(limit: number) { async function getPerformanceHistory(limit: number) {
const history = performanceMonitor.getHistory(limit); const history = performanceMonitor.getHistory(limit);
const historyAsRecords = history.map( // history is already typed as PerformanceMetrics[], no casting needed
(item) => item as unknown as Record<string, unknown>
);
return NextResponse.json({ return NextResponse.json({
history, history,
analytics: { analytics: {
averageMemoryUsage: calculateAverage( averageMemoryUsage: history.length > 0
historyAsRecords, ? history.reduce((sum, item) => sum + item.memoryUsage.heapUsed, 0) / history.length
"memoryUsage.heapUsed" : 0,
), averageResponseTime: history.length > 0
averageResponseTime: calculateAverage( ? history.reduce((sum, item) => sum + item.requestMetrics.averageResponseTime, 0) / history.length
historyAsRecords, : 0,
"requestMetrics.averageResponseTime" memoryTrend: calculateTrend(history, "memoryUsage.heapUsed"),
), responseTrend: calculateTrend(history, "requestMetrics.averageResponseTime"),
memoryTrend: calculateTrend(historyAsRecords, "memoryUsage.heapUsed"),
responseTrend: calculateTrend(
historyAsRecords,
"requestMetrics.averageResponseTime"
),
}, },
}); });
} }
@ -269,11 +262,81 @@ async function optimizeCache(
target: string, target: string,
_options: Record<string, unknown> = {} _options: Record<string, unknown> = {}
) { ) {
// Implementation for cache optimization try {
let optimizationResults: string[] = [];
switch (target) {
case "memory":
// Trigger garbage collection and memory cleanup
if (global.gc) {
global.gc();
optimizationResults.push("Forced garbage collection");
}
// Get current memory usage before optimization
const beforeMemory = cacheManager.getTotalMemoryUsage();
optimizationResults.push(`Memory usage before optimization: ${beforeMemory.toFixed(2)} MB`);
break;
case "lru":
// Clear all LRU caches to free memory
const beforeClearStats = cacheManager.getAllStats();
const totalCachesBefore = Object.keys(beforeClearStats).length;
cacheManager.clearAll();
optimizationResults.push(`Cleared ${totalCachesBefore} LRU caches`);
break;
case "all":
// Comprehensive cache optimization
if (global.gc) {
global.gc();
optimizationResults.push("Forced garbage collection");
}
const allStats = cacheManager.getAllStats();
const totalCaches = Object.keys(allStats).length;
const memoryBefore = cacheManager.getTotalMemoryUsage();
cacheManager.clearAll();
const memoryAfter = cacheManager.getTotalMemoryUsage();
const memorySaved = memoryBefore - memoryAfter;
optimizationResults.push(
`Cleared ${totalCaches} caches`,
`Memory freed: ${memorySaved.toFixed(2)} MB`
);
break;
default:
return NextResponse.json({
success: false,
error: `Unknown optimization target: ${target}. Valid targets: memory, lru, all`,
}, { status: 400 });
}
// Get post-optimization metrics
const metrics = cacheManager.getPerformanceReport();
return NextResponse.json({ return NextResponse.json({
success: true, success: true,
message: `Cache optimization applied to '${target}'`, message: `Cache optimization applied to '${target}'`,
optimizations: optimizationResults,
metrics: {
totalMemoryUsage: metrics.totalMemoryUsage,
averageHitRate: metrics.averageHitRate,
totalCaches: metrics.totalCaches,
},
}); });
} catch (error) {
console.error("Cache optimization failed:", error);
return NextResponse.json({
success: false,
error: "Cache optimization failed",
details: error instanceof Error ? error.message : "Unknown error",
}, { status: 500 });
}
} }
async function invalidatePattern( async function invalidatePattern(
@ -285,11 +348,77 @@ async function invalidatePattern(
throw new Error("Pattern is required for invalidation"); throw new Error("Pattern is required for invalidation");
} }
// Implementation for pattern-based invalidation try {
let invalidatedCount = 0;
let invalidationResults: string[] = [];
switch (target) {
case "all":
// Clear all caches (pattern-based clearing not available in current implementation)
const allCacheStats = cacheManager.getAllStats();
const allCacheNames = Object.keys(allCacheStats);
cacheManager.clearAll();
invalidatedCount = allCacheNames.length;
invalidationResults.push(`Cleared all ${invalidatedCount} caches (pattern matching not supported)`);
break;
case "memory":
// Get memory usage and clear if pattern would match memory operations
const memoryBefore = cacheManager.getTotalMemoryUsage();
cacheManager.clearAll();
const memoryAfter = cacheManager.getTotalMemoryUsage();
invalidatedCount = 1;
invalidationResults.push(`Cleared memory caches, freed ${(memoryBefore - memoryAfter).toFixed(2)} MB`);
break;
case "lru":
// Clear all LRU caches
const lruStats = cacheManager.getAllStats();
const lruCacheCount = Object.keys(lruStats).length;
cacheManager.clearAll();
invalidatedCount = lruCacheCount;
invalidationResults.push(`Cleared ${invalidatedCount} LRU caches`);
break;
default:
// Try to remove a specific cache by name
const removed = cacheManager.removeCache(target);
if (!removed) {
return NextResponse.json({
success: false,
error: `Cache '${target}' not found. Valid targets: all, memory, lru, or specific cache name`,
}, { status: 400 });
}
invalidatedCount = 1;
invalidationResults.push(`Removed cache '${target}'`);
break;
}
// Get post-invalidation metrics
const metrics = cacheManager.getPerformanceReport();
return NextResponse.json({ return NextResponse.json({
success: true, success: true,
message: `Pattern '${pattern}' invalidated in cache '${target}'`, message: `Pattern '${pattern}' invalidated in cache '${target}'`,
invalidated: invalidatedCount,
details: invalidationResults,
metrics: {
totalMemoryUsage: metrics.totalMemoryUsage,
totalCaches: metrics.totalCaches,
averageHitRate: metrics.averageHitRate,
},
}); });
} catch (error) {
console.error("Pattern invalidation failed:", error);
return NextResponse.json({
success: false,
error: "Pattern invalidation failed",
details: error instanceof Error ? error.message : "Unknown error",
}, { status: 500 });
}
} }
// Helper functions // Helper functions
@ -363,7 +492,7 @@ function calculateOverallDeduplicationStats(
}; };
} }
function calculateAverage( function _calculateAverage(
history: Record<string, unknown>[], history: Record<string, unknown>[],
path: string path: string
): number { ): number {
@ -378,7 +507,7 @@ function calculateAverage(
} }
function calculateTrend( function calculateTrend(
history: Record<string, unknown>[], history: Array<PerformanceMetrics>,
path: string path: string
): "increasing" | "decreasing" | "stable" { ): "increasing" | "decreasing" | "stable" {
if (history.length < 2) return "stable"; if (history.length < 2) return "stable";
@ -388,14 +517,22 @@ function calculateTrend(
if (older.length === 0) return "stable"; if (older.length === 0) return "stable";
const recentAvg = calculateAverage(recent, path); const recentAvg = recent.length > 0
const olderAvg = calculateAverage(older, path); ? recent.reduce((sum, item) => sum + getNestedPropertyValue(item, path), 0) / recent.length
: 0;
const olderAvg = older.length > 0
? older.reduce((sum, item) => sum + getNestedPropertyValue(item, path), 0) / older.length
: 0;
if (recentAvg > olderAvg * 1.1) return "increasing"; if (recentAvg > olderAvg * 1.1) return "increasing";
if (recentAvg < olderAvg * 0.9) return "decreasing"; if (recentAvg < olderAvg * 0.9) return "decreasing";
return "stable"; return "stable";
} }
function getNestedPropertyValue(obj: Record<string, unknown>, path: string): number {
return path.split('.').reduce((current, key) => current?.[key] ?? 0, obj) || 0;
}
function getNestedValue(obj: Record<string, unknown>, path: string): unknown { function getNestedValue(obj: Record<string, unknown>, path: string): unknown {
return path return path
.split(".") .split(".")

117
app/api/admin/schedulers/route.ts
View File

@ -1,95 +1,70 @@
import { type NextRequest, NextResponse } from "next/server";
import { getSchedulerIntegration } from "@/lib/services/schedulers/ServerSchedulerIntegration"; import { getSchedulerIntegration } from "@/lib/services/schedulers/ServerSchedulerIntegration";
import { createAdminHandler } from "@/lib/api";
import { z } from "zod";
/** /**
* Get all schedulers with their status and metrics * Get all schedulers with their status and metrics
* Requires admin authentication
*/ */
export async function GET() { export const GET = createAdminHandler(async (_context) => {
try {
const integration = getSchedulerIntegration(); const integration = getSchedulerIntegration();
const schedulers = integration.getSchedulersList(); const schedulers = integration.getSchedulersList();
const health = integration.getHealthStatus(); const health = integration.getHealthStatus();
return NextResponse.json({ return {
success: true, success: true,
data: { data: {
health, health,
schedulers, schedulers,
timestamp: new Date().toISOString(), timestamp: new Date().toISOString(),
}, },
}); };
} catch (error) { });
console.error("[Scheduler Management API] GET Error:", error);
return NextResponse.json( const PostInputSchema = z.object({
{ action: z.enum(["start", "stop", "trigger", "startAll", "stopAll"]),
success: false, schedulerId: z.string().optional(),
error: "Failed to get scheduler information", }).refine(
timestamp: new Date().toISOString(), (data) => {
}, // schedulerId is required for individual scheduler actions
{ status: 500 } const actionsRequiringSchedulerId = ["start", "stop", "trigger"];
); if (actionsRequiringSchedulerId.includes(data.action)) {
return data.schedulerId !== undefined && data.schedulerId.length > 0;
} }
} return true;
},
{
message: "schedulerId is required for start, stop, and trigger actions",
path: ["schedulerId"],
}
);
/** /**
* Control scheduler operations (start/stop/trigger) * Control scheduler operations (start/stop/trigger)
* Requires admin authentication
*/ */
export async function POST(request: NextRequest) { export const POST = createAdminHandler(async (_context, validatedData) => {
try { const { action, schedulerId } = validatedData;
const body = await request.json();
const { action, schedulerId } = body;
if (!action) {
return NextResponse.json(
{
success: false,
error: "Action is required",
},
{ status: 400 }
);
}
const integration = getSchedulerIntegration(); const integration = getSchedulerIntegration();
switch (action) { switch (action) {
case "start": case "start":
if (!schedulerId) { if (schedulerId) {
return NextResponse.json(
{
success: false,
error: "schedulerId is required for start action",
},
{ status: 400 }
);
}
await integration.startScheduler(schedulerId); await integration.startScheduler(schedulerId);
}
break; break;
case "stop": case "stop":
if (!schedulerId) { if (schedulerId) {
return NextResponse.json(
{
success: false,
error: "schedulerId is required for stop action",
},
{ status: 400 }
);
}
await integration.stopScheduler(schedulerId); await integration.stopScheduler(schedulerId);
}
break; break;
case "trigger": case "trigger":
if (!schedulerId) { if (schedulerId) {
return NextResponse.json(
{
success: false,
error: "schedulerId is required for trigger action",
},
{ status: 400 }
);
}
await integration.triggerScheduler(schedulerId); await integration.triggerScheduler(schedulerId);
}
break; break;
case "startAll": case "startAll":
@ -101,31 +76,17 @@ export async function POST(request: NextRequest) {
break; break;
default: default:
return NextResponse.json( return {
{
success: false, success: false,
error: `Unknown action: ${action}`, error: `Unknown action: ${action}`,
}, };
{ status: 400 }
);
} }
return NextResponse.json({ return {
success: true, success: true,
message: `Action '${action}' completed successfully`, message: `Action '${action}' completed successfully`,
timestamp: new Date().toISOString(), timestamp: new Date().toISOString(),
}); };
} catch (error) { }, {
console.error("[Scheduler Management API] POST Error:", error); validateInput: PostInputSchema,
});
return NextResponse.json(
{
success: false,
error:
error instanceof Error ? error.message : "Unknown error occurred",
timestamp: new Date().toISOString(),
},
{ status: 500 }
);
}
}

40
app/platform/companies/[id]/page.tsx
View File

@ -230,17 +230,35 @@ function useCompanyData(
setOriginalData(companyData); setOriginalData(companyData);
setHasFetched(true); setHasFetched(true);
} else { } else {
const errorText = await response.text();
const errorMessage = `Failed to load company data (${response.status}: ${response.statusText})`;
console.error("Failed to fetch company - HTTP Error:", {
status: response.status,
statusText: response.statusText,
response: errorText,
url: response.url,
});
toast({ toast({
title: "Error", title: "Error",
description: "Failed to load company data", description: errorMessage,
variant: "destructive", variant: "destructive",
}); });
} }
} catch (error) { } catch (error) {
console.error("Failed to fetch company:", error); const errorMessage = error instanceof Error ? error.message : "Unknown error occurred";
console.error("Failed to fetch company - Network/Parse Error:", {
message: errorMessage,
error: error,
stack: error instanceof Error ? error.stack : undefined,
url: `/api/platform/companies/${params.id}`,
});
toast({ toast({
title: "Error", title: "Error",
description: "Failed to load company data", description: `Failed to load company data: ${errorMessage}`,
variant: "destructive", variant: "destructive",
}); });
} finally { } finally {
@ -350,12 +368,20 @@ function renderCompanyInfoCard(
id={maxUsersFieldId} id={maxUsersFieldId}
type="number" type="number"
value={state.editData.maxUsers || 0} value={state.editData.maxUsers || 0}
onChange={(e) => onChange={(e) => {
const value = e.target.value;
const parsedValue = Number.parseInt(value, 10);
// Validate input: must be a positive number
const maxUsers = !Number.isNaN(parsedValue) && parsedValue > 0
? parsedValue
: 1; // Default to 1 for invalid/negative values
state.setEditData((prev) => ({ state.setEditData((prev) => ({
...prev, ...prev,
maxUsers: Number.parseInt(e.target.value), maxUsers,
})) }));
} }}
disabled={!canEdit} disabled={!canEdit}
/> />
</div> </div>

101
app/platform/dashboard/page.tsx
View File

@ -84,6 +84,11 @@ interface NewCompanyData {
maxUsers: number; maxUsers: number;
} }
interface ValidationErrors {
csvUrl?: string;
adminEmail?: string;
}
interface FormIds { interface FormIds {
companyNameId: string; companyNameId: string;
csvUrlId: string; csvUrlId: string;
@ -151,6 +156,7 @@ function usePlatformDashboardState() {
adminPassword: "", adminPassword: "",
maxUsers: 10, maxUsers: 10,
}); });
const [validationErrors, setValidationErrors] = useState<ValidationErrors>({});
return { return {
dashboardData, dashboardData,
@ -169,6 +175,8 @@ function usePlatformDashboardState() {
setSearchTerm, setSearchTerm,
newCompanyData, newCompanyData,
setNewCompanyData, setNewCompanyData,
validationErrors,
setValidationErrors,
}; };
} }
@ -197,13 +205,44 @@ function useFormIds() {
}; };
} }
/**
* Validation functions
*/
function validateEmail(email: string): string | undefined {
if (!email) return undefined;
const emailRegex = /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/;
if (!emailRegex.test(email)) {
return "Please enter a valid email address";
}
return undefined;
}
function validateUrl(url: string): string | undefined {
if (!url) return undefined;
try {
const urlObj = new URL(url);
if (!['http:', 'https:'].includes(urlObj.protocol)) {
return "URL must use HTTP or HTTPS protocol";
}
return undefined;
} catch {
return "Please enter a valid URL (e.g., https://api.company.com/data.csv)";
}
}
/** /**
* Render company form fields * Render company form fields
*/ */
function renderCompanyFormFields( function renderCompanyFormFields(
newCompanyData: NewCompanyData, newCompanyData: NewCompanyData,
setNewCompanyData: React.Dispatch<React.SetStateAction<NewCompanyData>>, setNewCompanyData: React.Dispatch<React.SetStateAction<NewCompanyData>>,
formIds: FormIds formIds: FormIds,
validationErrors: ValidationErrors,
setValidationErrors: React.Dispatch<React.SetStateAction<ValidationErrors>>
) { ) {
return ( return (
<div className="grid gap-4 py-4"> <div className="grid gap-4 py-4">
@ -226,14 +265,26 @@ function renderCompanyFormFields(
<Input <Input
id={formIds.csvUrlId} id={formIds.csvUrlId}
value={newCompanyData.csvUrl} value={newCompanyData.csvUrl}
onChange={(e) => onChange={(e) => {
const value = e.target.value;
setNewCompanyData((prev: NewCompanyData) => ({ setNewCompanyData((prev: NewCompanyData) => ({
...prev, ...prev,
csvUrl: e.target.value, csvUrl: value,
})) }));
}
// Validate URL on change
const error = validateUrl(value);
setValidationErrors((prev) => ({
...prev,
csvUrl: error,
}));
}}
placeholder="https://api.company.com/sessions.csv" placeholder="https://api.company.com/sessions.csv"
className={validationErrors.csvUrl ? "border-red-500" : ""}
/> />
{validationErrors.csvUrl && (
<p className="text-sm text-red-500">{validationErrors.csvUrl}</p>
)}
</div> </div>
<div className="space-y-2"> <div className="space-y-2">
<Label htmlFor={formIds.csvUsernameId}>CSV Auth Username</Label> <Label htmlFor={formIds.csvUsernameId}>CSV Auth Username</Label>
@ -284,14 +335,26 @@ function renderCompanyFormFields(
id={formIds.adminEmailId} id={formIds.adminEmailId}
type="email" type="email"
value={newCompanyData.adminEmail} value={newCompanyData.adminEmail}
onChange={(e) => onChange={(e) => {
const value = e.target.value;
setNewCompanyData((prev: NewCompanyData) => ({ setNewCompanyData((prev: NewCompanyData) => ({
...prev, ...prev,
adminEmail: e.target.value, adminEmail: value,
})) }));
}
// Validate email on change
const error = validateEmail(value);
setValidationErrors((prev) => ({
...prev,
adminEmail: error,
}));
}}
placeholder="admin@acme.com" placeholder="admin@acme.com"
className={validationErrors.adminEmail ? "border-red-500" : ""}
/> />
{validationErrors.adminEmail && (
<p className="text-sm text-red-500">{validationErrors.adminEmail}</p>
)}
</div> </div>
<div className="space-y-2"> <div className="space-y-2">
<Label htmlFor={formIds.adminPasswordId}>Admin Password</Label> <Label htmlFor={formIds.adminPasswordId}>Admin Password</Label>
@ -549,6 +612,8 @@ export default function PlatformDashboard() {
setSearchTerm, setSearchTerm,
newCompanyData, newCompanyData,
setNewCompanyData, setNewCompanyData,
validationErrors,
setValidationErrors,
} = usePlatformDashboardState(); } = usePlatformDashboardState();
const { const {
@ -611,12 +676,21 @@ export default function PlatformDashboard() {
}; };
const validateCompanyData = () => { const validateCompanyData = () => {
return !!( // Check for required fields
const hasRequiredFields = !!(
newCompanyData.name && newCompanyData.name &&
newCompanyData.csvUrl && newCompanyData.csvUrl &&
newCompanyData.adminEmail && newCompanyData.adminEmail &&
newCompanyData.adminName newCompanyData.adminName
); );
// Check for validation errors
const hasValidationErrors = !!(
validationErrors.csvUrl ||
validationErrors.adminEmail
);
return hasRequiredFields && !hasValidationErrors;
}; };
const showValidationError = () => { const showValidationError = () => {
@ -740,6 +814,7 @@ export default function PlatformDashboard() {
adminPassword: "", adminPassword: "",
maxUsers: 10, maxUsers: 10,
}); });
setValidationErrors({});
setShowAddCompany(false); setShowAddCompany(false);
}; };
@ -876,7 +951,9 @@ export default function PlatformDashboard() {
adminNameId, adminNameId,
adminPasswordId, adminPasswordId,
maxUsersId, maxUsersId,
} },
validationErrors,
setValidationErrors
)} )}
<DialogFooter> <DialogFooter>
<Button <Button
@ -887,7 +964,7 @@ export default function PlatformDashboard() {
</Button> </Button>
<Button <Button
onClick={handleCreateCompany} onClick={handleCreateCompany}
disabled={isCreating} disabled={isCreating || !validateCompanyData()}
> >
{isCreating ? "Creating..." : "Create Company"} {isCreating ? "Creating..." : "Create Company"}
</Button> </Button>

4
docs/admin-audit-logs-api.md
View File

@ -65,8 +65,8 @@ const data = await response.json();
"severity": "HIGH", "severity": "HIGH",
"userId": "user-456", "userId": "user-456",
"companyId": "company-789", "companyId": "company-789",
"ipAddress": "192.168.1.100", "ipAddress": "192.168.1.***",
"userAgent": "Mozilla/5.0...", "userAgent": "Mozilla/5.0 (masked)",
"timestamp": "2024-01-01T12:00:00Z", "timestamp": "2024-01-01T12:00:00Z",
"description": "Failed login attempt", "description": "Failed login attempt",
"metadata": { "metadata": {

17
docs/csp-metrics-api.md
View File

@ -136,8 +136,8 @@ const metrics = await response.json();
"sourceFile": "https://example.com/page", "sourceFile": "https://example.com/page",
"riskLevel": "high", "riskLevel": "high",
"bypassAttempt": true, "bypassAttempt": true,
"ipAddress": "192.168.1.100", "ipAddress": "192.168.1.***",
"userAgent": "Mozilla/5.0..." "userAgent": "Mozilla/5.0 (masked)"
} }
] ]
} }
@ -425,9 +425,16 @@ CSP_ALERT_THRESHOLD=5 # violations per 10 minutes
### Privacy Protection ### Privacy Protection
- **IP anonymization** option for GDPR compliance **⚠️ Data Collection Notice:**
- **User agent sanitization** removes sensitive information - **IP addresses** are collected and stored in memory for security monitoring
- **No personal data** stored in violation reports - **User agent strings** are stored for browser compatibility analysis
- **Legal basis**: Legitimate interest for security incident detection and prevention
- **Retention**: In-memory storage only, automatically purged after 7 days or application restart
- **Data minimization**: Only violation-related metadata is retained, not page content
**Planned Privacy Enhancements:**
- IP anonymization options for GDPR compliance (roadmap)
- User agent sanitization to remove sensitive information (roadmap)
### Rate Limiting Protection ### Rate Limiting Protection

8
docs/database-performance-optimizations.md
View File

@ -21,12 +21,12 @@ The optimization focuses on the most frequently queried patterns in the applicat
```sql ```sql
-- Query pattern: companyId + processingStatus + requestedAt -- Query pattern: companyId + processingStatus + requestedAt
CREATE INDEX "AIProcessingRequest_companyId_processingStatus_requestedAt_idx" CREATE INDEX "AIProcessingRequest_companyId_processingStatus_requestedAt_idx"
ON "AIProcessingRequest" ("sessionId", "processingStatus", "requestedAt"); ON "AIProcessingRequest" ("companyId", "processingStatus", "requestedAt");
-- Covering index for batch processing -- Covering index for batch processing
CREATE INDEX "AIProcessingRequest_session_companyId_processingStatus_idx" CREATE INDEX "AIProcessingRequest_companyId_processingStatus_covering_idx"
ON "AIProcessingRequest" ("sessionId") ON "AIProcessingRequest" ("companyId")
INCLUDE ("processingStatus", "batchId", "requestedAt"); INCLUDE ("processingStatus", "batchId", "requestedAt", "sessionId");
``` ```
**Impact**: **Impact**:

4
docs/security-audit-logging.md
View File

@ -104,8 +104,8 @@ import { securityAuditLogger, AuditOutcome } from "./lib/securityAuditLogger";
await securityAuditLogger.logAuthentication("user_login_success", AuditOutcome.SUCCESS, { await securityAuditLogger.logAuthentication("user_login_success", AuditOutcome.SUCCESS, {
userId: "user-123", userId: "user-123",
companyId: "company-456", companyId: "company-456",
ipAddress: "192.168.1.1", ipAddress: "192.168.1.***",
userAgent: "Mozilla/5.0...", userAgent: "Mozilla/5.0 (masked)",
metadata: { loginMethod: "password" }, metadata: { loginMethod: "password" },
}); });

2
docs/security-monitoring.md
View File

@ -191,7 +191,7 @@ const analysis = await fetch("/api/admin/security-monitoring/threat-analysis", {
method: "POST", method: "POST",
headers: { "Content-Type": "application/json" }, headers: { "Content-Type": "application/json" },
body: JSON.stringify({ body: JSON.stringify({
ipAddress: "192.168.1.100", ipAddress: "192.168.1.***",
timeRange: { timeRange: {
start: "2024-01-01T00:00:00Z", start: "2024-01-01T00:00:00Z",
end: "2024-01-02T00:00:00Z", end: "2024-01-02T00:00:00Z",