feat(ee): audit logs (#1977)

feat: clickhouse driver * sync * updates
2026-05-19 07:54:05 +08:00 · 2026-03-01 01:29:03 +00:00
parent 85ce0d32bf
commit 69d7532c6c
62 changed files with 2600 additions and 191 deletions
@@ -3,6 +3,7 @@ import {
  Controller,
  HttpCode,
  HttpStatus,
+  Inject,
  Post,
  Res,
  UseGuards,
@@ -24,6 +25,11 @@ import { VerifyUserTokenDto } from './dto/verify-user-token.dto';
 import { FastifyReply } from 'fastify';
 import { validateSsoEnforcement } from './auth.util';
 import { ModuleRef } from '@nestjs/core';
+import { AuditEvent, AuditResource } from '../../common/events/audit-events';
+import {
+  AUDIT_SERVICE,
+  IAuditService,
+} from '../../integrations/audit/audit.service';

@Controller('auth')
 export class AuthController {
@@ -33,6 +39,7 @@ export class AuthController {
    private authService: AuthService,
    private environmentService: EnvironmentService,
    private moduleRef: ModuleRef,
+    @Inject(AUDIT_SERVICE) private readonly auditService: IAuditService,
  ) {}

  @HttpCode(HttpStatus.OK)
@@ -169,8 +176,17 @@ export class AuthController {
  @UseGuards(JwtAuthGuard)
  @HttpCode(HttpStatus.OK)
  @Post('logout')
-  async logout(@Res({ passthrough: true }) res: FastifyReply) {
+  async logout(
+    @AuthUser() user: User,
+    @Res({ passthrough: true }) res: FastifyReply,
+  ) {
    res.clearCookie('authToken');
+
+    this.auditService.log({
+      event: AuditEvent.USER_LOGOUT,
+      resourceType: AuditResource.USER,
+      resourceId: user.id,
+    });
  }

  setAuthCookie(res: FastifyReply, token: string) {