feat: integrate audit logging across authentication, course management, and user operations

Add comprehensive audit trail tracking by integrating auditService throughout the application. Track user authentication (LOGIN, REGISTER), course lifecycle (CREATE, APPROVE_COURSE, REJECT_COURSE, ENROLL), content management (CREATE/DELETE Chapter/Lesson), file operations (UPLOAD_FILE, DELETE_FILE for videos and attachments), password management (CHANGE_PASSWORD, RESET_PASSWORD), user role updates (UPDATE
2026-02-05 17:35:37 +07:00 · 2026-02-05 17:35:37 +07:00 · 108f1b73f2
commit 108f1b73f2
parent 923c8b727a
10 changed files with 701 additions and 0 deletions
--- a/Backend/src/services/auth.service.ts
+++ b/Backend/src/services/auth.service.ts
@ -17,6 +17,8 @@ import { UserResponse } from '../types/user.types';
 import { UnauthorizedError, ValidationError, ForbiddenError } from '../middleware/errorHandler';
 import nodemailer from 'nodemailer';
 import { getPresignedUrl } from '../config/minio';
+import { auditService } from './audit.service';
+import { AuditAction } from '@prisma/client';

 export class AuthService {
    /**
@ -57,6 +59,15 @@ export class AuthService {

        logger.info('User logged in successfully', { userId: user.id, email: user.email });

+        // Audit log - LOGIN
+        auditService.log({
+            userId: user.id,
+            action: AuditAction.LOGIN,
+            entityType: 'User',
+            entityId: user.id,
+            metadata: { email: user.email, role: user.role.code }
+        });
+
        return {
            code: 200,
            message: 'Login successful',
@ -138,6 +149,15 @@ export class AuthService {

        logger.info('New user registered', { userId: user.id, username: user.username });

+        // Audit log - REGISTER (Student)
+        auditService.log({
+            userId: user.id,
+            action: AuditAction.CREATE,
+            entityType: 'User',
+            entityId: user.id,
+            newValue: { username: user.username, email: user.email, role: 'STUDENT' }
+        });
+
        return {
            user: this.formatUserResponseSync(user),
            message: 'Registration successful'
@ -211,6 +231,15 @@ export class AuthService {

        logger.info('New user registered', { userId: user.id, username: user.username });

+        // Audit log - REGISTER (Instructor)
+        auditService.log({
+            userId: user.id,
+            action: AuditAction.CREATE,
+            entityType: 'User',
+            entityId: user.id,
+            newValue: { username: user.username, email: user.email, role: 'INSTRUCTOR' }
+        });
+
        return {
            user: this.formatUserResponseSync(user),
            message: 'Registration successful'
@ -341,6 +370,16 @@ export class AuthService {
            });

            logger.info('Password reset successfully', { userId: user.id });
+
+            // Audit log - RESET_PASSWORD
+            auditService.log({
+                userId: user.id,
+                action: AuditAction.RESET_PASSWORD,
+                entityType: 'User',
+                entityId: user.id,
+                metadata: { email: user.email }
+            });
+
            return {
                code: 200,
                message: 'Password reset successfully'