ilk

svc/middlewares/auditlog_middleware.go

@@ -0,0 +1,71 @@
+package middlewares
+
+import (
+	"bssapp-backend/auth"
+	"net/http"
+	"time"
+
+	"bssapp-backend/internal/auditlog"
+)
+
+type ResponseWriter struct {
+	http.ResponseWriter
+	status int
+}
+
+func NewResponseWriter(w http.ResponseWriter) *ResponseWriter {
+	return &ResponseWriter{
+		ResponseWriter: w,
+		status:         http.StatusOK,
+	}
+}
+
+func (rw *ResponseWriter) WriteHeader(code int) {
+	rw.status = code
+	rw.ResponseWriter.WriteHeader(code)
+}
+
+func (rw *ResponseWriter) Status() int { return rw.status }
+
+func Audit(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+		start := time.Now()
+		rw := NewResponseWriter(w)
+
+		next.ServeHTTP(rw, r)
+
+		// ✅ AuthMiddleware sonrası burada claims VAR
+		var dfusrID int64
+		var username, roleCode string
+
+		if claims, ok := auth.GetClaimsFromContext(r.Context()); ok && claims != nil {
+			dfusrID = int64(claims.ID)
+			username = claims.Username
+			roleCode = claims.RoleCode // token’da varsa
+		}
+
+		entry := auditlog.ActivityLog{
+			DfUsrID:  dfusrID,
+			Username: username,
+			RoleCode: roleCode,
+
+			ActionType:     "route_access",
+			ActionCategory: "nav",
+			ActionTarget:   r.URL.Path,
+			Description:    r.Method + " " + r.URL.Path,
+
+			IpAddress: r.RemoteAddr,
+			UserAgent: r.UserAgent(),
+			SessionID: "",
+
+			RequestStartedAt:  start,
+			RequestFinishedAt: time.Now(),
+			DurationMs:        int(time.Since(start).Milliseconds()),
+			HttpStatus:        rw.Status(),
+			IsSuccess:         rw.Status() < 400,
+		}
+
+		auditlog.Write(entry)
+	})
+}