mporwoll/cms.c2sgmbh
1
0
Fork 0
mirror of https://github.com/complexcaresolutions/cms.c2sgmbh.git synced 2026-03-18 05:04:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
222 commits 17 branches 0 tags 17 MiB
Commit graph

116 commits

Author SHA1 Message Date
Martin Porwoll
47d912016b fix: eliminate duplicate audit entries and add proper client context 
- Extend logLoginFailed to accept ClientInfo directly (not just PayloadRequest)
- Add logPasswordReset function for password reset audit logging
- Remove duplicate manual payload.create calls in login routes
- Implement real fallback in auditAfterForgotPassword with structured JSON log
- Login routes now create single audit entry with full IP/User-Agent context

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-07 22:07:52 +00:00
Martin Porwoll
dfb35566b7 fix: correct auth audit logging - use args.req.payload and override native login 
- Fix afterForgotPassword hook to read payload from args.req.payload instead of context
- Create /api/users/login route to override native Payload login endpoint
- Add IP/User-Agent context to failed login audit entries
- Update /api/auth/login with consistent client info logging

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-07 22:00:36 +00:00
Martin Porwoll
7b8efcff38 fix: complete auth event audit logging 
Addresses remaining gaps from the audit review:

1. Register afterForgotPassword hook in Users collection
   - Password reset requests are now properly logged
   - Fixed hook signature (uses context instead of req)

2. Create custom /api/auth/login endpoint
   - Wraps native Payload login
   - Logs failed login attempts via auditLoginFailed
   - Returns proper error responses without exposing details

3. Export auditLoginFailed helper function
   - Can be used by other custom auth handlers
   - Calls logLoginFailed from audit-service

Now all critical auth events are tracked:
- Successful logins (afterLogin hook)
- Failed logins (custom /api/auth/login endpoint)
- Logouts (afterLogout hook)
- Password reset requests (afterForgotPassword hook)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-07 21:31:11 +00:00
Martin Porwoll
f667792ba7 fix: complete audit logging integration based on audit review 
Fixes identified gaps from the monitoring & alerting audit:

1. Auth Events Integration:
   - Add auditAuthEvents.ts hook for login/logout tracking
   - Integrate afterLogin and afterLogout hooks in Users collection
   - Log successful logins, logouts, and password reset requests

2. Rate-Limit Logging:
   - Add logRateLimit calls to /api/send-email endpoint
   - Log when users exceed rate limits

3. Access-Denied Logging:
   - Add logAccessDenied calls to all protected endpoints:
     - /api/send-email
     - /api/email-logs/export
     - /api/email-logs/stats

4. Tenant Delete Sanitizing Fix:
   - Extract sanitizeTenantDoc as reusable function
   - Apply sanitization to auditTenantAfterDelete hook
   - SMTP passwords are now properly masked in delete audit logs

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-07 21:24:28 +00:00
Martin Porwoll
6bbbea52fc feat: implement monitoring & alerting system 
- Add AuditLogs collection for tracking critical system actions
  - User changes (create, update, delete)
  - Tenant changes with sensitive data masking
  - Login events tracking

- Add Alert Service with multi-channel support
  - Email, Slack, Discord, Console channels
  - Configurable alert levels (info, warning, error, critical)
  - Environment-based configuration

- Add Email failure alerting
  - Automatic alerts on repeated failed emails
  - Per-tenant failure counting with hourly reset

- Add Email-Logs API endpoints
  - GET /api/email-logs/export (CSV/JSON export)
  - GET /api/email-logs/stats (statistics with filters)

- Add audit hooks for Users and Tenants collections
- Update TODO.md with completed monitoring tasks

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-07 20:58:20 +00:00
Martin Porwoll
19fcb4d837 feat: implement multi-tenant email system with logging 
- Add Payload email adapter for system emails (auth, password reset)
- Add EmailLogs collection for tracking all sent emails
- Extend Tenants collection with SMTP configuration fields
- Implement tenant-specific email service with transporter caching
- Add /api/send-email endpoint with:
  - Authentication required
  - Tenant access control (users can only send for their tenants)
  - Rate limiting (10 emails/minute per user)
- Add form submission notification hook with email logging
- Add cache invalidation hook for tenant email config changes

Security:
- SMTP passwords are never returned in API responses
- Passwords are preserved when field is left empty on update
- Only super admins can delete email logs

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-07 20:16:54 +00:00
Martin Porwoll
cef310c1f6 feat: add Portfolio and PortfolioCategories collections 
Add collections for photography portfolio website:
- PortfolioCategories: categories with name, slug, cover image, order
- Portfolios: galleries with images, project details, SEO fields
- Both collections are tenant-scoped and localized (DE/EN)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-06 07:19:19 +00:00
Martin Porwoll
d053eec21a feat: Redis caching integration 2025-12-05 16:49:57 +00:00
Martin Porwoll
dbe36ad381 feat: add super admin role and update documentation 
- Add isSuperAdmin field to Users collection with migration
- Update API documentation with analytics examples
- Add analytics implementation guide
- Update TODO with completed tasks

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-05 14:26:08 +00:00
Martin Porwoll
d18e58de40 chore: add jobs, backups, and migration history 
Jobs:
- Add consentRetentionJob.ts for GDPR consent cleanup
- Add scheduler.ts for background job scheduling

Backups:
- Add database backup files for recovery

Migration backups:
- Archive old migration files for reference

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-01 08:24:26 +00:00
Martin Porwoll
eac43f9846 chore: update migrations for localization schema 
- Remove old migrations (pre-localization)
- Add 20251130_213501_initial_with_localization migration
- Update migrations index
- Remove unused graphql-playground route

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-01 08:20:06 +00:00
Martin Porwoll
51c340e9e7 feat: add i18n, SEO, and frontend infrastructure 
Localization:
- Add middleware for locale detection/routing
- Add [locale] dynamic route structure
- Add i18n utility library (DE/EN support)

SEO & Discovery:
- Add robots.ts for search engine directives
- Add sitemap.ts for XML sitemap generation
- Add structuredData.ts for JSON-LD schemas

Utilities:
- Add search.ts for full-text search functionality
- Add tenantAccess.ts for multi-tenant access control
- Add envValidation.ts for environment validation

Frontend:
- Update layout.tsx with locale support
- Update page.tsx for localized content
- Add API routes for frontend functionality
- Add instrumentation.ts for monitoring

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-01 08:19:35 +00:00
Martin Porwoll
95c9d2a4bc feat: add content blocks and global settings 
Blocks for page builder:
- HeroBlock: hero sections with CTA
- TextBlock: rich text content
- ImageTextBlock: image with text layout
- CardGridBlock: grid of cards
- CTABlock: call-to-action sections
- QuoteBlock: testimonial quotes
- VideoBlock: embedded videos
- DividerBlock: visual separators
- ContactFormBlock: contact forms
- NewsletterBlock: newsletter signup
- ProcessStepsBlock: step-by-step processes
- TimelineBlock: timeline displays
- TestimonialsBlock: testimonial carousels
- PostsListBlock: blog post listings

Globals:
- Navigation: site navigation structure
- SiteSettings: general site configuration
- SEOSettings: default SEO settings per tenant

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-01 08:19:15 +00:00
Martin Porwoll
885ec93748 feat: add content collections for multi-tenant CMS 
New collections:
- Categories: hierarchical content categorization
- Pages: flexible page builder with blocks
- Posts: blog/news articles with SEO
- Testimonials: customer reviews/quotes

Cookie & Consent management:
- ConsentLogs: GDPR consent tracking
- CookieConfigurations: per-tenant cookie settings
- CookieInventory: cookie registry

Additional:
- NewsletterSubscribers: email subscription management
- PrivacyPolicySettings: privacy policy configuration
- SocialLinks: social media links

Update Media collection with tenant support and image variants

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-01 08:18:58 +00:00
Martin Porwoll
82c89f1494 chore: update core configuration and dependencies 
- Update payload.config.ts with new collections, blocks, and globals
- Configure i18n with DE/EN localization support
- Add multi-tenant plugin configuration
- Update ecosystem.config.cjs for PM2
- Regenerate payload-types.ts and importMap.js
- Add prettier configuration

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-01 08:18:41 +00:00
Martin Porwoll
9d6cb7e61b Initial commit 2025-11-26 21:18:31 +00:00