63b97c14f2
feat(security): enhance CSRF, IP allowlist, and rate limiter with strict production checks
...
- CSRF: Require CSRF_SECRET in production, throw error on missing secret
- IP Allowlist: TRUST_PROXY must be explicitly set to 'true' for proxy headers
- Rate Limiter: Add proper proxy trust handling for client IP detection
- Login: Add browser form redirect support with safe URL validation
- Add custom admin login page with styled form
- Update CLAUDE.md with TRUST_PROXY documentation
- Update tests for new security behavior
BREAKING: Server will not start in production without CSRF_SECRET or PAYLOAD_SECRET
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-18 05:06:15 +00:00
7b8efcff38
fix: complete auth event audit logging
...
Addresses remaining gaps from the audit review:
1. Register afterForgotPassword hook in Users collection
- Password reset requests are now properly logged
- Fixed hook signature (uses context instead of req)
2. Create custom /api/auth/login endpoint
- Wraps native Payload login
- Logs failed login attempts via auditLoginFailed
- Returns proper error responses without exposing details
3. Export auditLoginFailed helper function
- Can be used by other custom auth handlers
- Calls logLoginFailed from audit-service
Now all critical auth events are tracked:
- Successful logins (afterLogin hook)
- Failed logins (custom /api/auth/login endpoint)
- Logouts (afterLogout hook)
- Password reset requests (afterForgotPassword hook)
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-07 21:31:11 +00:00
f667792ba7
fix: complete audit logging integration based on audit review
...
Fixes identified gaps from the monitoring & alerting audit:
1. Auth Events Integration:
- Add auditAuthEvents.ts hook for login/logout tracking
- Integrate afterLogin and afterLogout hooks in Users collection
- Log successful logins, logouts, and password reset requests
2. Rate-Limit Logging:
- Add logRateLimit calls to /api/send-email endpoint
- Log when users exceed rate limits
3. Access-Denied Logging:
- Add logAccessDenied calls to all protected endpoints:
- /api/send-email
- /api/email-logs/export
- /api/email-logs/stats
4. Tenant Delete Sanitizing Fix:
- Extract sanitizeTenantDoc as reusable function
- Apply sanitization to auditTenantAfterDelete hook
- SMTP passwords are now properly masked in delete audit logs
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-07 21:24:28 +00:00
6bbbea52fc
feat: implement monitoring & alerting system
...
- Add AuditLogs collection for tracking critical system actions
- User changes (create, update, delete)
- Tenant changes with sensitive data masking
- Login events tracking
- Add Alert Service with multi-channel support
- Email, Slack, Discord, Console channels
- Configurable alert levels (info, warning, error, critical)
- Environment-based configuration
- Add Email failure alerting
- Automatic alerts on repeated failed emails
- Per-tenant failure counting with hourly reset
- Add Email-Logs API endpoints
- GET /api/email-logs/export (CSV/JSON export)
- GET /api/email-logs/stats (statistics with filters)
- Add audit hooks for Users and Tenants collections
- Update TODO.md with completed monitoring tasks
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-07 20:58:20 +00:00
dbe36ad381
feat: add super admin role and update documentation
...
- Add isSuperAdmin field to Users collection with migration
- Update API documentation with analytics examples
- Add analytics implementation guide
- Update TODO with completed tasks
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-05 14:26:08 +00:00
9d6cb7e61b
Initial commit
2025-11-26 21:18:31 +00:00
