feat: added activity log

handlers/passkeys.go

@@ -277,6 +277,7 @@ func PasskeyLoginFinish(w http.ResponseWriter, r *http.Request) {
 	}
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		log.Println("POST [api/passkeys/login/finish] " + r.RemoteAddr + ": " + err.Error())
+		RecordActivity(r, "", "", "auth.passkey_login.failed", "auth", "", "Invalid request", http.StatusBadRequest)
 		http.Error(w, "Invalid request", http.StatusBadRequest)
 		return
 	}
@@ -327,6 +328,7 @@ func PasskeyLoginFinish(w http.ResponseWriter, r *http.Request) {
 	}
 	if err != nil {
 		log.Println("POST [api/passkeys/login/finish] " + r.RemoteAddr + ": " + err.Error())
+		RecordActivity(r, user.ID, user.Username, "auth.passkey_login.failed", "auth", "", "Could not verify passkey login", http.StatusUnauthorized)
 		http.Error(w, "Could not verify passkey login", http.StatusUnauthorized)
 		return
 	}
@@ -338,6 +340,7 @@ func PasskeyLoginFinish(w http.ResponseWriter, r *http.Request) {
 	}
 
 	issueLoginSession(w, r, user)
+	RecordActivity(r, user.ID, user.Username, "auth.passkey_login.succeeded", "auth", "", "Passkey login succeeded", http.StatusOK)
 	log.Println("POST [api/passkeys/login/finish] " + r.RemoteAddr + ": Successfully logged in with passkey")
 }