MiauRizius/MiauInv
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 4 Wiki Activity

feat: added activity log

Browse Source
This commit is contained in:
miaurizius
2026-06-10 14:17:33 +02:00
parent 96f1a40266
commit 0442e4f699
16 changed files with 1027 additions and 579 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
server/server.go
View File

@@ -73,6 +73,7 @@ func (this *Server) Run() {
mux.Handle("/locations", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(frontend.Locations)))
mux.Handle("/projects", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(frontend.Projects)))
mux.Handle("/profile/settings", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(frontend.AccountSettings)))
mux.Handle("/profile/activity", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(frontend.Activity)))
mux.HandleFunc("/profile/", utils.RenderFile("frontend/htmx/under-construction.html"))
if this.AllowRegistration {
mux.HandleFunc("/register", utils.RenderFile("frontend/htmx/register.html"))
@@ -85,34 +86,43 @@ func (this *Server) Run() {
//
loginLimiter := newRateLimiter(10, time.Minute, 5*time.Minute)
accountLimiter := newRateLimiter(20, time.Minute, 2*time.Minute)
activityLimiter := newRateLimiter(60, time.Minute, 2*time.Minute)
authed := func(handler http.HandlerFunc) http.Handler {
return auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handler))
}
audited := func(entityType string, handler http.HandlerFunc) http.Handler {
return auth.AuthMiddleware(this.JWTSecret)(handlers.ActivityMiddleware(entityType, false)(http.HandlerFunc(handler)))
}
mux.Handle("/api/login", loginLimiter.Middleware(http.HandlerFunc(handlers.APILogin)))
mux.Handle("/api/login/2fa", loginLimiter.Middleware(http.HandlerFunc(handlers.APILoginTwoFactor)))
mux.Handle("/api/refresh", loginLimiter.Middleware(http.HandlerFunc(handlers.RefreshToken)))
mux.Handle("/api/logout", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.Logout)))
mux.Handle("/api/profile", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.UserInfo)))
mux.Handle("/api/2fa/setup", accountLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.TwoFactorSetup))))
mux.Handle("/api/2fa/enable", loginLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.TwoFactorEnable))))
mux.Handle("/api/2fa/disable", loginLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.TwoFactorDisable))))
mux.Handle("/api/2fa/recovery-codes/regenerate", loginLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.TwoFactorRegenerateRecoveryCodes))))
mux.Handle("/api/userinfo", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.UserInfo)))
mux.Handle("/api/account/username", accountLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.AccountUpdateUsername))))
mux.Handle("/api/account/password", loginLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.AccountUpdatePassword))))
mux.Handle("/api/passkeys", accountLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.Passkeys))))
mux.Handle("/api/passkeys/register/options", accountLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.PasskeyRegisterOptions))))
mux.Handle("/api/passkeys/register/finish", accountLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.PasskeyRegisterFinish))))
mux.Handle("/api/passkeys/disable", loginLimiter.Middleware(auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.PasskeyDisable))))
mux.Handle("/api/logout", auth.AuthMiddleware(this.JWTSecret)(handlers.ActivityMiddleware("auth", true)(http.HandlerFunc(handlers.Logout))))
mux.Handle("/api/profile", authed(handlers.UserInfo))
mux.Handle("/api/activity", activityLimiter.Middleware(authed(handlers.ActivityLog)))
mux.Handle("/api/2fa/setup", accountLimiter.Middleware(audited("security", handlers.TwoFactorSetup)))
mux.Handle("/api/2fa/enable", loginLimiter.Middleware(audited("security", handlers.TwoFactorEnable)))
mux.Handle("/api/2fa/disable", loginLimiter.Middleware(audited("security", handlers.TwoFactorDisable)))
mux.Handle("/api/2fa/recovery-codes/regenerate", loginLimiter.Middleware(audited("security", handlers.TwoFactorRegenerateRecoveryCodes)))
mux.Handle("/api/userinfo", authed(handlers.UserInfo))
mux.Handle("/api/account/username", accountLimiter.Middleware(audited("account", handlers.AccountUpdateUsername)))
mux.Handle("/api/account/password", loginLimiter.Middleware(audited("account", handlers.AccountUpdatePassword)))
mux.Handle("/api/passkeys", accountLimiter.Middleware(audited("security", handlers.Passkeys)))
mux.Handle("/api/passkeys/register/options", accountLimiter.Middleware(audited("security", handlers.PasskeyRegisterOptions)))
mux.Handle("/api/passkeys/register/finish", accountLimiter.Middleware(audited("security", handlers.PasskeyRegisterFinish)))
mux.Handle("/api/passkeys/disable", loginLimiter.Middleware(audited("security", handlers.PasskeyDisable)))
mux.Handle("/api/passkeys/login/options", loginLimiter.Middleware(http.HandlerFunc(handlers.PasskeyLoginOptions)))
mux.Handle("/api/passkeys/login/finish", loginLimiter.Middleware(http.HandlerFunc(handlers.PasskeyLoginFinish)))
if this.AllowRegistration {
mux.Handle("/api/register", loginLimiter.Middleware(http.HandlerFunc(handlers.APIRegister)))
}
mux.Handle("/api/item", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.Item)))
mux.Handle("/api/location", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.Location)))
mux.Handle("/api/project", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.Project)))
mux.Handle("/api/stock", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.Stock)))
mux.Handle("/api/association", auth.AuthMiddleware(this.JWTSecret)(http.HandlerFunc(handlers.Associations)))
mux.Handle("/api/item", audited("item", handlers.Item))
mux.Handle("/api/location", audited("location", handlers.Location))
mux.Handle("/api/project", audited("project", handlers.Project))
mux.Handle("/api/stock", audited("stock", handlers.Stock))
mux.Handle("/api/association", audited("association", handlers.Associations))
// Assets
mux.HandleFunc("/assets/", frontend.Assets)