32 lines
845 B
TypeScript
32 lines
845 B
TypeScript
import { FastifyInstance } from "fastify"
|
|
import { db } from "../db"
|
|
import { auditLog } from "../db/schema"
|
|
import { desc } from "drizzle-orm"
|
|
|
|
export default async function auditLogRoutes(fastify: FastifyInstance) {
|
|
fastify.addHook("preHandler", async (request, reply) => {
|
|
try {
|
|
await request.jwtVerify()
|
|
} catch (err) {
|
|
return reply.code(401).send({ message: "Unauthorized" })
|
|
}
|
|
})
|
|
|
|
const isAdmin = (request: any) => {
|
|
return (request.user as { sub: string, role: string })?.role === "admin"
|
|
}
|
|
|
|
fastify.get("/", async (request, reply) => {
|
|
if (!isAdmin(request)) {
|
|
return reply.code(403).send({ message: "Forbidden: Admin role required" })
|
|
}
|
|
|
|
const logs = await db
|
|
.select()
|
|
.from(auditLog)
|
|
.orderBy(desc(auditLog.createdAt))
|
|
.limit(100)
|
|
|
|
return logs
|
|
})
|
|
} |