mirror of
https://github.com/zvx-echo6/central.git
synced 2026-05-21 18:14:44 +02:00
f059f982bc
- Add migrations 007-010 for system config, operators, sessions, audit_log - Implement argon2id password hashing via argon2-cffi - Implement session-based authentication with database-stored tokens - Add SetupGateMiddleware to redirect to /setup until first operator created - Add SessionMiddleware to load session from cookie and attach operator - Create /setup, /login, /logout, /change-password routes with CSRF protection - Add periodic session cleanup task (hourly) - Add audit logging for auth events - Update systemd unit with EnvironmentFile for /etc/central/central.env - Add comprehensive tests for auth, middleware, and audit modules Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
15 lines
509 B
SQL
15 lines
509 B
SQL
-- Migration 010: Add config.audit_log table
|
|
-- Idempotent per docs/migrations.md
|
|
|
|
CREATE TABLE IF NOT EXISTS config.audit_log (
|
|
id BIGSERIAL PRIMARY KEY,
|
|
ts TIMESTAMPTZ NOT NULL DEFAULT now(),
|
|
operator_id BIGINT REFERENCES config.operators(id) ON DELETE SET NULL,
|
|
action TEXT NOT NULL,
|
|
target TEXT,
|
|
before JSONB,
|
|
after JSONB
|
|
);
|
|
|
|
CREATE INDEX IF NOT EXISTS audit_log_ts_idx ON config.audit_log(ts DESC);
|
|
CREATE INDEX IF NOT EXISTS audit_log_action_idx ON config.audit_log(action);
|