feat(4-5/4-6): audit logging + zero-data-retention headers
Some checks failed
CI / Lint, Unit Tests & Build (push) Successful in 5m39s
CI / Deploy production (on server) (push) Failing after 18s

Audit Logging (story 4-6):
- Nouveau modèle AuditLog (userId, action, resource, metadata, ip, createdAt)
- Migration 20260529143000_add_audit_log appliquée
- lib/audit-log.ts : logAuditEvent (fire-and-forget) + logAuditEventAsync + getClientIp
- auth.ts : LOG LOGIN / LOGOUT / USER_CREATED sur chaque event NextAuth
- /api/chat : log AI_REQUEST avec tokens + byok flag dans onFinish
- /api/agents/run-for-note : log AI_REQUEST avec featureKey + noteId

Zero-data-retention (story 4-5):
- OpenAI provider : header OpenAI-No-Training: 1
- Anthropic provider : header Anthropic-No-Train: 1
- DeepSeek provider : header X-No-Train: 1

sprint-status: 4-5 et 4-6 → done

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
Antigravity
2026-05-29 14:36:06 +00:00
parent cd54a983c3
commit 5703d5bd49
10 changed files with 141 additions and 3 deletions

View File

@@ -2,6 +2,7 @@ import { NextRequest, NextResponse } from 'next/server'
import { auth } from '@/auth'
import { prisma } from '@/lib/prisma'
import { checkEntitlementOrThrow, QuotaExceededError, incrementUsageAsync } from '@/lib/entitlements'
import { logAuditEvent, getClientIp } from '@/lib/audit-log'
type GenerateType = 'slide-generator' | 'excalidraw-generator'
@@ -107,6 +108,14 @@ export async function POST(req: NextRequest) {
.then(({ executeAgent }) => executeAgent(agent.id, userId))
.catch(err => console.error('[run-for-note] Background agent error:', err))
logAuditEvent({
userId,
action: 'AI_REQUEST',
resource: featureKey,
metadata: { agentId: agent.id, noteId, featureKey },
ip: getClientIp(req),
})
return NextResponse.json({ success: true, agentId: agent.id, status: 'running' })
}

View File

@@ -12,6 +12,7 @@ import { checkEntitlementOrThrow, QuotaExceededError, incrementUsageAsync } from
import { trackFeatureUsage } from '@/lib/usage-tracker'
import { readFile } from 'fs/promises'
import path from 'path'
import { logAuditEvent, getClientIp } from '@/lib/audit-log'
export const maxDuration = 60
@@ -433,6 +434,13 @@ Focus ONLY on this note unless asked otherwise.`
trackFeatureUsage(userId, 'chat', final.usage?.totalTokens ?? 0)
incrementUsageAsync(userId, 'chat')
}
logAuditEvent({
userId,
action: 'AI_REQUEST',
resource: 'chat',
metadata: { tokens: final.usage?.totalTokens, byok: usedByok },
ip: getClientIp(req),
})
},
}),
)