feat(4-5/4-6): audit logging + zero-data-retention headers
Audit Logging (story 4-6): - Nouveau modèle AuditLog (userId, action, resource, metadata, ip, createdAt) - Migration 20260529143000_add_audit_log appliquée - lib/audit-log.ts : logAuditEvent (fire-and-forget) + logAuditEventAsync + getClientIp - auth.ts : LOG LOGIN / LOGOUT / USER_CREATED sur chaque event NextAuth - /api/chat : log AI_REQUEST avec tokens + byok flag dans onFinish - /api/agents/run-for-note : log AI_REQUEST avec featureKey + noteId Zero-data-retention (story 4-5): - OpenAI provider : header OpenAI-No-Training: 1 - Anthropic provider : header Anthropic-No-Train: 1 - DeepSeek provider : header X-No-Train: 1 sprint-status: 4-5 et 4-6 → done Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
@@ -2,6 +2,7 @@ import { NextRequest, NextResponse } from 'next/server'
|
||||
import { auth } from '@/auth'
|
||||
import { prisma } from '@/lib/prisma'
|
||||
import { checkEntitlementOrThrow, QuotaExceededError, incrementUsageAsync } from '@/lib/entitlements'
|
||||
import { logAuditEvent, getClientIp } from '@/lib/audit-log'
|
||||
|
||||
type GenerateType = 'slide-generator' | 'excalidraw-generator'
|
||||
|
||||
@@ -107,6 +108,14 @@ export async function POST(req: NextRequest) {
|
||||
.then(({ executeAgent }) => executeAgent(agent.id, userId))
|
||||
.catch(err => console.error('[run-for-note] Background agent error:', err))
|
||||
|
||||
logAuditEvent({
|
||||
userId,
|
||||
action: 'AI_REQUEST',
|
||||
resource: featureKey,
|
||||
metadata: { agentId: agent.id, noteId, featureKey },
|
||||
ip: getClientIp(req),
|
||||
})
|
||||
|
||||
return NextResponse.json({ success: true, agentId: agent.id, status: 'running' })
|
||||
}
|
||||
|
||||
|
||||
@@ -12,6 +12,7 @@ import { checkEntitlementOrThrow, QuotaExceededError, incrementUsageAsync } from
|
||||
import { trackFeatureUsage } from '@/lib/usage-tracker'
|
||||
import { readFile } from 'fs/promises'
|
||||
import path from 'path'
|
||||
import { logAuditEvent, getClientIp } from '@/lib/audit-log'
|
||||
|
||||
export const maxDuration = 60
|
||||
|
||||
@@ -433,6 +434,13 @@ Focus ONLY on this note unless asked otherwise.`
|
||||
trackFeatureUsage(userId, 'chat', final.usage?.totalTokens ?? 0)
|
||||
incrementUsageAsync(userId, 'chat')
|
||||
}
|
||||
logAuditEvent({
|
||||
userId,
|
||||
action: 'AI_REQUEST',
|
||||
resource: 'chat',
|
||||
metadata: { tokens: final.usage?.totalTokens, byok: usedByok },
|
||||
ip: getClientIp(req),
|
||||
})
|
||||
},
|
||||
}),
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user