Add system phase 4 audits

- Add audit logging for system maintenance operations (cache/orphaned images/manual cleanup) - Log account deletion request handling (requests/confirm/cancel) - Log security actions (admin password resets, MFA enforcement changes, account lockouts)
2025-12-21 17:31:12 -05:00 · 2025-11-11 14:49:11 +00:00
parent 466c549e4a
commit 82b85e3284
5 changed files with 62 additions and 0 deletions
--- a/src/lib/identityService.ts
+++ b/src/lib/identityService.ts
@@ -257,6 +257,21 @@ export async function addPasswordToAccount(): Promise<IdentityOperationResult> {
      method: 'reset_password_flow',
      timestamp: new Date().toISOString()
    });
+
+    // Log to admin audit trail for security tracking
+    try {
+      const { logAdminAction } = await import('@/lib/adminActionAuditHelpers');
+      await logAdminAction(
+        'password_setup_initiated',
+        {
+          method: 'reset_password_email',
+          email: userEmail,
+          has_oauth: true, // If they're adding password, they must have OAuth
+        }
+      );
+    } catch (auditError) {
+      // Non-critical - don't fail operation if audit logging fails
+    }
    
    return { 
      success: true,