Issue #59 — Audit logging middleware

**Title:** `[Middleware] Implement audit log for all admin and fund-moving actions`

**Tags:** `backend`, `middleware`, `security`, `feature`

**Description:**
Record an immutable audit trail of all sensitive actions for compliance and incident response.

**Acceptance Criteria:**
- [ ] `audit-log.middleware.ts` attaches to all `/admin/*`, `/wallet/withdraw`, `/disputes/*` routes.
- [ ] Logs: `userId`, `ip`, `method`, `path`, `requestBody` (sanitised — no passwords/tokens), `responseStatus`, `timestamp`.
- [ ] Records stored in `audit_logs` DB table (append-only, no DELETE route).
- [ ] `GET /admin/audit-logs` (admin) — paginated with filters by `userId`, `action`, date range.
- [ ] Integration test: admin action → audit log entry created.

**Files:** `src/middleware/audit-log.middleware.ts`, `src/routes/admin.routes.ts`

---

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Issue #59 — Audit logging middleware #456

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue #59 — Audit logging middleware #456

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions