Audit Logging
Track user actions for compliance and debugging.
Using StartAudit
func (c *UserController) CreateUser(ctx *gin.Context) {
var req CreateUserRequest
if err := ctx.ShouldBindJSON(&req); err != nil {
util.RespondWithError(ctx, util.NewErrorMessage("E4001", "Invalid request", err))
return
}
var user *model.User
err := c.svc.StartAudit(ctx, "", func(auditLog *model.AuditLog) error {
// Perform operation
user, err = c.svc.User().Create(ctx.Request.Context(), req)
// Configure audit log
auditLog.ResourceType = "user"
auditLog.ResourceID = user.ResourceID
auditLog.Action = "create"
auditLog.Details = map[string]interface{}{
"username": user.Username,
"email": user.Email,
}
return err
})
if err != nil {
util.RespondWithError(ctx, util.NewErrorMessage("E5001", "Failed to create user", err))
return
}
util.RespondWithSuccess(ctx, http.StatusCreated, user)
}
Automatically Captured
- User ID and username
- IP address
- Geolocation (country, city)
- User agent
- Timestamp
- Success/failure status
What You Provide
- Resource type (
user,product, etc.) - Resource ID
- Action (
create,update,delete, etc.) - Details (optional additional context)
Common Actions
create- Resource createdupdate- Resource updateddelete- Resource deletedlogin- User logged inlogout- User logged outread- Sensitive data accessed
Audit Log Example
{
"id": "audit-uuid",
"user_id": "user-uuid",
"username": "john.doe",
"resource_type": "user",
"resource_id": "new-user-uuid",
"action": "create",
"ip_address": "203.0.113.42",
"country": "United States",
"city": "New York",
"details": {
"username": "jane.doe",
"email": "[email protected]"
},
"created_at": "2024-01-01T12:00:00Z"
}
Best Practices
- Log all important operations (CUD operations)
- Include relevant details
- Don't log sensitive data (passwords, tokens)
- Use consistent action names
- Provide context in details field