初步实现数据加密、权限管理、日志审计等功能

2026-02-02 10:09:28 +08:00
parent b6b37a453b
commit 807e634318
27 changed files with 3787 additions and 59 deletions
--- a/app/core/audit.py
+++ b/app/core/audit.py
@@ -1,3 +1,131 @@
-# Placeholder for audit logic
-async def log_audit_event(event_type: str, user_id: str, details: dict):
-    pass
+"""
+审计日志模块
+
+记录系统关键操作，用于安全审计和合规追踪
+"""
+from typing import Optional
+from datetime import datetime
+import logging
+
+logger = logging.getLogger(__name__)
+
+class AuditAction:
+    """审计操作类型常量"""
+    # 认证相关
+    LOGIN = "LOGIN"
+    LOGOUT = "LOGOUT"
+    REGISTER = "REGISTER"
+    PASSWORD_CHANGE = "PASSWORD_CHANGE"
+    
+    # 数据操作
+    CREATE = "CREATE"
+    READ = "READ"
+    UPDATE = "UPDATE"
+    DELETE = "DELETE"
+    
+    # 权限相关
+    PERMISSION_CHANGE = "PERMISSION_CHANGE"
+    ROLE_CHANGE = "ROLE_CHANGE"
+    
+    # 系统操作
+    CONFIG_CHANGE = "CONFIG_CHANGE"
+    SYSTEM_START = "SYSTEM_START"
+    SYSTEM_STOP = "SYSTEM_STOP"
+
+async def log_audit_event(
+    action: str,
+    user_id: Optional[int] = None,
+    username: Optional[str] = None,
+    resource_type: Optional[str] = None,
+    resource_id: Optional[str] = None,
+    ip_address: Optional[str] = None,
+    user_agent: Optional[str] = None,
+    request_method: Optional[str] = None,
+    request_path: Optional[str] = None,
+    request_data: Optional[dict] = None,
+    response_status: Optional[int] = None,
+    error_message: Optional[str] = None,
+    db = None  # 新增：可选的数据库实例
+):
+    """
+    记录审计日志
+    
+    Args:
+        action: 操作类型
+        user_id: 用户ID
+        username: 用户名
+        resource_type: 资源类型
+        resource_id: 资源ID
+        ip_address: IP地址
+        user_agent: User-Agent
+        request_method: 请求方法
+        request_path: 请求路径
+        request_data: 请求数据（敏感字段需脱敏）
+        response_status: 响应状态码
+        error_message: 错误消息
+        db: 数据库实例（可选，如果不提供则尝试获取）
+    """
+    from app.infra.repositories.audit_repository import AuditRepository
+    
+    try:
+        # 脱敏敏感数据
+        if request_data:
+            request_data = sanitize_sensitive_data(request_data)
+        
+        # 如果没有提供数据库实例，尝试获取（这在中间件中可能不可用）
+        if db is None:
+            # 在某些上下文中可能无法获取，此时静默失败
+            logger.warning("No database instance provided for audit logging")
+            return
+        
+        audit_repo = AuditRepository(db)
+        
+        await audit_repo.create_log(
+            user_id=user_id,
+            username=username,
+            action=action,
+            resource_type=resource_type,
+            resource_id=resource_id,
+            ip_address=ip_address,
+            user_agent=user_agent,
+            request_method=request_method,
+            request_path=request_path,
+            request_data=request_data,
+            response_status=response_status,
+            error_message=error_message
+        )
+        
+        logger.info(
+            f"Audit log created: action={action}, user={username or user_id}, "
+            f"resource={resource_type}:{resource_id}"
+        )
+    
+    except Exception as e:
+        # 审计日志失败不应影响业务流程
+        logger.error(f"Failed to create audit log: {e}", exc_info=True)
+
+def sanitize_sensitive_data(data: dict) -> dict:
+    """
+    脱敏敏感数据
+    
+    Args:
+        data: 原始数据
+        
+    Returns:
+        脱敏后的数据
+    """
+    sensitive_fields = [
+        'password', 'passwd', 'pwd',
+        'secret', 'token', 'api_key', 'apikey',
+        'credit_card', 'ssn', 'social_security'
+    ]
+    
+    sanitized = data.copy()
+    
+    for key in sanitized:
+        if isinstance(sanitized[key], dict):
+            sanitized[key] = sanitize_sensitive_data(sanitized[key])
+        elif any(sensitive in key.lower() for sensitive in sensitive_fields):
+            sanitized[key] = "***REDACTED***"
+    
+    return sanitized