Additional security and hardening.

2025-03-31 15:14:16 +01:00
parent c3a7480c65
commit 7eefb9ced0
13 changed files with 274 additions and 47 deletions
--- a/handlers/admin/audit.go
+++ b/handlers/admin/audit.go
@@ -0,0 +1,54 @@
+package handlers
+
+import (
+	"database/sql"
+	"html/template"
+	"log"
+	"net/http"
+	"synlotto-website/helpers"
+	"synlotto-website/middleware"
+)
+
+type AdminLogEntry struct {
+	AccessedAt string
+	UserID     int
+	Path       string
+	IP         string
+	UserAgent  string
+}
+
+func AdminAccessLogHandler(db *sql.DB) http.HandlerFunc {
+	return middleware.Auth(true)(func(w http.ResponseWriter, r *http.Request) {
+		context := helpers.TemplateContext(w, r)
+
+		rows, err := db.Query(`
+			SELECT accessed_at, user_id, path, ip, user_agent
+			FROM admin_access_log
+			ORDER BY accessed_at DESC
+			LIMIT 100
+		`)
+		if err != nil {
+			log.Println("⚠️ Failed to load admin access logs:", err)
+			http.Error(w, "Error loading logs", http.StatusInternalServerError)
+			return
+		}
+		defer rows.Close()
+
+		var logs []AdminLogEntry
+		for rows.Next() {
+			var entry AdminLogEntry
+			if err := rows.Scan(&entry.AccessedAt, &entry.UserID, &entry.Path, &entry.IP, &entry.UserAgent); err != nil {
+				log.Println("⚠️ Scan failed:", err)
+				continue
+			}
+			logs = append(logs, entry)
+		}
+		context["AuditLogs"] = logs
+
+		tmpl := template.Must(template.New("").Funcs(helpers.TemplateFuncs()).ParseFiles(
+			"templates/layout.html",
+			"templates/admin/access_log.html",
+		))
+		_ = tmpl.ExecuteTemplate(w, "layout", context)
+	})
+}