Skip to content

feat(activity): implement user activity logging system

Gunaputra Nagendra Pavan Yedida requested to merge gunapavan/corpus-server-app:feat/user-activity-logging into main

Summary

  • Adds ActivityLog model and activitylog table to persist user activity events
  • Implements ActionType enum (stored as VARCHAR) covering 10 action types: LOGIN, LOGIN_OTP, LOGIN_FAILED, SIGNUP, PASSWORD_CHANGED, PASSWORD_RESET, ROLE_ASSIGNED, ROLE_REVOKED, USER_ACTIVATED, USER_DEACTIVATED
  • Adds log_activity() service helper used across endpoint hooks
  • Hooks into auth.py: password/OTP login, signup, password change and admin reset
  • Hooks into users.py: role assignment/revocation, user activation/deactivation
  • Adds GET /activity-logs/ endpoint (admin only) with filters: user_id, action, from_date, to_date, skip, limit
  • Adds Alembic migration f1a2b3c4d5e6

Test plan

  • POST /auth/login with correct credentials — confirm LOGIN entry logged with user_id and ip_address
  • POST /auth/login with wrong password — confirm LOGIN_FAILED entry logged with user_id: null and phone in event_data
  • GET /activity-logs/ — confirm logs returned newest first (admin token required)
  • GET /activity-logs/?action=LOGIN_FAILED — confirm action filter works
  • PUT /users/{id}/roles/add — confirm ROLE_ASSIGNED logged with target_user_id and role_id
  • DELETE /users/{id}/roles/{role_id} — confirm ROLE_REVOKED logged
  • PUT /users/{id} with is_active: false — confirm USER_DEACTIVATED logged
  • PUT /users/{id} with is_active: true — confirm USER_ACTIVATED logged
  • Run alembic upgrade f1a2b3c4d5e6 — confirm activitylog table created cleanly

Closes #53

Edited by Gunaputra Nagendra Pavan Yedida

Merge request reports