**Title:** `[Middleware] Implement audit log for all admin and fund-moving actions` **Tags:** `backend`, `middleware`, `security`, `feature` **Description:** Record an immutable audit trail of all sensitive actions for compliance and incident response. **Acceptance Criteria:** - [ ] `audit-log.middleware.ts` attaches to all `/admin/*`, `/wallet/withdraw`, `/disputes/*` routes. - [ ] Logs: `userId`, `ip`, `method`, `path`, `requestBody` (sanitised — no passwords/tokens), `responseStatus`, `timestamp`. - [ ] Records stored in `audit_logs` DB table (append-only, no DELETE route). - [ ] `GET /admin/audit-logs` (admin) — paginated with filters by `userId`, `action`, date range. - [ ] Integration test: admin action → audit log entry created. **Files:** `src/middleware/audit-log.middleware.ts`, `src/routes/admin.routes.ts` ---
Title:
[Middleware] Implement audit log for all admin and fund-moving actionsTags:
backend,middleware,security,featureDescription:
Record an immutable audit trail of all sensitive actions for compliance and incident response.
Acceptance Criteria:
audit-log.middleware.tsattaches to all/admin/*,/wallet/withdraw,/disputes/*routes.userId,ip,method,path,requestBody(sanitised — no passwords/tokens),responseStatus,timestamp.audit_logsDB table (append-only, no DELETE route).GET /admin/audit-logs(admin) — paginated with filters byuserId,action, date range.Files:
src/middleware/audit-log.middleware.ts,src/routes/admin.routes.ts