MCP JSON Database Server
by yusuferenkt
- mcp-database
- src
audit.js•7.42 kB
// Audit Log Sistemi
import fs from 'fs/promises';
import path from 'path';
import { fileURLToPath } from 'url';
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
const AUDIT_LOG_PATH = path.join(__dirname, '..', 'data', 'audit_logs.json');
/**
* Audit log seviyeler
*/
export const AUDIT_LEVELS = {
INFO: 'info',
WARN: 'warn',
ERROR: 'error',
SECURITY: 'security',
CRITICAL: 'critical'
};
/**
* Audit log kategorileri
*/
export const AUDIT_CATEGORIES = {
AUTH: 'authentication',
USER_MGMT: 'user_management',
DATA_ACCESS: 'data_access',
PERMISSION: 'permission',
SYSTEM: 'system',
SECURITY: 'security'
};
/**
* Audit log yapısı
*/
function createAuditEntry(userId, userRole, action, category, level, details = {}) {
return {
id: generateAuditId(),
timestamp: new Date().toISOString(),
userId: userId || null,
userRole: userRole || null,
action,
category,
level,
details,
ipAddress: details.ipAddress || 'unknown',
userAgent: details.userAgent || 'MCP-Client',
sessionId: details.sessionId || null
};
}
/**
* Audit ID oluşturur
*/
function generateAuditId() {
return `audit_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
}
/**
* Audit log dosyasını okur
*/
async function readAuditLogs() {
try {
const data = await fs.readFile(AUDIT_LOG_PATH, 'utf8');
return JSON.parse(data);
} catch (error) {
if (error.code === 'ENOENT') {
// Dosya yoksa boş array döndür
return { logs: [] };
}
console.error('Audit log okuma hatası:', error);
return { logs: [] };
}
}
/**
* Audit log dosyasını yazar
*/
async function writeAuditLogs(auditData) {
try {
await fs.writeFile(AUDIT_LOG_PATH, JSON.stringify(auditData, null, 2), 'utf8');
return true;
} catch (error) {
console.error('Audit log yazma hatası:', error);
return false;
}
}
/**
* Audit log kaydı oluşturur
*/
export async function logAudit(userId, userRole, action, category, level = AUDIT_LEVELS.INFO, details = {}) {
try {
const auditData = await readAuditLogs();
const logEntry = createAuditEntry(userId, userRole, action, category, level, details);
auditData.logs.push(logEntry);
// Son 1000 log'u tut (performans için)
if (auditData.logs.length > 1000) {
auditData.logs = auditData.logs.slice(-1000);
}
await writeAuditLogs(auditData);
// Kritik olayları console'a da yazdır
if (level === AUDIT_LEVELS.CRITICAL || level === AUDIT_LEVELS.SECURITY) {
console.log(`[AUDIT-${level.toUpperCase()}] ${action} - User: ${userId} (${userRole})`);
}
return logEntry;
} catch (error) {
console.error('Audit log hatası:', error);
return null;
}
}
/**
* Belirli bir kullanıcının audit loglarını getirir
*/
export async function getUserAuditLogs(userId, limit = 50) {
try {
const auditData = await readAuditLogs();
return auditData.logs
.filter(log => log.userId === userId)
.slice(-limit)
.reverse();
} catch (error) {
console.error('Kullanıcı audit log hatası:', error);
return [];
}
}
/**
* Belirli bir tarih aralığındaki audit logları getirir
*/
export async function getAuditLogsByDateRange(startDate, endDate, limit = 100) {
try {
const auditData = await readAuditLogs();
const start = new Date(startDate);
const end = new Date(endDate);
return auditData.logs
.filter(log => {
const logDate = new Date(log.timestamp);
return logDate >= start && logDate <= end;
})
.slice(-limit)
.reverse();
} catch (error) {
console.error('Tarih aralığı audit log hatası:', error);
return [];
}
}
/**
* Belirli bir kategorideki audit logları getirir
*/
export async function getAuditLogsByCategory(category, limit = 100) {
try {
const auditData = await readAuditLogs();
return auditData.logs
.filter(log => log.category === category)
.slice(-limit)
.reverse();
} catch (error) {
console.error('Kategori audit log hatası:', error);
return [];
}
}
/**
* Tüm audit logları getirir (admin için)
*/
export async function getAllAuditLogs(limit = 200) {
try {
const auditData = await readAuditLogs();
return auditData.logs
.slice(-limit)
.reverse();
} catch (error) {
console.error('Tüm audit log hatası:', error);
return [];
}
}
/**
* Güvenlik olayları için hızlı log fonksiyonları
*/
export const auditLogger = {
// Kimlik doğrulama olayları
loginSuccess: (userId, userRole, details = {}) =>
logAudit(userId, userRole, 'LOGIN_SUCCESS', AUDIT_CATEGORIES.AUTH, AUDIT_LEVELS.INFO, details),
loginFailed: (email, details = {}) =>
logAudit(null, null, 'LOGIN_FAILED', AUDIT_CATEGORIES.AUTH, AUDIT_LEVELS.WARN, { email, ...details }),
logout: (userId, userRole, details = {}) =>
logAudit(userId, userRole, 'LOGOUT', AUDIT_CATEGORIES.AUTH, AUDIT_LEVELS.INFO, details),
tokenExpired: (userId, userRole, details = {}) =>
logAudit(userId, userRole, 'TOKEN_EXPIRED', AUDIT_CATEGORIES.AUTH, AUDIT_LEVELS.INFO, details),
// Kullanıcı yönetimi olayları
userCreated: (creatorId, creatorRole, targetUserId, details = {}) =>
logAudit(creatorId, creatorRole, 'USER_CREATED', AUDIT_CATEGORIES.USER_MGMT, AUDIT_LEVELS.INFO, { targetUserId, ...details }),
userUpdated: (updaterId, updaterRole, targetUserId, details = {}) =>
logAudit(updaterId, updaterRole, 'USER_UPDATED', AUDIT_CATEGORIES.USER_MGMT, AUDIT_LEVELS.INFO, { targetUserId, ...details }),
userDeleted: (deleterId, deleterRole, targetUserId, details = {}) =>
logAudit(deleterId, deleterRole, 'USER_DELETED', AUDIT_CATEGORIES.USER_MGMT, AUDIT_LEVELS.WARN, { targetUserId, ...details }),
passwordChanged: (userId, userRole, details = {}) =>
logAudit(userId, userRole, 'PASSWORD_CHANGED', AUDIT_CATEGORIES.SECURITY, AUDIT_LEVELS.INFO, details),
// Veri erişimi olayları
dataAccessed: (userId, userRole, resource, details = {}) =>
logAudit(userId, userRole, 'DATA_ACCESSED', AUDIT_CATEGORIES.DATA_ACCESS, AUDIT_LEVELS.INFO, { resource, ...details }),
sensitiveDataAccessed: (userId, userRole, resource, details = {}) =>
logAudit(userId, userRole, 'SENSITIVE_DATA_ACCESSED', AUDIT_CATEGORIES.DATA_ACCESS, AUDIT_LEVELS.WARN, { resource, ...details }),
// Yetki olayları
permissionDenied: (userId, userRole, action, requiredPermission, details = {}) =>
logAudit(userId, userRole, 'PERMISSION_DENIED', AUDIT_CATEGORIES.PERMISSION, AUDIT_LEVELS.WARN, { action, requiredPermission, ...details }),
unauthorizedAccess: (userId, userRole, action, details = {}) =>
logAudit(userId, userRole, 'UNAUTHORIZED_ACCESS', AUDIT_CATEGORIES.SECURITY, AUDIT_LEVELS.CRITICAL, { action, ...details }),
// Sistem olayları
systemStarted: (details = {}) =>
logAudit(null, null, 'SYSTEM_STARTED', AUDIT_CATEGORIES.SYSTEM, AUDIT_LEVELS.INFO, details),
systemStopped: (details = {}) =>
logAudit(null, null, 'SYSTEM_STOPPED', AUDIT_CATEGORIES.SYSTEM, AUDIT_LEVELS.INFO, details),
configChanged: (userId, userRole, details = {}) =>
logAudit(userId, userRole, 'CONFIG_CHANGED', AUDIT_CATEGORIES.SYSTEM, AUDIT_LEVELS.WARN, details)
};
Implementation Reference
Latest Blog Posts
- MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic InfrastructureBy Om-Shree-0709 on .mcpanthropicLinux Foundation
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/yusuferenkt/mcp-database'
If you have feedback or need assistance with the MCP directory API, please join our Discord server