audit logging and moderator tracking

lib/audit-logger.ts

@@ -0,0 +1,61 @@
+import sqlite3 from 'sqlite3'
+import path from 'path'
+
+export interface AuditLogEntry {
+  user_id?: number
+  action: string
+  resource_type: string
+  resource_id?: number
+  details?: any
+  ip_address?: string
+}
+
+export async function logAuditEvent(entry: AuditLogEntry): Promise<void> {
+  const dbPath = path.join(process.cwd(), 'database', 'antihoax.db')
+  const db = new sqlite3.Database(dbPath)
+  
+  try {
+    await new Promise<void>((resolve, reject) => {
+      db.run(
+        `INSERT INTO audit_logs (user_id, action, resource_type, resource_id, details, ip_address, created_at)
+         VALUES (?, ?, ?, ?, ?, ?, datetime('now'))`,
+        [
+          entry.user_id || null,
+          entry.action,
+          entry.resource_type,
+          entry.resource_id || null,
+          entry.details ? JSON.stringify(entry.details) : null,
+          entry.ip_address || null
+        ],
+        (err) => {
+          if (err) reject(err)
+          else resolve()
+        }
+      )
+    })
+  } catch (error) {
+    console.error('Audit logging failed:', error)
+  } finally {
+    db.close()
+  }
+}
+
+export const AuditActions = {
+  CREATE: 'CREATE',
+  UPDATE: 'UPDATE',
+  DELETE: 'DELETE',
+  APPROVE: 'APPROVE',
+  REJECT: 'REJECT',
+  LOGIN: 'LOGIN',
+  LOGOUT: 'LOGOUT',
+  BULK_IMPORT: 'BULK_IMPORT',
+  EXPORT: 'EXPORT'
+} as const
+
+export const ResourceTypes = {
+  SOURCE: 'source',
+  REPORT: 'report',
+  USER: 'user',
+  CATEGORY: 'category',
+  API_KEY: 'api_key'
+} as const