diff --git a/internal/auth/service.go b/internal/auth/service.go index a8e2ede..c1ea420 100644 --- a/internal/auth/service.go +++ b/internal/auth/service.go @@ -10,6 +10,7 @@ import ( "errors" "fmt" "mal/internal/domain" + "mal/internal/observability" "strings" "time" @@ -74,22 +75,25 @@ func (s *authService) LoginForAPIToken(ctx context.Context, username, password, return "", nil, err } - metadataBytes, err := json.Marshal(struct { + event := domain.AuditEvent{ + UserID: user.ID, + Action: "api_token_created", + ResourceType: "api_token", + } + metadataBytes, marshalErr := json.Marshal(struct { Name string `json:"name"` }{Name: trimmedName}) - if err == nil { - _ = s.auditSvc.Record(ctx, domain.AuditEvent{ - UserID: user.ID, - Action: "api_token_created", - ResourceType: "api_token", - MetadataJSON: metadataBytes, - }) - } else { - _ = s.auditSvc.Record(ctx, domain.AuditEvent{ - UserID: user.ID, - Action: "api_token_created", - ResourceType: "api_token", - }) + if marshalErr == nil { + event.MetadataJSON = metadataBytes + } + if err := s.auditSvc.Record(ctx, event); err != nil { + observability.Warn( + "audit_record_failed", + "auth", + "", + map[string]any{"user_id": user.ID, "action": "api_token_created"}, + err, + ) } return rawToken, user, nil @@ -152,11 +156,19 @@ func (s *authService) RevokeAllAPITokensForUser(ctx context.Context, userID stri if err := s.repo.RevokeAllAPITokensForUser(ctx, userID); err != nil { return err } - _ = s.auditSvc.Record(ctx, domain.AuditEvent{ + if err := s.auditSvc.Record(ctx, domain.AuditEvent{ UserID: userID, Action: "api_token_revoked_all", ResourceType: "api_token", - }) + }); err != nil { + observability.Warn( + "audit_record_failed", + "auth", + "", + map[string]any{"user_id": userID, "action": "api_token_revoked_all"}, + err, + ) + } return nil } diff --git a/internal/playback/progress.go b/internal/playback/progress.go index 8dab835..a5e01ad 100644 --- a/internal/playback/progress.go +++ b/internal/playback/progress.go @@ -130,25 +130,27 @@ func (s *playbackService) SaveProgress(ctx context.Context, userID string, anime return err } + event := domain.AuditEvent{ + UserID: userID, + Action: "watch_progress_saved", + ResourceType: "anime", + ResourceID: strconv.FormatInt(animeID, 10), + } metadataBytes, marshalErr := json.Marshal(struct { Episode int `json:"episode"` TimeSeconds float64 `json:"time_seconds"` }{Episode: episode, TimeSeconds: timeSeconds}) if marshalErr == nil { - _ = s.auditSvc.Record(ctx, domain.AuditEvent{ - UserID: userID, - Action: "watch_progress_saved", - ResourceType: "anime", - ResourceID: strconv.FormatInt(animeID, 10), - MetadataJSON: metadataBytes, - }) - } else { - _ = s.auditSvc.Record(ctx, domain.AuditEvent{ - UserID: userID, - Action: "watch_progress_saved", - ResourceType: "anime", - ResourceID: strconv.FormatInt(animeID, 10), - }) + event.MetadataJSON = metadataBytes + } + if err := s.auditSvc.Record(ctx, event); err != nil { + observability.Warn( + "audit_record_failed", + "playback", + "", + map[string]any{"user_id": userID, "anime_id": animeID, "action": "watch_progress_saved"}, + err, + ) } observability.Info("watch_progress_saved", "playback", "", map[string]any{ "anime_id": animeID,