k.karaer/weeding
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
53006601ba6c10f9e33f1940672b838820af18eb
weeding/src/lib/security.ts
Kenan KARAER 53006601ba hata düzeltme
2026-01-02 22:33:24 +03:00

37 lines
1.3 KiB
TypeScript
Raw Blame History

import { createClient } from "@/lib/supabase/server"
import { createAdminClient } from "@/lib/supabase/admin"
import { headers } from "next/headers"
export type SecurityEventType = 'login_success' | 'login_failed' | 'otp_sent' | 'otp_verified' | 'otp_failed' | 'logout' | 'master_otp_used'
export async function logActivity(
userId: string | null,
eventType: SecurityEventType,
details: Record<string, unknown> = {}
) {
try {
// Use Admin Client to bypass RLS for inserting logs
// This is crucial because logging often happens when user is not yet authenticated (e.g. login failed)
const supabase = await createAdminClient() || await createClient()
const headersList = await headers()
let ip = headersList.get("x-forwarded-for") || headersList.get("x-real-ip") || 'unknown'
if (ip.includes(',')) ip = ip.split(',')[0].trim()
if (ip === '::1') ip = '127.0.0.1'
const userAgent = headersList.get("user-agent") || 'unknown'
await supabase.from('auth_logs').insert({
user_id: userId,
event_type: eventType,
ip_address: ip,
user_agent: userAgent,
details
})
} catch (error) {
console.error('Failed to log activity:', error)
// Fail silently to not block user flow
}
}
Reference in New Issue View Git Blame Copy Permalink