Hamza/wasl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit - WASL Digital Wallet

Browse Source
This commit is contained in:
Hamza-Ayed
2026-06-20 21:55:06 +03:00
commit 7306c47368
61 changed files with 4157 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
Backend/app/Http/Middleware/AuditRequestMiddleware.php Normal file
View File

@@ -0,0 +1,58 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use App\Models\AuditLog;
use Illuminate\Support\Facades\Auth;
class AuditRequestMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response) $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
$response = $next($request);
// Audit only write/mutation operations or auth requests
$method = $request->method();
if (in_array($method, ['POST', 'PUT', 'PATCH', 'DELETE']) || $request->routeIs('*.sensitive')) {
$user = Auth::user();
// Mask sensitive fields in request payload
$payload = $request->all();
$sensitiveKeys = ['password', 'password_confirmation', 'pin', 'pin_confirmation', 'pin_hash', 'code', 'token', 'key', 'national_id', 'card_number'];
foreach ($sensitiveKeys as $key) {
if (isset($payload[$key])) {
$payload[$key] = '********';
}
}
AuditLog::record([
'user_id' => $user?->id,
'actor_id' => $user?->id,
'action' => 'api_request_' . strtolower($method),
'subject_type' => 'Request',
'subject_id' => null,
'old_values' => null,
'new_values' => [
'url' => $request->fullUrl(),
'method' => $method,
'status' => $response->getStatusCode(),
'payload' => $payload,
],
'ip_address' => $request->ip(),
'user_agent' => $request->userAgent(),
'device_id' => $request->header('X-Device-Id'),
]);
}
return $response;
}
}