59 lines
1.9 KiB
PHP
59 lines
1.9 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use App\Models\AuditLog;
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
class AuditRequestMiddleware
|
|
{
|
|
/**
|
|
* Handle an incoming request.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response) $next
|
|
* @return mixed
|
|
*/
|
|
public function handle(Request $request, Closure $next)
|
|
{
|
|
$response = $next($request);
|
|
|
|
// Audit only write/mutation operations or auth requests
|
|
$method = $request->method();
|
|
if (in_array($method, ['POST', 'PUT', 'PATCH', 'DELETE']) || $request->routeIs('*.sensitive')) {
|
|
$user = Auth::user();
|
|
|
|
// Mask sensitive fields in request payload
|
|
$payload = $request->all();
|
|
$sensitiveKeys = ['password', 'password_confirmation', 'pin', 'pin_confirmation', 'pin_hash', 'code', 'token', 'key', 'national_id', 'card_number'];
|
|
foreach ($sensitiveKeys as $key) {
|
|
if (isset($payload[$key])) {
|
|
$payload[$key] = '********';
|
|
}
|
|
}
|
|
|
|
AuditLog::record([
|
|
'user_id' => $user?->id,
|
|
'actor_id' => $user?->id,
|
|
'action' => 'api_request_' . strtolower($method),
|
|
'subject_type' => 'Request',
|
|
'subject_id' => null,
|
|
'old_values' => null,
|
|
'new_values' => [
|
|
'url' => $request->fullUrl(),
|
|
'method' => $method,
|
|
'status' => $response->getStatusCode(),
|
|
'payload' => $payload,
|
|
],
|
|
'ip_address' => $request->ip(),
|
|
'user_agent' => $request->userAgent(),
|
|
'device_id' => $request->header('X-Device-Id'),
|
|
]);
|
|
}
|
|
|
|
return $response;
|
|
}
|
|
}
|