borg/drone-detector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt-token

Browse Source
This commit is contained in:
Alexander Borg
2025-09-24 04:57:07 +02:00
parent 02ce9d343b
commit 6c28330af3
6 changed files with 772 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

160
server/models/SecurityLog.js Normal file
View File

@@ -0,0 +1,160 @@
const { DataTypes } = require('sequelize');
module.exports = (sequelize) => {
const SecurityLog = sequelize.define('SecurityLog', {
id: {
type: DataTypes.UUID,
defaultValue: sequelize.Sequelize.UUIDV4,
primaryKey: true
},
tenant_id: {
type: DataTypes.UUID,
allowNull: true,
references: {
model: 'tenants',
key: 'id'
},
comment: 'Tenant ID for multi-tenant isolation (null for system-wide events)'
},
event_type: {
type: DataTypes.STRING(50),
allowNull: false,
comment: 'Type of security event (login_failed, login_success, suspicious_pattern, etc.)'
},
severity: {
type: DataTypes.STRING(20),
allowNull: false,
defaultValue: 'info',
validate: {
isIn: [['low', 'medium', 'high', 'critical']]
},
comment: 'Severity level of the security event'
},
user_id: {
type: DataTypes.UUID,
allowNull: true,
comment: 'User ID if applicable'
},
username: {
type: DataTypes.STRING(100),
allowNull: true,
comment: 'Username involved in the event'
},
ip_address: {
type: DataTypes.INET,
allowNull: true,
comment: 'Client IP address'
},
client_ip: {
type: DataTypes.INET,
allowNull: true,
comment: 'Real client IP (if behind proxy/load balancer)'
},
user_agent: {
type: DataTypes.TEXT,
allowNull: true,
comment: 'User agent string'
},
rdns: {
type: DataTypes.STRING(255),
allowNull: true,
comment: 'Reverse DNS lookup of IP address'
},
country_code: {
type: DataTypes.STRING(2),
allowNull: true,
comment: 'ISO country code from IP geolocation'
},
country_name: {
type: DataTypes.STRING(100),
allowNull: true,
comment: 'Country name from IP geolocation'
},
city: {
type: DataTypes.STRING(100),
allowNull: true,
comment: 'City from IP geolocation'
},
is_high_risk_country: {
type: DataTypes.BOOLEAN,
defaultValue: false,
comment: 'Whether the country is flagged as high-risk'
},
message: {
type: DataTypes.TEXT,
allowNull: false,
comment: 'Detailed description of the security event'
},
metadata: {
type: DataTypes.JSONB,
allowNull: true,
defaultValue: {},
comment: 'Additional event-specific data'
},
session_id: {
type: DataTypes.STRING(255),
allowNull: true,
comment: 'Session ID if applicable'
},
request_id: {
type: DataTypes.STRING(255),
allowNull: true,
comment: 'Request ID for correlation'
},
endpoint: {
type: DataTypes.STRING(255),
allowNull: true,
comment: 'API endpoint or URL involved'
},
method: {
type: DataTypes.STRING(10),
allowNull: true,
comment: 'HTTP method'
},
status_code: {
type: DataTypes.INTEGER,
allowNull: true,
comment: 'HTTP response status code'
},
alerted: {
type: DataTypes.BOOLEAN,
defaultValue: false,
comment: 'Whether super admins have been alerted about this event'
},
created_at: {
type: DataTypes.DATE,
defaultValue: sequelize.Sequelize.NOW,
comment: 'When the event occurred'
}
}, {
tableName: 'security_logs',
timestamps: true,
createdAt: 'created_at',
updatedAt: false, // Security logs should not be updated
indexes: [
{
fields: ['tenant_id', 'created_at']
},
{
fields: ['event_type', 'created_at']
},
{
fields: ['ip_address', 'created_at']
},
{
fields: ['username', 'created_at']
},
{
fields: ['severity', 'created_at']
},
{
fields: ['country_code', 'is_high_risk_country']
},
{
fields: ['alerted', 'severity', 'created_at']
}
]
});
return SecurityLog;
};