spotlightcam

radziel/spotlightcam

Fork 0

Commit Graph

Author	SHA1	Message	Date
Radosław Gierwiało	948c694ed6	feat(system): implement 404 page with activity logging and change profile route format Backend Changes: - Added public API endpoint /api/public/log-404 (no auth required) - Created backend/src/routes/public.js for public endpoints - Added ACTIONS.SYSTEM_404 and CATEGORIES.system to activity log service - Registered public routes in app.js Frontend Changes: - Created NotFoundPage.jsx with standalone layout (no auth required) - Added publicAPI.log404() to log 404 access attempts - Logs both authenticated and anonymous users - Changed profile route from /@:username to /u/:username - Made profile route public (removed ProtectedRoute wrapper) - Updated all profile links from /@${username} to /u/${username} in: - ChatMessage.jsx - DashboardMatchCard.jsx - MatchRequestCards.jsx - MatchCard.jsx - UserListItem.jsx - MatchChatPage.jsx - PublicProfilePage.jsx Fixes: - React Router doesn't support @ in path segments - 404 page now accessible to non-authenticated users without redirect - Profile route no longer catches all unmatched routes	2025-12-03 20:27:51 +01:00
Radosław Gierwiało	c9beee9a4e	feat(admin): add Activity Log backend services (Phase 2) Core services for activity logging system: 1. ActivityLog Service (backend/src/services/activityLog.js) - Centralized logging with fire-and-forget pattern - 18 action constants (auth, event, match, admin, chat) - Query interface with filtering (date, action, user, category) - Socket.IO emission for real-time streaming - Statistics and action types endpoints - Never throws - logging cannot crash app 2. Request Utility (backend/src/utils/request.js) - getClientIP() - Extract client IP from headers/socket - Handles X-Forwarded-For and X-Real-IP proxy headers - IPv6-mapped IPv4 conversion 3. Admin Middleware (backend/src/middleware/admin.js) - requireAdmin() - Protect admin routes - Fresh DB check of isAdmin flag - Returns 403 for non-admin users - Use after authenticate middleware Next phases: logging integration points, API endpoints, frontend UI	2025-12-02 19:47:47 +01:00

Author

SHA1

Message

Date

Radosław Gierwiało

948c694ed6

feat(system): implement 404 page with activity logging and change profile route format

Backend Changes:
- Added public API endpoint /api/public/log-404 (no auth required)
- Created backend/src/routes/public.js for public endpoints
- Added ACTIONS.SYSTEM_404 and CATEGORIES.system to activity log service
- Registered public routes in app.js

Frontend Changes:
- Created NotFoundPage.jsx with standalone layout (no auth required)
- Added publicAPI.log404() to log 404 access attempts
- Logs both authenticated and anonymous users
- Changed profile route from /@:username to /u/:username
- Made profile route public (removed ProtectedRoute wrapper)
- Updated all profile links from /@${username} to /u/${username} in:
  - ChatMessage.jsx
  - DashboardMatchCard.jsx
  - MatchRequestCards.jsx
  - MatchCard.jsx
  - UserListItem.jsx
  - MatchChatPage.jsx
  - PublicProfilePage.jsx

Fixes:
- React Router doesn't support @ in path segments
- 404 page now accessible to non-authenticated users without redirect
- Profile route no longer catches all unmatched routes

2025-12-03 20:27:51 +01:00

Radosław Gierwiało

c9beee9a4e

feat(admin): add Activity Log backend services (Phase 2)

Core services for activity logging system:

1. ActivityLog Service (backend/src/services/activityLog.js)
   - Centralized logging with fire-and-forget pattern
   - 18 action constants (auth, event, match, admin, chat)
   - Query interface with filtering (date, action, user, category)
   - Socket.IO emission for real-time streaming
   - Statistics and action types endpoints
   - Never throws - logging cannot crash app

2. Request Utility (backend/src/utils/request.js)
   - getClientIP() - Extract client IP from headers/socket
   - Handles X-Forwarded-For and X-Real-IP proxy headers
   - IPv6-mapped IPv4 conversion

3. Admin Middleware (backend/src/middleware/admin.js)
   - requireAdmin() - Protect admin routes
   - Fresh DB check of isAdmin flag
   - Returns 403 for non-admin users
   - Use after authenticate middleware

Next phases: logging integration points, API endpoints, frontend UI

2025-12-02 19:47:47 +01:00

2 Commits