NW
|
49945d9d81
|
security(csv-export): harden mnemonic export with super admin, audit, watermark (#48)
- Add SUPER_ADMIN_IDS config (fallback to ADMIN_IDS if not set)
- Add isSuperAdmin() to middleware/auth.js
- Create auditService.js for structured audit logging (DB + pino)
- Create migration 005_audit_log.js
- Add confirmation dialog before CSV export (confirm_export_ callback)
- Check isSuperAdmin before export — block non-super admins
- Audit log every export: admin ID, wallet type, wallet count
- Add exported_by watermark column to CSV with admin telegram ID
- Notify all other super admins when export occurs
- Add SUPER_ADMIN_IDS to .env.example
8 files changed, 154 insertions, 39 deletions
|
2026-06-22 10:07:58 +01:00 |
|
NW
|
68d83807ad
|
refactor(arch): Phase 2 — deduplicate isAdmin, convertToUsd, getBaseWalletType
- #54: Extract isAdmin() to src/middleware/auth.js, remove duplicates from 7 admin handlers
- #55: Add WalletUtils.convertToUsd(), replace 8 switch-case blocks across 4 files
- #56: Unify getBaseWalletType() — keep only WalletUtils version (most complete),
remove duplicates from Wallet.js and userWalletsHandler.js
New file: src/middleware/auth.js
Net: -215 lines, +80 lines
Closes: #54, #55, #56
|
2026-06-17 22:10:34 +01:00 |
|