izadoesdev
diff --git a/‎FEATURE_SUGGESTIONS.md‎
Lines changed: 3 additions & 2 deletions b/‎FEATURE_SUGGESTIONS.md‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎README.md‎
Lines changed: 80 additions & 0 deletions b/‎README.md‎
Lines changed: 80 additions & 0 deletions
diff --git a/‎benchmark.ts‎
Lines changed: 10 additions & 3 deletions b/‎benchmark.ts‎
Lines changed: 10 additions & 3 deletions
diff --git a/‎build.config.ts‎
Lines changed: 12 additions & 0 deletions b/‎build.config.ts‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎examples/databuddy-api.ts‎
Lines changed: 0 additions & 62 deletions b/‎examples/databuddy-api.ts‎
Lines changed: 0 additions & 62 deletions
diff --git a/‎examples/drizzle-schema.ts‎
Lines changed: 0 additions & 36 deletions b/‎examples/drizzle-schema.ts‎
Lines changed: 0 additions & 36 deletions
@@ -5,6 +5,7 @@
 - ✅ Salt for hashing
 - ✅ Update last used timestamp
 - ✅ Key tags/labels
+- ✅ Audit logging (opt-in)
 
 ## Recommended Additions
 
@@ -125,8 +126,8 @@ const logs = await keys.getAuditLogs({
 
 **High Priority:**
 1. Rate limiting (security)
-2. Update last used timestamp (already added)
-3. Audit logging (compliance)
+2. ~~Update last used timestamp~~ ✅ (already added)
+3. ~~Audit logging~~ ✅ (already added)
 
 **Medium Priority:**
 4. Key rotation (security best practice)
 
@@ -14,6 +14,7 @@ A TypeScript library for secure API key management with cryptographic hashing, e
 - **Flexible Storage**: Memory, Redis, and Drizzle ORM adapters included
 - **Scope-based Permissions**: Fine-grained access control
 - **Key Management**: Enable/disable, rotate, and soft-revoke keys with audit trails
+- **Audit Logging**: Track who did what, when, and why (opt-in)
 - **TypeScript**: Full type safety
 - **Zero Config**: Works out of the box with sensible defaults
 
@@ -80,6 +81,13 @@ const keys = createKeys({
   // Usage tracking
   autoTrackUsage: true, // Automatically update lastUsedAt on verify
 
+  // Audit logging (opt-in)
+  auditLogs: true,  // Enable audit logging
+  auditContext: {   // Default context for all audit logs (optional)
+    userId: 'system',
+    metadata: { service: 'api' }
+  },
+  
   // Header detection
   headerNames: ['x-api-key', 'authorization'],
   extractBearer: true,
@@ -170,6 +178,78 @@ await keys.updateLastUsed(record.id)
 const result = await keys.verify(headers, { skipTracking: true })
 ```
 
+### Audit Logging
+
+Track all key operations with context about who performed each action:
+
+```typescript
+// Enable audit logging
+const keys = createKeys({
+  auditLogs: true,
+  auditContext: {
+    // Default context merged into all logs
+    metadata: { environment: 'production' }
+  }
+})
+
+// Actions are automatically logged with optional context
+await keys.create({
+  ownerId: 'user_123',
+  scopes: ['read']
+}, {
+  userId: 'admin_456',
+  ip: '192.168.1.1',
+  metadata: { reason: 'New customer onboarding' }
+})
+
+await keys.revoke('key_123', {
+  userId: 'admin_789',
+  metadata: { reason: 'Security breach' }
+})
+
+// Query logs
+const logs = await keys.getLogs({
+  keyId: 'key_123',
+  action: 'revoked',
+  startDate: '2025-01-01',
+  limit: 100
+})
+
+// Count logs
+const count = await keys.countLogs({ action: 'created' })
+
+// Get statistics
+const stats = await keys.getLogStats('user_123')
+console.log(stats.total)
+console.log(stats.byAction.created)
+console.log(stats.lastActivity)
+
+// Clean up old logs
+const deleted = await keys.deleteLogs({
+  endDate: '2024-01-01'
+})
+
+// Clear logs for a specific key
+await keys.clearLogs('key_123')
+```
+
+**Log Entry Structure:**
+
+```typescript
+{
+  id: 'log_xyz',
+  action: 'created' | 'revoked' | 'rotated' | 'enabled' | 'disabled',
+  keyId: 'key_123',
+  ownerId: 'user_456',
+  timestamp: '2025-10-25T12:00:00.000Z',
+  data: {
+    userId: 'admin_789',
+    ip: '192.168.1.1',
+    metadata: { reason: 'Security breach' }
+  }
+}
+```
+
 ### Helper Methods
 
 ```typescript
 
@@ -1,3 +1,6 @@
+/** biome-ignore-all lint/suspicious/noConsole: benchmarking */
+/** biome-ignore-all lint/style/noMagicNumbers: benchmarking */
+/** biome-ignore-all lint/suspicious/noExplicitAny: benchmarking */
 import { bench, do_not_optimize, run, summary } from "mitata";
 import { createKeys } from "./src/manager";
 import { MemoryStore } from "./src/storage/memory";
@@ -23,8 +26,8 @@ for (let i = 0; i < 100; i++) {
 	createdKeys.push(result);
 }
 
-const testKey = createdKeys[0]!.key;
-const testRecord = createdKeys[0]!.record;
+const testKey = createdKeys[0]?.key;
+const testRecord = createdKeys[0]?.record;
 console.log("Setup complete\n");
 
 async function main() {
@@ -49,6 +52,10 @@ async function main() {
 
 	await run();
 
+	if (!testKey) {
+		throw new Error("Test key not found");
+	}
+
 	// Verification Operations
 	summary(() => {
 		bench("verify() - valid key (fresh)", async () => {
@@ -182,7 +189,7 @@ async function main() {
 	// Storage Layer
 	summary(() => {
 		bench("storage.save()", async () => {
-			const { key, record } = await keys.create({
+			const { record } = await keys.create({
 				ownerId: "storage_user",
 				name: "Storage Key",
 			});
 
@@ -1,5 +1,8 @@
+import { readFileSync } from "node:fs";
 import { defineBuildConfig } from "unbuild";
 
+const pkg = JSON.parse(readFileSync("./package.json", "utf-8"));
+
 export default defineBuildConfig({
 	entries: [
 		"src/index.ts",
@@ -17,6 +20,15 @@ export default defineBuildConfig({
 			minify: true,
 			treeShaking: true,
 		},
+		output: {
+			banner: `/*!
+ * ${pkg.name} v${pkg.version}
+ * ${pkg.description}
+ * © ${new Date().getFullYear()} "Issa Nassar" <issa@databuddy.cc>
+ * Released under the ${pkg.license} License
+ * ${pkg.homepage}
+ */`,
+		},
 	},
 	externals: [
 		"drizzle-orm",