fix: add missing provider info to signedup audit logs (#2061)

cemalkilic · web-flow · commit c6e0cbefe5b6 · 2025-06-19T12:03:16.000+02:00
## What kind of change does this PR introduce?
Bug fix

## What is the current behavior?
Currently, when users complete email or phone verification flows, the
sign up audit logs are missing the `provider` field.

## What is the new behavior?
- Audit logs now include the `provider` field for all signup actions
- Added provider constants to improve code maintainability and prevent
hardcoded strings
diff --git a/internal/api/admin.go b/internal/api/admin.go
@@ -461,6 +461,7 @@ func (a *API) adminUserCreate(w http.ResponseWriter, r *http.Request) error {
 			"user_id":    user.ID,
 			"user_email": user.Email,
 			"user_phone": user.Phone,
+			"provider":   providers[0], // complying with the user.AppMetaData["provider"] field as above
 		}); terr != nil {
 			return terr
 		}
diff --git a/internal/api/provider_constants.go b/internal/api/provider_constants.go
@@ -0,0 +1,7 @@
+package api
+
+// Provider constants
+const (
+	EmailProvider = "email"
+	PhoneProvider = "phone"
+)
diff --git a/internal/api/verify.go b/internal/api/verify.go
@@ -322,7 +322,9 @@ func (a *API) signupVerify(r *http.Request, ctx context.Context, conn *storage.C
 			}
 		}
 
-		if terr = models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", nil); terr != nil {
+		if terr = models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", map[string]interface{}{
+			"provider": EmailProvider,
+		}); terr != nil {
 			return terr
 		}
 
@@ -357,7 +359,9 @@ func (a *API) recoverVerify(r *http.Request, conn *storage.Connection, user *mod
 			return terr
 		}
 		if !user.IsConfirmed() {
-			if terr = models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", nil); terr != nil {
+			if terr = models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", map[string]interface{}{
+				"provider": EmailProvider,
+			}); terr != nil {
 				return terr
 			}
 
@@ -383,7 +387,9 @@ func (a *API) smsVerify(r *http.Request, conn *storage.Connection, user *models.
 	err := conn.Transaction(func(tx *storage.Connection) error {
 
 		if params.Type == smsVerification {
-			if terr := models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", nil); terr != nil {
+			if terr := models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", map[string]interface{}{
+				"provider": PhoneProvider,
+			}); terr != nil {
 				return terr
 			}
 			if terr := user.ConfirmPhone(tx); terr != nil {

Original file line number	Diff line number	Diff line change
`@@ -461,6 +461,7 @@ func (a API) adminUserCreate(w http.ResponseWriter, r http.Request) error {`
`461`	`461`	`"user_id": user.ID,`
`462`	`462`	`"user_email": user.Email,`
`463`	`463`	`"user_phone": user.Phone,`
	`464`	`+ "provider": providers[0], // complying with the user.AppMetaData["provider"] field as above`
`464`	`465`	`}); terr != nil {`
`465`	`466`	`return terr`
`466`	`467`	`}`
Original file line number	Diff line number	Diff line change
`@@ -322,7 +322,9 @@ func (a API) signupVerify(r http.Request, ctx context.Context, conn *storage.C`
`322`	`322`	`}`
`323`	`323`	`}`
`324`	`324`
`325`		`- if terr = models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", nil); terr != nil {`
	`325`	`+ if terr = models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", map[string]interface{}{`
	`326`	`+ "provider": EmailProvider,`
	`327`	`+ }); terr != nil {`
`326`	`328`	`return terr`
`327`	`329`	`}`
`328`	`330`
`@@ -357,7 +359,9 @@ func (a API) recoverVerify(r http.Request, conn storage.Connection, user mod`
`357`	`359`	`return terr`
`358`	`360`	`}`
`359`	`361`	`if !user.IsConfirmed() {`
`360`		`- if terr = models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", nil); terr != nil {`
	`362`	`+ if terr = models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", map[string]interface{}{`
	`363`	`+ "provider": EmailProvider,`
	`364`	`+ }); terr != nil {`
`361`	`365`	`return terr`
`362`	`366`	`}`
`363`	`367`
`@@ -383,7 +387,9 @@ func (a API) smsVerify(r http.Request, conn storage.Connection, user models.`
`383`	`387`	`err := conn.Transaction(func(tx *storage.Connection) error {`
`384`	`388`
`385`	`389`	`if params.Type == smsVerification {`
`386`		`- if terr := models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", nil); terr != nil {`
	`390`	`+ if terr := models.NewAuditLogEntry(r, tx, user, models.UserSignedUpAction, "", map[string]interface{}{`
	`391`	`+ "provider": PhoneProvider,`
	`392`	`+ }); terr != nil {`
`387`	`393`	`return terr`
`388`	`394`	`}`
`389`	`395`	`if terr := user.ConfirmPhone(tx); terr != nil {`