feat(secrets-mcp): 审计页、audit_log user_id、OAuth 登录与仪表盘 footer

- audit_log 增加 user_id；业务写审计透传 user_id - Web /audit 与侧边栏；Dashboard 版本 footer 贴底（margin-top: auto） - 停止 API Key 鉴权成功写入登录审计 - 文档、CI、release-check 配套更新 Made-with: Cursor
2026-03-21 11:12:11 +08:00
parent ee028d45c3
commit f2344b7543
19 changed files with 361 additions and 69 deletions
--- a/crates/secrets-core/src/audit.rs
+++ b/crates/secrets-core/src/audit.rs
@@ -36,9 +36,10 @@ pub async fn log_login(
    let actor = current_actor();
    let detail = login_detail(user_id, provider, client_ip, user_agent);
    let result: Result<_, sqlx::Error> = sqlx::query(
-        "INSERT INTO audit_log (action, namespace, kind, name, detail, actor) \
-         VALUES ($1, $2, $3, $4, $5, $6)",
+        "INSERT INTO audit_log (user_id, action, namespace, kind, name, detail, actor) \
+         VALUES ($1, $2, $3, $4, $5, $6, $7)",
    )
+    .bind(user_id)
    .bind(ACTION_LOGIN)
    .bind(NAMESPACE_AUTH)
    .bind(kind)
@@ -58,6 +59,7 @@ pub async fn log_login(
 /// Write an audit entry within an existing transaction.
 pub async fn log_tx(
    tx: &mut Transaction<'_, Postgres>,
+    user_id: Option<Uuid>,
    action: &str,
    namespace: &str,
    kind: &str,
@@ -66,9 +68,10 @@ pub async fn log_tx(
 ) {
    let actor = current_actor();
    let result: Result<_, sqlx::Error> = sqlx::query(
-        "INSERT INTO audit_log (action, namespace, kind, name, detail, actor) \
-         VALUES ($1, $2, $3, $4, $5, $6)",
+        "INSERT INTO audit_log (user_id, action, namespace, kind, name, detail, actor) \
+         VALUES ($1, $2, $3, $4, $5, $6, $7)",
    )
+    .bind(user_id)
    .bind(action)
    .bind(namespace)
    .bind(kind)