Mathias STRASSER
2ed60fdcc1
Story 1.7 - Implémente un système complet d'audit trail pour tracer toutes les actions sensibles (authentification, modifications de données, exports) avec immuabilité garantie par PostgreSQL. Fonctionnalités principales: - Table audit_log append-only avec contraintes PostgreSQL (RULE) - AuditLogger centralisé avec injection automatique du contexte - Correlation ID pour traçabilité distribuée (HTTP + async) - Handlers pour événements d'authentification - Commande d'archivage des logs anciens - Pas de PII dans les logs (emails/IPs hashés) Infrastructure: - Middlewares Messenger pour propagation du Correlation ID - HTTP middleware pour génération/propagation du Correlation ID - Support multi-tenant avec TenantResolver
56 lines
2.2 KiB
YAML
56 lines
2.2 KiB
YAML
framework:
|
|
messenger:
|
|
# Uncomment this (and the failed transport below) to send failed messages to this transport for later handling.
|
|
failure_transport: failed
|
|
|
|
# Three buses: Command, Query, Event (CQRS + Event-driven)
|
|
default_bus: command.bus
|
|
|
|
buses:
|
|
command.bus:
|
|
default_middleware: true
|
|
middleware:
|
|
- App\Shared\Infrastructure\Messenger\AddCorrelationIdStampMiddleware
|
|
- App\Shared\Infrastructure\Messenger\CorrelationIdMiddleware
|
|
- doctrine_transaction
|
|
|
|
query.bus:
|
|
default_middleware: true
|
|
middleware:
|
|
- App\Shared\Infrastructure\Messenger\AddCorrelationIdStampMiddleware
|
|
- App\Shared\Infrastructure\Messenger\CorrelationIdMiddleware
|
|
|
|
event.bus:
|
|
default_middleware:
|
|
allow_no_handlers: true
|
|
middleware:
|
|
- App\Shared\Infrastructure\Messenger\AddCorrelationIdStampMiddleware
|
|
- App\Shared\Infrastructure\Messenger\CorrelationIdMiddleware
|
|
|
|
transports:
|
|
# https://symfony.com/doc/current/messenger.html#transport-configuration
|
|
async:
|
|
dsn: '%env(MESSENGER_TRANSPORT_DSN)%'
|
|
options:
|
|
exchange:
|
|
name: classeo_messages
|
|
type: topic
|
|
queues:
|
|
messages:
|
|
binding_keys: ['#']
|
|
retry_strategy:
|
|
max_retries: 3
|
|
delay: 1000
|
|
multiplier: 2
|
|
max_delay: 60000
|
|
|
|
failed:
|
|
dsn: 'doctrine://default?queue_name=failed'
|
|
|
|
routing:
|
|
# Route your messages to the transports
|
|
# Password reset events are async to prevent timing attacks (email enumeration)
|
|
# and to improve API response time
|
|
'App\Administration\Domain\Event\PasswordResetTokenGenerated': async
|
|
'App\Administration\Domain\Event\MotDePasseChange': async
|