feat(security): audit-log session termination (single + all-others)
The two session-revocation endpoints wrote no audit entry. Added a 'session' EntityType (+ Czech label 'Relace') and logAudit on both deletes, so revoking sessions is recorded in the forensic trail. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -146,4 +146,5 @@ export type EntityType =
|
||||
| "warehouse_receipt_attachment"
|
||||
| "work_plan_entry"
|
||||
| "work_plan_override"
|
||||
| "plan_category";
|
||||
| "plan_category"
|
||||
| "session";
|
||||
|
||||
Reference in New Issue
Block a user