feat: enhance audit service with PII redaction, persistence, severity levels, and alerting integration.

[Dubemtopsite]

Implement comprehensive audit logging for sensitive operations

Closes #428

Summary

Overhauls the audit logging system with a tamper-evident, compliance-grade audit trail. Adds severity classification, enriched context, persistent storage, real-time alerting, archival, and PII-safe querying.

Changes

backend/services/auditTypes.ts — Enhanced schema

• Added AuditSeverity (low | medium | high | critical) for event classification
• Added AuditContext with ipAddress, userAgent, sessionId, location, deviceId, platform
• Extended AuditAction union with 14 critical security events (auth.failed, admin.role_changed, api.key_revoked, security.threat_detected, etc.)
• Added AuditArchiveEntry, ArchivalPolicy, AuditQueryFilter, AuditQueryResult, ComplianceAuditReport types

backend/services/auditService.ts — Core enhancements

• Severity & context: capture() accepts severity and optional AuditContext; defaults to 'low'
• Append-only persistence: save()/load() via AsyncStorage; no delete/update surface exposed
• Log injection prevention: sanitizeInput() strips \r\n"'\\; from identifiers; sanitizeMetadata() redacts PII-like keys (email, phone, ssn, credit card) and inline PII values
• Enhanced query API: filter by resourceType, severity, text search; sort by timestamp/action/actorId; queryPaginated() with offset/limit pagination
• Real-time alerting: auto-dispatches critical/high events to AlertingService via pluggable channels (console, Slack, PagerDuty)
• Log retention + archival: applyRetention() moves pruned events to cold storage when ArchivalPolicy is enabled
• Compliance reporting: generateComplianceReport() includes integrity verification, severity/actor/resource breakdowns, retention days, supported export formats
• PII-safe query: queryWithoutPii() redacts all PII from results

backend/services/piiAudit.ts — Passes severity (high for export/delete, medium otherwise) and optional AuditContext

src/services/auditIntegration.ts — New convenience layer bridging backend AuditService with the app; exports captureAuditEvent, queryAuditEventsPaginated, generateComplianceReport, persistAuditLog, etc.

src/services/adminDashboardService.ts — Added severity to mock audit events

backend/services/__tests__/auditService.test.ts — 37 tests covering:

• Severity/context capture, enhanced query (resourceType, severity, search, combined filters, pagination, sorting)
• Compliance report with integrity check, archival (enabled/disabled)
• PII scrubbing (keys + values), log injection prevention, max log size enforcement
• Alerting integration (critical dispatches, low skips, constructor injection)

Edge cases addressed

• Log injection: Input sanitization strips control characters and quotes from identifiers
• Storage cost: Configurable maxLogSize (default 100k) prevents unbounded memory growth; archival moves aged data to cold AsyncStorage keys
• PII in audit logs: Automatic PII field detection and redaction in metadata; dedicated queryWithoutPii() for safe consumption
• Clock synchronization: Uses Date.now() with timestamp-based queries — appropriate for this client-side architecture

Verification

• All 307 backend tests pass (16 suites) with zero regressions
• Audit service test suite expanded from 14 → 37 tests

[drips-wave]

@Dubemtopsite Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits