#!/usr/bin/env node /** * Security Logging Verification - Enforces inst_046 * Checks that security event logging is properly configured */ const fs = require('fs'); const path = require('path'); const mongoose = require('mongoose'); async function verify() { console.log('\nšŸ”’ Security Logging Verification (inst_046)\n'); console.log('ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”\n'); let allPassed = true; // Check 1: Security audit log file or database console.log('1. Checking security audit trail...'); try { await mongoose.connect('mongodb://localhost:27017/tractatus_dev', { serverSelectionTimeoutMS: 2000 }); const AuditLog = mongoose.model('AuditLog'); const securityCount = await AuditLog.countDocuments({ service: { $in: ['BoundaryEnforcer', 'AuthMiddleware', 'SecurityMonitor'] } }); if (securityCount > 0) { console.log(` āœ… ${securityCount} security events logged to database`); } else { console.log(' āš ļø No security events in database (may be fresh install)'); } mongoose.connection.close(); } catch (dbErr) { console.log(` āš ļø Could not connect to audit database: ${dbErr.message}`); } // Check 2: Security middleware present console.log('\n2. Checking security middleware...'); const middlewarePath = path.join(__dirname, '../src/middleware/auth.middleware.js'); if (fs.existsSync(middlewarePath)) { const content = fs.readFileSync(middlewarePath, 'utf8'); if (content.includes('security') || content.includes('audit')) { console.log(' āœ… Security middleware found'); } else { console.log(' āš ļø Security middleware may not include audit logging'); } } else { console.log(' āŒ Security middleware not found'); allPassed = false; } // Check 3: CSP violation detection console.log('\n3. Checking CSP compliance tools...'); const cspCheckPath = path.join(__dirname, '../scripts/check-csp-violations.js'); if (fs.existsSync(cspCheckPath)) { console.log(' āœ… CSP violation checker present'); } else { console.log(' āŒ CSP violation checker missing'); allPassed = false; } // Summary console.log('\nā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”'); if (allPassed) { console.log('āœ… Security logging verification PASSED\n'); process.exit(0); } else { console.log('āŒ Security logging verification FAILED\n'); console.log('Action required: Ensure all security logging components are in place'); console.log('See inst_046 for full requirements\n'); process.exit(1); } } verify().catch(err => { console.error(`\nāŒ Verification failed: ${err.message}\n`); process.exit(1); });