Audit Logs

NuxtBase includes a real audit trail.

It is not just a future placeholder table. The template actively writes audit records from multiple product areas, including billing, projects, webhooks, and organization management flows.

What An Audit Record Contains

The core audit table stores fields such as:

• action
• targetType
• targetId
• organizationId
• actorUserId
• meta
• ipAddress
• userAgent
• createdAt

The helper also extracts request context automatically when an H3Event is available.

Where Audit Logs Are Written

The shipped code writes audit records from many important mutations, for example:

• billing checkout, cancel, resume, and plan change
• project create, update, delete, and file operations
• webhook endpoint create, update, and delete
• organization membership changes

Some flows use createAuditLog() directly inside a transaction. Others use safeCreateAuditLog() when audit logging should not block the main mutation.

Who Can Read Audit Logs

The current read surface is admin-facing.

GET /api/admin/audit-logs requires a platform admin and returns paginated log entries with:

• actor identity
• organization name
• action
• target type and target ID
• IP address
• creation time

So this is a platform audit trail first, not an end-user self-service audit page.

Why This Matters

Audit logs become much more useful when you keep actions and target types stable.

If you heavily rename actions or stop logging certain mutations, you lose:

• operational visibility
• incident investigation context
• change history for sensitive product areas

Tip

When you customize business logic, keep audit logging in the same transaction as the mutation whenever consistency matters more than graceful degradation.