fix: admin action log and impersonation improvements

- Fix admin action log not displaying entries (use raw sqlite for self-join) - Add global impersonation banner to all pages during impersonation - Fix timestamp display in action log (convert Unix seconds to milliseconds) - Add loginWithToken method to auth store for direct token authentication - Fix /api/auth/me to include impersonatedBy field from JWT - Remove duplicate impersonation code from admin page Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-21 18:26:20 +01:00
parent 7c209e3270
commit bdd8aa497d
5 changed files with 171 additions and 130 deletions
--- a/src/backend/index.js
+++ b/src/backend/index.js
@@ -16,6 +16,7 @@ import {
 import {
  getSystemStats,
  getUserStats,
+  getAdminActions,
  impersonateUser,
  verifyImpersonation,
  stopImpersonation,
@@ -434,9 +435,15 @@ const app = new Elysia()
      return { success: false, error: 'User not found' };
    }

+    // Include impersonatedBy from JWT if present (not stored in database)
+    const responseUser = {
+      ...userData,
+      impersonatedBy: user.impersonatedBy,
+    };
+
    return {
      success: true,
-      user: userData,
+      user: responseUser,
    };
  })