takeone-youtube-clone/app/Models/AuditLog.php

<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Model;

class AuditLog extends Model
{
    public $timestamps = false;

    protected $fillable = [
        'user_id', 'user_name', 'action', 'subject_type', 'subject_id',
        'subject_label', 'ip_address', 'user_agent', 'details', 'created_at',
    ];

    protected $casts = [
        'details'    => 'array',
        'created_at' => 'datetime',
    ];

    public function user()
    {
        return $this->belongsTo(User::class);
    }

    public static function record(string $action, array $options = []): void
    {
        $request = request();
        $user    = auth()->user();

        $ip = $request->header('CF-Connecting-IP')
            ?? $request->header('X-Forwarded-For')
            ?? $request->ip();

        static::create([
            'user_id'       => $options['user_id']    ?? $user?->id,
            'user_name'     => $options['user_name']  ?? $user?->name,
            'action'        => $action,
            'subject_type'  => $options['subject_type']  ?? null,
            'subject_id'    => $options['subject_id']    ?? null,
            'subject_label' => $options['subject_label'] ?? null,
            'ip_address'    => $ip,
            'user_agent'    => substr($request->userAgent() ?? '', 0, 255),
            'details'       => $options['details'] ?? null,
            'created_at'    => now(),
        ]);
    }

    // Severity grouping for UI color-coding
    public function getSeverityAttribute(): string
    {
        return match(true) {
            str_contains($this->action, 'delete') || str_contains($this->action, 'destroy') => 'danger',
            str_contains($this->action, 'login.failed')                                      => 'warning',
            str_contains($this->action, 'login')                                             => 'info',
            str_contains($this->action, 'logout')                                            => 'muted',
            str_contains($this->action, 'admin.')                                            => 'orange',
            str_contains($this->action, 'upload') || str_contains($this->action, 'create')  => 'success',
            str_contains($this->action, '2fa') || str_contains($this->action, 'password')   => 'purple',
            default                                                                           => 'default',
        };
    }

    public function getActionLabelAttribute(): string
    {
        return match($this->action) {
            'video.uploaded'          => 'Video Uploaded',
            'video.deleted'           => 'Video Deleted',
            'video.updated'           => 'Video Updated',
            'user.login'              => 'Logged In',
            'user.login.failed'       => 'Login Failed',
            'user.logout'             => 'Logged Out',
            'user.logout_all'         => 'Logged Out All Devices',
            'user.password_changed'   => 'Password Changed',
            'user.2fa.enabled'        => '2FA Enabled',
            'user.2fa.disabled'       => '2FA Disabled',
            'admin.impersonate'       => 'Impersonated User',
            'admin.impersonate.exit'  => 'Exited Impersonation',
            'admin.user.deleted'      => 'Admin: User Deleted',
            'admin.video.deleted'     => 'Admin: Video Deleted',
            'admin.user.updated'      => 'Admin: User Updated',
            'admin.video.updated'     => 'Admin: Video Updated',
            default                   => ucwords(str_replace(['.', '_'], ' ', $this->action)),
        };
    }
}