Auth, Audit, and the Middleware Maze

Building the foundation for leave management with authentication, auditing, and service-layer architecture.

Today was focused on laying the groundwork for the leave management system.

I started by cleaning up the project structure and moving middleware into a more organized location. It's a small change, but keeping the codebase tidy early helps avoid headaches later.

The biggest task was implementing authentication. I added sign-in functionality, password hashing, JWT-based authentication, and middleware for protecting routes. Most of the effort went into connecting everything together cleanly and making sure authenticated user information was available throughout the application.

While working on auth, I also made a few updates to the database schema and installed the supporting packages needed for the new functionality.

With authentication in place, I moved on to the leave management module. I created the initial routes and service layer for handling leave requests and built an audit logging system to track important actions. Every create, update, approval, or rejection action now leaves an audit trail, which should make future debugging and accountability much easier.

The final part of the session was wiring the new routes into the application and testing the endpoints. Getting the authentication flow working alongside the new leave APIs took some iteration, but by the end everything was communicating correctly.

Overall, it was a productive session. The project now has a solid authentication foundation, the first version of leave management functionality, and an auditing system that will support future features.