--- // Password-protected admin page for viewing consent logs import { db, ConsentLog, desc } from 'astro:db'; // Simple password protection (in production, use proper auth) const ADMIN_PASSWORD = Astro.env.ADMIN_PASSWORD || 'changeme'; let logs = []; let isAuthenticated = false; let error = ''; if (Astro.request.method === 'POST') { const formData = await Astro.request.formData(); const password = formData.get('password'); if (password === ADMIN_PASSWORD) { isAuthenticated = true; try { logs = await db.select().from(ConsentLog).orderBy(desc(ConsentLog.timestamp)).limit(100); } catch (err) { error = 'Failed to load consent logs. Make sure database is initialized.'; console.error(err); } } else { error = 'Invalid password'; } } --- Consent Logs Admin | PDPA Compliance

🔐 Consent Logs Admin Dashboard

{!isAuthenticated ? (

Admin Login

{error &&
{error}
}

Default password: changeme (change in .env)

) : (
Refresh ← Back to Site
{error &&
{error}
}
{logs.length === 0 ? ( ) : ( logs.map((log) => ( )) )}
Date/Time Locale Session ID Essential Analytics Marketing Policy Ver IP Hash Action
No consent logs found. Make sure the website has received consent.
{new Date(log.timestamp).toLocaleString('en-GB')} {log.locale.toUpperCase()} {log.sessionId} {log.essential ? 'Yes' : 'No'} {log.analytics ? ( ) : ( )} {log.marketing ? ( ) : ( )} {log.policyVersion} {log.ipHash}

⚠️ Important Notes:

  • Consent records must be retained for 10 years (PDPA requirement)
  • Only delete records when user exercises "right to be forgotten"
  • Document all deletions for compliance audit
  • IP addresses are hashed for privacy protection
)}