feat(root): merge backend backlog phase 1-3

Phase 1: resilience, WebSocket stability, account deletion, FCM deactivation
Phase 2: pub/sub, telemetry, notification logs, wellness trends, medication adherence
Phase 3: audit logging, LiveKit rooms, GDPR export, idempotency, Redis cache

Author: gahyun-git

apps/api/alembic/env.py

@@ -6,11 +6,16 @@
 from sqlalchemy.ext.asyncio import async_engine_from_config
 
 from alembic import context
-from src.lib.config import settings
-from src.lib.database import Base
 
 # Import all models for autogenerate detection
+from src.admin.model import AuditLog  # noqa: F401
+from src.lib.config import settings
+from src.lib.database import Base
 from src.medications.model import Medication  # noqa: F401
+from src.notification_logs.model import (  # noqa: F401
+    NotificationLog,
+    NotificationPreference,
+)
 from src.relations.model import CareRelation  # noqa: F401
 from src.users.model import User  # noqa: F401
 from src.wellness.model import WellnessLog  # noqa: F401

apps/api/alembic/versions/0001_initial.py

@@ -232,6 +232,167 @@ def upgrade() -> None:
         unique=False,
     )
 
+    # --- audit_logs ---
+    op.create_table(
+        "audit_logs",
+        sa.Column(
+            "id",
+            sa.UUID(),
+            server_default=sa.text("gen_random_uuid()"),
+            nullable=False,
+        ),
+        sa.Column(
+            "actor_id",
+            sa.UUID(),
+            nullable=True,
+            comment="User or service that performed the action",
+        ),
+        sa.Column(
+            "action",
+            sa.String(length=100),
+            nullable=False,
+            comment="e.g. cleanup, deactivate_tokens",
+        ),
+        sa.Column(
+            "resource_type",
+            sa.String(length=100),
+            nullable=False,
+            comment="e.g. wellness_logs, device_tokens",
+        ),
+        sa.Column(
+            "detail",
+            postgresql.JSONB(astext_type=sa.Text()),
+            server_default=sa.text("'{}'::jsonb"),
+            nullable=False,
+        ),
+        sa.Column("description", sa.Text(), nullable=True),
+        sa.Column(
+            "timestamp",
+            sa.DateTime(timezone=True),
+            server_default=sa.text("now()"),
+            nullable=False,
+        ),
+        sa.PrimaryKeyConstraint("id", name=op.f("pk_audit_logs")),
+    )
+    op.create_index(
+        "ix_audit_logs_actor_id",
+        "audit_logs",
+        ["actor_id"],
+        unique=False,
+    )
+    op.create_index(
+        "ix_audit_logs_timestamp",
+        "audit_logs",
+        ["timestamp"],
+        unique=False,
+    )
+
+    # --- notification_logs ---
+    op.create_table(
+        "notification_logs",
+        sa.Column(
+            "id",
+            sa.UUID(),
+            server_default=sa.text("gen_random_uuid()"),
+            nullable=False,
+        ),
+        sa.Column("recipient_id", sa.UUID(), nullable=False),
+        sa.Column("title", sa.String(length=255), nullable=False),
+        sa.Column("body", sa.Text(), nullable=False),
+        sa.Column(
+            "status",
+            sa.String(length=20),
+            server_default="pending",
+            nullable=False,
+            comment="pending | sent | failed",
+        ),
+        sa.Column(
+            "channel",
+            sa.String(length=20),
+            server_default="push",
+            nullable=False,
+            comment="push",
+        ),
+        sa.Column(
+            "metadata",
+            postgresql.JSONB(astext_type=sa.Text()),
+            server_default=sa.text("'{}'::jsonb"),
+            nullable=False,
+        ),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            server_default=sa.text("now()"),
+            nullable=False,
+        ),
+        sa.ForeignKeyConstraint(
+            ["recipient_id"],
+            ["users.id"],
+            name=op.f("fk_notification_logs_recipient_id_users"),
+            ondelete="CASCADE",
+        ),
+        sa.PrimaryKeyConstraint("id", name=op.f("pk_notification_logs")),
+    )
+    op.create_index(
+        "ix_notification_logs_recipient_id",
+        "notification_logs",
+        ["recipient_id"],
+        unique=False,
+    )
+    op.create_index(
+        "ix_notification_logs_created_at",
+        "notification_logs",
+        ["created_at"],
+        unique=False,
+    )
+
+    # --- notification_preferences ---
+    op.create_table(
+        "notification_preferences",
+        sa.Column(
+            "id",
+            sa.UUID(),
+            server_default=sa.text("gen_random_uuid()"),
+            nullable=False,
+        ),
+        sa.Column("user_id", sa.UUID(), nullable=False),
+        sa.Column(
+            "wellness_alerts",
+            sa.Boolean(),
+            server_default=sa.text("true"),
+            nullable=False,
+        ),
+        sa.Column(
+            "medication_reminders",
+            sa.Boolean(),
+            server_default=sa.text("true"),
+            nullable=False,
+        ),
+        sa.Column(
+            "system_updates",
+            sa.Boolean(),
+            server_default=sa.text("true"),
+            nullable=False,
+        ),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            server_default=sa.text("now()"),
+            nullable=False,
+        ),
+        sa.Column("updated_at", sa.DateTime(timezone=True), nullable=True),
+        sa.ForeignKeyConstraint(
+            ["user_id"],
+            ["users.id"],
+            name=op.f("fk_notification_preferences_user_id_users"),
+            ondelete="CASCADE",
+        ),
+        sa.PrimaryKeyConstraint("id", name=op.f("pk_notification_preferences")),
+        sa.UniqueConstraint(
+            "user_id", name=op.f("uq_notification_preferences_user_id")
+        ),
+    )
+
     # --- device_tokens ---
     op.create_table(
         "device_tokens",
@@ -293,6 +454,13 @@ def downgrade() -> None:
     op.drop_index(op.f("ix_device_tokens_token"), table_name="device_tokens")
     op.drop_index("ix_device_tokens_user_id", table_name="device_tokens")
     op.drop_table("device_tokens")
+    op.drop_table("notification_preferences")
+    op.drop_index("ix_notification_logs_created_at", table_name="notification_logs")
+    op.drop_index("ix_notification_logs_recipient_id", table_name="notification_logs")
+    op.drop_table("notification_logs")
+    op.drop_index("ix_audit_logs_timestamp", table_name="audit_logs")
+    op.drop_index("ix_audit_logs_actor_id", table_name="audit_logs")
+    op.drop_table("audit_logs")
     op.drop_index("ix_medications_schedule_time", table_name="medications")
     op.drop_index("ix_medications_host_id", table_name="medications")
     op.drop_table("medications")

apps/api/src/admin/model.py

@@ -0,0 +1,53 @@
+"""Admin domain models."""
+
+import uuid
+from datetime import datetime
+from typing import Any
+
+from sqlalchemy import DateTime, Index, String, Text, func, text
+from sqlalchemy.dialects.postgresql import JSONB, UUID
+from sqlalchemy.orm import Mapped, mapped_column
+
+from src.common.models.base import UUIDMixin
+from src.lib.database import Base
+
+
+class AuditLog(Base, UUIDMixin):
+    """Immutable record of administrative actions."""
+
+    __tablename__ = "audit_logs"
+    __table_args__ = (
+        Index("ix_audit_logs_actor_id", "actor_id"),
+        Index("ix_audit_logs_timestamp", "timestamp"),
+    )
+
+    actor_id: Mapped[uuid.UUID | None] = mapped_column(
+        UUID(as_uuid=True),
+        nullable=True,
+        comment="User or service that performed the action",
+    )
+    action: Mapped[str] = mapped_column(
+        String(100),
+        nullable=False,
+        comment="e.g. cleanup, deactivate_tokens",
+    )
+    resource_type: Mapped[str] = mapped_column(
+        String(100),
+        nullable=False,
+        comment="e.g. wellness_logs, device_tokens",
+    )
+    detail: Mapped[dict[str, Any]] = mapped_column(
+        JSONB,
+        nullable=False,
+        default=dict,
+        server_default=text("'{}'::jsonb"),
+    )
+    description: Mapped[str | None] = mapped_column(
+        Text,
+        nullable=True,
+    )
+    timestamp: Mapped[datetime] = mapped_column(
+        DateTime(timezone=True),
+        server_default=func.now(),
+        nullable=False,
+    )

apps/api/src/admin/repository.py

@@ -8,6 +8,7 @@
 from sqlalchemy import Row, delete, func, select, update
 from sqlalchemy.ext.asyncio import AsyncSession
 
+from src.admin.model import AuditLog
 from src.notifications.model import DeviceToken
 from src.relations.model import CareRelation
 from src.wellness.model import WellnessLog
@@ -92,3 +93,28 @@ async def aggregate_wellness(
     )
     result = await db.execute(stmt)
     return dict(result.all())  # type: ignore[arg-type]
+
+
+async def create_audit_log(db: AsyncSession, audit_log: AuditLog) -> AuditLog:
+    """Persist an audit log entry."""
+    db.add(audit_log)
+    await db.flush()
+    await db.refresh(audit_log)
+    return audit_log
+
+
+async def find_audit_logs(
+    db: AsyncSession,
+    *,
+    limit: int = 50,
+    offset: int = 0,
+) -> tuple[list[AuditLog], int]:
+    """List audit logs (newest first) with total count."""
+    base = select(AuditLog)
+    count_result = await db.execute(select(func.count()).select_from(base.subquery()))
+    total = count_result.scalar_one()
+
+    rows = await db.execute(
+        base.order_by(AuditLog.timestamp.desc()).limit(limit).offset(offset)
+    )
+    return list(rows.scalars().all()), total

apps/api/src/admin/router.py

@@ -1,16 +1,21 @@
 """Admin endpoints for internal service-to-service calls."""
 
+from typing import Any
 from uuid import UUID
 
 from fastapi import APIRouter, Query
 
 from src.admin import service
 from src.admin.schemas import (
+    AuditLogResponse,
     CleanupRequest,
     CleanupResponse,
     InactiveRelationResponse,
+    TokenDeactivateRequest,
+    TokenDeactivateResponse,
     WellnessAggregateResponse,
 )
+from src.common.models import PaginatedResponse, PaginationParams
 from src.lib.dependencies import DBSession
 from src.lib.internal_auth import InternalAuth
 
@@ -55,3 +60,53 @@ async def wellness_aggregate(
 ) -> WellnessAggregateResponse:
     """Get daily wellness statistics for a host."""
     return await service.get_wellness_aggregate(db, host_id, date)
+
+
+@router.post(
+    "/tokens/deactivate",
+    response_model=TokenDeactivateResponse,
+    dependencies=[InternalAuth],
+)
+async def deactivate_tokens(
+    payload: TokenDeactivateRequest,
+    db: DBSession,
+) -> TokenDeactivateResponse:
+    """Deactivate failed FCM tokens reported by the worker."""
+    count = await service.deactivate_failed_tokens(db, payload.tokens)
+    return TokenDeactivateResponse(deactivated_count=count)
+
+
+@router.get(
+    "/audit-logs",
+    response_model=PaginatedResponse[AuditLogResponse],
+    dependencies=[InternalAuth],
+)
+async def list_audit_logs(
+    db: DBSession,
+    page: int = Query(default=1, ge=1),
+    limit: int = Query(default=50, ge=1, le=100),
+) -> PaginatedResponse[AuditLogResponse]:
+    """List audit log entries (paginated, newest first)."""
+    params = PaginationParams(page=page, limit=limit)
+    logs, total = await service.list_audit_logs(
+        db, limit=params.limit, offset=params.offset
+    )
+    data = [AuditLogResponse.model_validate(lg) for lg in logs]
+    return PaginatedResponse[AuditLogResponse].create(
+        data=data,
+        total=total,
+        page=params.page,
+        limit=params.limit,
+    )
+
+
+@router.get(
+    "/export/{user_id}",
+    dependencies=[InternalAuth],
+)
+async def export_user_data(
+    user_id: UUID,
+    db: DBSession,
+) -> dict[str, Any]:
+    """Export all data for a user (GDPR compliance)."""
+    return await service.export_user_data(db, user_id)

apps/api/src/admin/schemas.py

@@ -30,3 +30,23 @@ class WellnessAggregateResponse(BaseModel):
     date: str
     total_logs: int
     by_status: dict[str, int]
+
+
+class TokenDeactivateRequest(BaseModel):
+    tokens: list[str]
+
+
+class TokenDeactivateResponse(BaseModel):
+    deactivated_count: int
+
+
+class AuditLogResponse(BaseModel):
+    id: uuid.UUID
+    actor_id: uuid.UUID | None
+    action: str
+    resource_type: str
+    detail: dict[str, object]
+    description: str | None
+    timestamp: datetime
+
+    model_config = {"from_attributes": True}