# Logging Audit - 20251123-092507
== Sensitive Data in Logs ==
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:118:		log.Printf("SECURITY: IP/email %s locked out after %d failed attempts", key, info.count)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:315:	http.HandleFunc("/login-email-password", handleLoginEmailPassword)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:364:		log.Println("WARNING: JWT_SECRET is less than 64 characters. Consider using a longer secret for production.")
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:787:		log.Printf("SECURITY: Failed login attempt for email %s from IP %s (wrong password)", req.Email, clientIP)

== PII in Logs ==
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:34:// rateLimiter tracks login attempts per IP/email
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:118:		log.Printf("SECURITY: IP/email %s locked out after %d failed attempts", key, info.count)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:315:	http.HandleFunc("/login-email-password", handleLoginEmailPassword)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:776:		log.Printf("SECURITY: Failed login attempt for email %s from IP %s (user not found)", req.Email, clientIP)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:787:		log.Printf("SECURITY: Failed login attempt for email %s from IP %s (wrong password)", req.Email, clientIP)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:831:		log.Printf("SECURITY: Failed blockchain login for address %s from IP %s (invalid signature)", req.Address, clientIP)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:846:		log.Printf("SECURITY: Failed blockchain login for address %s from IP %s (not registered)", req.Address, clientIP)

== Structured Logging ==
168
 unstructured log calls found (consider structured logging)