# Logging Audit - 20251123-104211
== Sensitive Data in Logs ==
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:128:		log.Printf("SECURITY: IP/email %s locked out after %d failed attempts", key, info.count)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:343:	http.HandleFunc("/login-email-password", handleLoginEmailPassword)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:421:		log.Println("WARNING: JWT_SECRET is less than 64 characters. Consider using a longer secret for production.")
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:850:		log.Printf("SECURITY: Failed login attempt for email %s from IP %s (wrong password)", req.Email, clientIP)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:862:		log.Printf("Error generating token pair: %v", err)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:926:		log.Printf("Error generating token pair: %v", err)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:960:		log.Printf("SECURITY: Invalid refresh token attempt from IP %s: %v", clientIP, err)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:967:		log.Printf("Warning: Failed to revoke old refresh token: %v", err)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:973:		log.Printf("Error generating token pair during refresh: %v", err)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1008:		log.Printf("SECURITY: Logout with invalid token from IP %s", clientIP)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1016:		log.Printf("Error revoking refresh token: %v", err)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1039:		log.Printf("Error revoking all refresh tokens for user %d: %v", userID, err)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1433:	log.Printf("AUDIT: Refresh token created for user_id %d from IP %s, expires %s",
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1490:	log.Printf("AUDIT: Revoked %d refresh tokens for user_id %d", rowsAffected, userID)

== PII in Logs ==
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:44:// rateLimiter tracks login attempts per IP/email
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:128:		log.Printf("SECURITY: IP/email %s locked out after %d failed attempts", key, info.count)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:343:	http.HandleFunc("/login-email-password", handleLoginEmailPassword)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:839:		log.Printf("SECURITY: Failed login attempt for email %s from IP %s (user not found)", req.Email, clientIP)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:850:		log.Printf("SECURITY: Failed login attempt for email %s from IP %s (wrong password)", req.Email, clientIP)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:896:		log.Printf("SECURITY: Failed blockchain login for address %s from IP %s (invalid signature)", req.Address, clientIP)
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:911:		log.Printf("SECURITY: Failed blockchain login for address %s from IP %s (not registered)", req.Address, clientIP)

== Structured Logging ==
206
 unstructured log calls found (consider structured logging)