30 lines
3.7 KiB
Plaintext
30 lines
3.7 KiB
Plaintext
# Logging Audit - 20251123-104211
|
|
== Sensitive Data in Logs ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:128: log.Printf("SECURITY: IP/email %s locked out after %d failed attempts", key, info.count)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:343: http.HandleFunc("/login-email-password", handleLoginEmailPassword)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:421: log.Println("WARNING: JWT_SECRET is less than 64 characters. Consider using a longer secret for production.")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:850: log.Printf("SECURITY: Failed login attempt for email %s from IP %s (wrong password)", req.Email, clientIP)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:862: log.Printf("Error generating token pair: %v", err)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:926: log.Printf("Error generating token pair: %v", err)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:960: log.Printf("SECURITY: Invalid refresh token attempt from IP %s: %v", clientIP, err)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:967: log.Printf("Warning: Failed to revoke old refresh token: %v", err)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:973: log.Printf("Error generating token pair during refresh: %v", err)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1008: log.Printf("SECURITY: Logout with invalid token from IP %s", clientIP)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1016: log.Printf("Error revoking refresh token: %v", err)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1039: log.Printf("Error revoking all refresh tokens for user %d: %v", userID, err)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1433: log.Printf("AUDIT: Refresh token created for user_id %d from IP %s, expires %s",
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1490: log.Printf("AUDIT: Revoked %d refresh tokens for user_id %d", rowsAffected, userID)
|
|
|
|
== PII in Logs ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:44:// rateLimiter tracks login attempts per IP/email
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:128: log.Printf("SECURITY: IP/email %s locked out after %d failed attempts", key, info.count)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:343: http.HandleFunc("/login-email-password", handleLoginEmailPassword)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:839: log.Printf("SECURITY: Failed login attempt for email %s from IP %s (user not found)", req.Email, clientIP)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:850: log.Printf("SECURITY: Failed login attempt for email %s from IP %s (wrong password)", req.Email, clientIP)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:896: log.Printf("SECURITY: Failed blockchain login for address %s from IP %s (invalid signature)", req.Address, clientIP)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:911: log.Printf("SECURITY: Failed blockchain login for address %s from IP %s (not registered)", req.Address, clientIP)
|
|
|
|
== Structured Logging ==
|
|
206
|
|
unstructured log calls found (consider structured logging)
|