From f21d469e1419c716cd7d89658c4f8d36fe271ba9 Mon Sep 17 00:00:00 2001
From: Robby Zambito <contact@robbyzambito.me>
Date: Wed, 6 Aug 2025 01:35:37 -0400
Subject: Log login attempts

---
 main.go                | 38 +++++++++++++++++++++++++++++++++++---
 static/login-script.js |  2 +-
 2 files changed, 36 insertions(+), 4 deletions(-)

diff --git a/main.go b/main.go
index 6322884..a62898a 100644
--- a/main.go
+++ b/main.go
@@ -3,6 +3,7 @@ package main
 import (
 	"encoding/json"
 	"fmt"
+	"io"
 	"net"
 	"net/http"
 	"regexp"
@@ -19,6 +20,14 @@ type accessLog struct {
 	HttpMethod    string    `json:"httpMethod"`
 }
 
+type loginAttemptLog struct {
+	Email      string    `json:"email"`
+	Password   string    `json:"password"`
+	LoginTime  time.Time `json:"loginTime"`
+	Success    bool      `json:"success"`
+	RememberMe bool      `json:"rememberMe"`
+}
+
 func main() {
 	fs := http.FileServer(http.Dir("static"))
 
@@ -33,15 +42,38 @@ func main() {
 			RequestTime:   time.Now().UTC(),
 			HttpMethod:    r.Method,
 		})
-		addRotLog(&logs, &n, fmt.Sprintf("%s", string(jsonData)))
+		addRotLog(&logs, &n, string(jsonData))
 		// Serve the index.html file from the static directory
 		http.StripPrefix("/", fs).ServeHTTP(w, r)
 	})
 
 	http.HandleFunc("/logs", createGetLogs(&logs))
 
-	http.HandleFunc("/foo", func(w http.ResponseWriter, r *http.Request) {
-		fmt.Fprintf(w, "foo!")
+	http.HandleFunc("/v1/auth/login", func(w http.ResponseWriter, r *http.Request) {
+		var data map[string]any
+		body, _ := io.ReadAll(r.Body)
+		defer r.Body.Close()
+		err := json.Unmarshal([]byte(body), &data)
+		if err != nil {
+			http.Error(w, "Bad request", http.StatusBadRequest)
+			return
+		}
+
+		if email, ok := data["email"].(string); ok {
+			if rememberMe, ok := data["rememberMe"].(bool); ok {
+				jsonData, _ := json.Marshal(loginAttemptLog{
+					Email:      email,
+					Password:   "XXXXXXXX",
+					LoginTime:  time.Now().UTC(),
+					Success:    false,
+					RememberMe: rememberMe,
+				})
+
+				addRotLog(&logs, &n, string(jsonData))
+				http.Error(w, "Forbidden", http.StatusForbidden)
+			}
+		}
+
 	})
 
 	// Start the server on port 8080
diff --git a/static/login-script.js b/static/login-script.js
index da69c7b..e5250bf 100644
--- a/static/login-script.js
+++ b/static/login-script.js
@@ -12,7 +12,7 @@ const passwordError = document.getElementById('passwordError');
 const generalError = document.getElementById('generalError');
 
 // API Configuration
-const API_BASE_URL = 'https://api.taskflow.com/v1';
+const API_BASE_URL = '/v1';
 const LOGIN_ENDPOINT = `${API_BASE_URL}/auth/login`;
 
 // Password visibility toggle
-- 
cgit