commit c24a6a6b95cf35544c73fd269a982157cd4ff35f
from: Stefan Sperling <stsp@stsp.name>
date: Fri Aug 29 15:41:38 2025 UTC

log sucessful login attempts with UID and server name

commit - 053e042b6deee862dcf67bf28bd8f94d8c7c030c
commit + c24a6a6b95cf35544c73fd269a982157cd4ff35f
blob - c33dc588be57047bdc629683bd08c0bdd6caa09c
blob + e33dd09dcf418618e4706f5b7040bc8b55d78821
--- gotwebd/login.c
+++ gotwebd/login.c
@@ -222,11 +222,10 @@ do_login(struct request *c)
 {
 	struct querystring *qs = c->t->qs;
 	int r;
+	uid_t uid;
+	char *hostname = NULL;
 
-	if (gotwebd_env->gotwebd_verbose > 0)
-		log_info("processing login: code='%s'", qs->login);
-
-	if (auth_check_token(NULL, NULL, qs->login, auth_token_secret,
+	if (auth_check_token(&uid, &hostname, qs->login, auth_token_secret,
 	    sizeof(auth_token_secret)) == -1) {
 		log_warnx("invalid code for login");
 		if (gotweb_reply(c, 401, "text/html", NULL) == -1)
@@ -235,6 +234,13 @@ do_login(struct request *c)
 		    gotweb_render_unauthorized);
 	}
 
+	if (gotwebd_env->gotwebd_verbose > 0) {
+		log_info("successful login of uid %u for server \"%s\"",
+		    uid, hostname);
+	}
+	free(hostname);
+	hostname = NULL;
+
 	/*
 	 * Set cookie -- if not Expire param is given, it becomes a
 	 * "session" cookie which should be cleared when the browser