openpredictionmarkets
diff --git a/‎.gitignore‎
Lines changed: 3 additions & 0 deletions b/‎.gitignore‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎backend/handlers/users/changepassword.go‎
Lines changed: 17 additions & 2 deletions b/‎backend/handlers/users/changepassword.go‎
Lines changed: 17 additions & 2 deletions
diff --git a/‎backend/handlers/users/changepassword_test.go‎
Lines changed: 5 additions & 5 deletions b/‎backend/handlers/users/changepassword_test.go‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎backend/logger/README_SIMPLELOGGING.md‎
Lines changed: 77 additions & 0 deletions b/‎backend/logger/README_SIMPLELOGGING.md‎
Lines changed: 77 additions & 0 deletions
diff --git a/‎backend/logger/simplelogging.go‎
Lines changed: 74 additions & 0 deletions b/‎backend/logger/simplelogging.go‎
Lines changed: 74 additions & 0 deletions
@@ -40,6 +40,9 @@ go.work
 # Keys
 .playground_key_pointer
 
+# Local temporary files
+tmp/
+
 # JetBrains files
 /.idea
 
 
@@ -3,9 +3,12 @@ package usershandlers
 import (
 	"encoding/json"
 	"net/http"
+	"socialpredict/logger"
 	"socialpredict/middleware"
 	"socialpredict/security"
 	"socialpredict/util"
+
+	"fmt"
 )
 
 type ChangePasswordRequest struct {
@@ -19,48 +22,58 @@ func ChangePassword(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	logger.LogInfo("ChangePassword", "ChangePassword", "ChangePassword handler called")
+
 	// Initialize security service
 	securityService := security.NewSecurityService()
 
 	db := util.GetDB()
 	user, httperr := middleware.ValidateTokenAndGetUser(r, db)
 	if httperr != nil {
 		http.Error(w, "Invalid token: "+httperr.Error(), http.StatusUnauthorized)
+		logger.LogError("ChangePassword", "ValidateTokenAndGetUser", httperr)
 		return
 	}
 
 	var req ChangePasswordRequest
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
 		http.Error(w, "Error decoding request body", http.StatusBadRequest)
+		logger.LogError("ChangePassword", "DecodeRequestBody", err)
 		return
 	}
 
 	// Validate input fields
 	if req.CurrentPassword == "" {
 		http.Error(w, "Current password is required", http.StatusBadRequest)
+		logger.LogError("ChangePassword", "ValidateInputFields", fmt.Errorf("Current password is required"))
 		return
 	}
 
 	if req.NewPassword == "" {
 		http.Error(w, "New password is required", http.StatusBadRequest)
+		logger.LogError("ChangePassword", "ValidateInputFields", fmt.Errorf("New password is required"))
 		return
 	}
 
 	// Check if the current password is correct
 	if !user.CheckPasswordHash(req.CurrentPassword) {
 		http.Error(w, "Current password is incorrect", http.StatusUnauthorized)
+		logger.LogError("ChangePassword", "CheckPasswordHash", fmt.Errorf("Current password is incorrect"))
 		return
 	}
 
 	// Validate new password strength
-	if err := securityService.Sanitizer.SanitizePassword(req.NewPassword); err != nil {
-		http.Error(w, "New password does not meet security requirements: "+err.Error(), http.StatusBadRequest)
+	if _, err := securityService.Sanitizer.SanitizePassword(req.NewPassword); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		// http.Error(w, "New password does not meet security requirements: "+err.Error(), http.StatusBadRequest)
+		logger.LogError("ChangePassword", "ValidateNewPasswordStrength", err)
 		return
 	}
 
 	// Hash the new password
 	if err := user.HashPassword(req.NewPassword); err != nil {
 		http.Error(w, "Failed to hash new password", http.StatusInternalServerError)
+		logger.LogError("ChangePassword", "HashNewPassword", err)
 		return
 	}
 
@@ -70,10 +83,12 @@ func ChangePassword(w http.ResponseWriter, r *http.Request) {
 	// Update the password and MustChangePassword in the database
 	if result := db.Save(&user); result.Error != nil {
 		http.Error(w, "Failed to update password", http.StatusInternalServerError)
+		logger.LogError("ChangePassword", "UpdatePasswordInDB", result.Error)
 		return
 	}
 
 	// Send a success response
 	w.WriteHeader(http.StatusOK)
 	w.Write([]byte("Password changed successfully"))
+	logger.LogInfo("ChangePassword", "ChangePassword", "Password changed successfully for user "+user.Username)
 }
@@ -77,7 +77,7 @@ func TestPasswordValidation(t *testing.T) {
 
 			// Test password strength validation
 			securityService := security.NewSecurityService()
-			err := securityService.Sanitizer.SanitizePassword(tt.newPass)
+			_, err := securityService.Sanitizer.SanitizePassword(tt.newPass)
 
 			if tt.expectedValid {
 				if err != nil {
@@ -151,7 +151,7 @@ func TestPasswordStrengthRequirements(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			err := securityService.Sanitizer.SanitizePassword(tt.password)
+			_, err := securityService.Sanitizer.SanitizePassword(tt.password)
 
 			if tt.shouldPass {
 				if err != nil {
@@ -186,7 +186,7 @@ func TestPasswordSecurityFeatures(t *testing.T) {
 			testName = testName[:10]
 		}
 		t.Run("Security_Test_"+testName, func(t *testing.T) {
-			err := securityService.Sanitizer.SanitizePassword(maliciousPass)
+			_, err := securityService.Sanitizer.SanitizePassword(maliciousPass)
 
 			// These should either be rejected for weakness or pass sanitization
 			// The key is that they shouldn't cause any security issues
@@ -235,7 +235,7 @@ func TestPasswordLengthValidation(t *testing.T) {
 				password = "A" + "a" + "1" + strings.Repeat("x", remainingLength)
 			}
 
-			err := securityService.Sanitizer.SanitizePassword(password)
+			_, err := securityService.Sanitizer.SanitizePassword(password)
 
 			if tt.shouldPass {
 				if err != nil && strings.Contains(err.Error(), "length") {
@@ -287,7 +287,7 @@ func TestPasswordComplexityPatterns(t *testing.T) {
 
 	for _, pattern := range patterns {
 		t.Run(pattern.name, func(t *testing.T) {
-			err := securityService.Sanitizer.SanitizePassword(pattern.password)
+			_, err := securityService.Sanitizer.SanitizePassword(pattern.password)
 
 			if pattern.shouldPass {
 				if err != nil {
 
@@ -0,0 +1,77 @@
+### SocialPredict Logging — simplelogging.go Conventions & Usage Overview
+
+Purpose: provide consistent INFO, WARN, and ERROR lines that include the original caller’s file:line plus your message.
+
+Output format (stdout): YYYY/MM/DD HH:MM:SS LEVEL file.go:line logger.(*CustomLogger).Level() - Context - Function: Message
+
+Where to view (Docker): run and watch backend logs
+docker logs -f socialpredict-backend-container
+
+Current Logger with levels: (backend/logger/simplelogging.go)
+
+```
+// LogInfo is a convenience function to log informational messages with context.
+func LogInfo(context, function, message string) {
+logger := NewCustomLogger(os.Stdout, "", log.LstdFlags)
+logger.Info(fmt.Sprintf("%s - %s: %s", context, function, message))
+}
+
+// LogWarn is a convenience function to log warning messages with context.
+func LogWarn(context, function, message string) {
+logger := NewCustomLogger(os.Stdout, "", log.LstdFlags)
+logger.Warn(fmt.Sprintf("%s - %s: %s", context, function, message))
+}
+
+// LogError is a convenience function to log errors with context.
+func LogError(context, function string, err error) {
+logger := NewCustomLogger(os.Stdout, "", log.LstdFlags)
+logger.Error(fmt.Sprintf("%s - %s: %v", context, function, err))
+}
+```
+
+#### Usage in code (handlers or core)
+
+```
+Import the logger package
+import "socialpredict/logger"
+
+Log at key points in your function
+
+logger.LogInfo("ChangePassword", "ChangePassword", "ChangePassword handler called")
+
+securityService := security.NewSecurityService()
+db := util.GetDB()
+
+user, httperr := middleware.ValidateTokenAndGetUser(r, db)
+if httperr != nil {
+http.Error(w, "Invalid token: "+httperr.Error(), http.StatusUnauthorized)
+logger.LogError("ChangePassword", "ValidateTokenAndGetUser", httperr)
+return
+}
+
+if _, err := securityService.Sanitizer.SanitizePassword(req.NewPassword); err != nil {
+http.Error(w, err.Error(), http.StatusBadRequest)
+logger.LogError("ChangePassword", "ValidateNewPasswordStrength", err)
+return
+}
+```
+
+#### Conventions for message content
+
+Format: Context - Function: Message
+
+Context examples: ChangePassword, BuyPosition, ResolveMarket
+
+Function examples: DecodeRequestBody, ValidateInputFields, UpdatePasswordInDB
+
+Message: concise, human-readable, and safe
+
+Do not include passwords, raw tokens, or full request bodies
+
+Example outputs
+
+```
+2025/10/06 11:36:13 INFO changepassword.go:25 logger.(*CustomLogger).Info() - ChangePassword - ChangePassword: ChangePassword handler called
+
+2025/10/06 11:36:13 ERROR changepassword.go:54 logger.(*CustomLogger).Error() - ChangePassword - ValidateInputFields: New password is required
+```
@@ -0,0 +1,74 @@
+package logger
+
+import (
+	"fmt"
+	"log"
+	"os"
+	"path"
+	"runtime"
+)
+
+// CustomLogger provides logging with enhanced details.
+type CustomLogger struct {
+	logger *log.Logger
+}
+
+// NewCustomLogger creates a new CustomLogger instance.
+func NewCustomLogger(output *os.File, prefix string, flags int) *CustomLogger {
+	return &CustomLogger{
+		logger: log.New(output, prefix, flags),
+	}
+}
+
+// Info logs an informational message with caller details.
+func (l *CustomLogger) Info(message string) {
+	l.logWithCaller("INFO", message)
+}
+
+// Warn logs a warning message with caller details.
+func (l *CustomLogger) Warn(message string) {
+	l.logWithCaller("WARN", message)
+}
+
+// Error logs an error message with caller details.
+func (l *CustomLogger) Error(message string) {
+	l.logWithCaller("ERROR", message)
+}
+
+// logWithCaller retrieves caller information and logs the message.
+func (l *CustomLogger) logWithCaller(level, message string) {
+	_, file, line, ok := runtime.Caller(3) // Caller(3) gets the caller of the Info/Error method
+	if !ok {
+		file = "???"
+		line = 0
+	}
+	funcName := "???"
+	pc, _, _, ok := runtime.Caller(1) // Caller(1) gets the immediate caller of logWithCaller
+	if ok {
+		fn := runtime.FuncForPC(pc)
+		if fn != nil {
+			funcName = fn.Name()
+		}
+	}
+
+	formattedMessage := fmt.Sprintf("%s %s:%d %s() - %s", level, path.Base(file), line, path.Base(funcName), message)
+	l.logger.Println(formattedMessage)
+}
+
+// LogInfo is a convenience function to log informational messages with context.
+func LogInfo(context, function, message string) {
+	logger := NewCustomLogger(os.Stdout, "", log.LstdFlags)
+	logger.Info(fmt.Sprintf("%s - %s: %s", context, function, message))
+}
+
+// LogWarn is a convenience function to log warning messages with context.
+func LogWarn(context, function, message string) {
+	logger := NewCustomLogger(os.Stdout, "", log.LstdFlags)
+	logger.Warn(fmt.Sprintf("%s - %s: %s", context, function, message))
+}
+
+// LogError is a convenience function to log errors with context.
+func LogError(context, function string, err error) {
+	logger := NewCustomLogger(os.Stdout, "", log.LstdFlags)
+	logger.Error(fmt.Sprintf("%s - %s: %v", context, function, err))
+}