mbkauthe 4.9.0 → 5.0.0

package/lib/middleware/scopeValidator.js

@@ -13,8 +13,13 @@ import { ErrorCodes, createErrorResponse } from '../utils/errors.js';
 export function validateTokenScope(req, res, next) {
   // Only validate for API token requests (not cookie-based sessions)
   // Check if this request was authenticated via API token
-  if (req.session?.user?.sessionId === 'api-token-session' && req.session?.user?.tokenScope) {
-    const tokenScope = req.session.user.tokenScope;
+  const tokenScope = req.auth?.type === 'api-token'
+    ? req.auth.tokenScope
+    : req.session?.user?.sessionId === 'api-token-session'
+      ? req.session.user.tokenScope
+      : null;
+
+  if (tokenScope) {
     const requestMethod = req.method;
     
     // Check if scope allows this HTTP method
@@ -29,4 +34,4 @@ export function validateTokenScope(req, res, next) {
   }
   
   next();
-}
+}

package/lib/pool.js

@@ -9,12 +9,11 @@ export { runWithRequestContext, getRequestContext };
 
 const poolConfig = {
   connectionString: mbkautheVar.LOGIN_DB,
-  ssl: {
-    rejectUnauthorized: true,
-  },
-  max: 3,
-  idleTimeoutMillis: 10000,
-  connectionTimeoutMillis: 10000,
+  ssl: { rejectUnauthorized: true },
+  max: 10,
+  idleTimeoutMillis: 30000,
+  connectionTimeoutMillis: 5000,
+  application_name: `${mbkautheVar.APP_NAME}-mbkauthe-app`,
 };
 
 export const dblogin = new Pool(poolConfig);

package/lib/routes/auth.js

@@ -12,12 +12,14 @@ import {
   encryptSessionId
 } from "#cookies.js";
 import { packageJson } from "#config.js";
-import { hashPassword, hashApiToken } from "#config.js";
+import { hashPassword } from "#config.js";
 import { ErrorCodes, createErrorResponse, logError } from "../utils/errors.js";
 import { AuthRepository } from "../db/AuthRepository.js";
+import { createLogger } from "../utils/logger.js";
 
 const router = express.Router();
 const authRepo = new AuthRepository({ db: dblogin });
+const logAuth = createLogger("auth");
 
 // Helper function to clear profile picture cache
 function clearProfilePicCache(req, username) {
@@ -113,7 +115,7 @@ export async function checkTrustedDevice(req, username) {
     if (deviceUser) {
 
       if (!deviceUser.Active) {
-        console.log(`[mbkauthe] Trusted device check: inactive account for username: ${username}`);
+        logAuth(`Trusted device check: inactive account for username: ${username}`);
         return null;
       }
 
@@ -125,7 +127,7 @@ export async function checkTrustedDevice(req, username) {
         }
       }
 
-      console.log(`[mbkauthe] Trusted device validated for user: ${username}`);
+      logAuth(`Trusted device validated for user: ${username}`);
       return {
         id: deviceUser.id,
         username: username,
@@ -173,11 +175,11 @@ export async function completeLoginProcess(req, res, user, redirectUrl = null, t
     let dbSessionId;
     try {
       await authRepo.withTransaction(async (txRepo) => {
-        await txRepo.lockTable("Sessions", "SHARE ROW EXCLUSIVE");
+        await txRepo.advisoryTransactionLock(`sessions:${username}`, "lock-user-sessions");
         const currentSessions = await txRepo.cleanupAndCountUserSessions(username);
         if (currentSessions >= MAX_SESSIONS) {
           const sessionsToDelete = currentSessions - MAX_SESSIONS + 1; // +1 to make room for new session
-          console.log(`[mbkauthe] User "${username}" has ${currentSessions} active sessions, exceeding max of ${MAX_SESSIONS}. Deleting ${sessionsToDelete} oldest sessions.`);
+          logAuth(`User "${username}" has ${currentSessions} active sessions, exceeding max of ${MAX_SESSIONS}. Deleting ${sessionsToDelete} oldest sessions.`);
 
           await txRepo.deleteOldestSessionsForUser(username, sessionsToDelete, "prune-oldest-user-session");
         }
@@ -297,14 +299,14 @@ export async function completeLoginProcess(req, res, user, redirectUrl = null, t
 
           // Send raw token to client as httpOnly cookie only
           res.cookie("device_token", deviceToken, getDeviceTokenCookieOptions());
-          console.log(`[mbkauthe] Trusted device token created for user: ${username}`);
+          logAuth(`Trusted device token created for user: ${username}`);
         } catch (deviceErr) {
           console.error(`[mbkauthe] Error creating trusted device:`, deviceErr);
           // Continue with login even if device trust fails
         }
       }
 
-      console.log(`[mbkauthe] User "${username}" logged in successfully (last_login updated)`);
+      logAuth(`User "${username}" logged in successfully (last_login updated)`);
 
       const responsePayload = {
         success: true,
@@ -326,7 +328,7 @@ export async function completeLoginProcess(req, res, user, redirectUrl = null, t
 
 // POST /mbkauthe/api/login
 router.post("/api/login", LoginLimit, async (req, res) => {
-  console.log(`[mbkauthe] Login request received`);
+  logAuth(`Login request received`);
 
   const { username, password, redirect } = req.body;
 
@@ -356,7 +358,7 @@ router.post("/api/login", LoginLimit, async (req, res) => {
     );
   }
 
-  console.log(`[mbkauthe] Login attempt for username: ${username.trim()}`);
+  logAuth(`Login attempt for username: ${username.trim()}`);
 
   const trimmedUsername = username.trim();
 
@@ -413,7 +415,7 @@ router.post("/api/login", LoginLimit, async (req, res) => {
     // Check for trusted device AFTER password validation
     const trustedDeviceUser = await checkTrustedDevice(req, trimmedUsername);
     if (trustedDeviceUser && (mbkautheVar.MBKAUTH_TWO_FA_ENABLE || "").toLocaleLowerCase() === "true" && user.TwoFAStatus) {
-      console.log(`[mbkauthe] Trusted device login for user: ${trimmedUsername}, skipping 2FA only`);
+      logAuth(`Trusted device login for user: ${trimmedUsername}, skipping 2FA only`);
 
       const userForSession = {
         id: user.id,
@@ -435,7 +437,7 @@ router.post("/api/login", LoginLimit, async (req, res) => {
         allowedApps: user.AllowedApps,
         redirectUrl: requestedRedirect
       };
-      console.log(`[mbkauthe] 2FA required for user: ${trimmedUsername}`);
+      logAuth(`2FA required for user: ${trimmedUsername}`);
       return res.json({ success: true, twoFactorRequired: true, redirectUrl: requestedRedirect });
     }
 
@@ -592,7 +594,7 @@ router.post("/api/logout", LogoutLimit, async (req, res) => {
 
         clearSessionCookies(res);
 
-        console.log(`[mbkauthe] User "${username}" logged out successfully`);
+        logAuth(`User "${username}" logged out successfully`);
         res.status(200).json({ success: true, message: "Logout successful" });
       });
     } catch (err) {
@@ -611,50 +613,52 @@ router.get("/api/account-sessions", LoginLimit, async (req, res) => {
     return res.json({ accounts: [], currentSessionId: req.session?.user?.sessionId || null });
   }
 
-  const validated = [];
   const currentSessionId = req.session?.user?.sessionId || null;
 
+  const validAccountEntries = [];
   for (const acct of storedAccounts) {
     if (!isUuid(acct.sessionId)) {
       removeAccountFromCookie(req, res, acct.sessionId);
       continue;
     }
+    validAccountEntries.push(acct);
+  }
 
-    try {
-      const row = await fetchActiveSession(acct.sessionId);
-      if (!row) {
+  const sessionIds = validAccountEntries.map((acct) => acct.sessionId);
+
+  try {
+    const sessionRows = await authRepo.getSessionsWithUsersByIds(sessionIds, "multi-session-fetch-many");
+    const sessionMap = new Map(sessionRows.map((row) => [row.sid, row]));
+    const validated = [];
+
+    for (const acct of validAccountEntries) {
+      const row = sessionMap.get(acct.sessionId);
+      const expired = row?.expires_at && new Date(row.expires_at) <= new Date();
+      const authorized = row && row.Active && (
+        row.Role === "SuperAdmin" ||
+        (Array.isArray(row.AllowedApps) && row.AllowedApps.some(app => app && app.toLowerCase() === mbkautheVar.APP_NAME.toLowerCase()))
+      );
+
+      if (!row || expired || !authorized) {
         await invalidateDbSession(acct.sessionId);
         removeAccountFromCookie(req, res, acct.sessionId);
         continue;
       }
 
-      let fullName = acct.fullName || acct.username;
-      let image = acct.image || null;
-      if (!acct.fullName || !acct.image) {
-        try {
-          const prof = await authRepo.getUserProfileByUsername(row.UserName, "multi-session-fullname-image");
-          if (prof) {
-            if (!acct.fullName && prof.FullName) fullName = prof.FullName;
-            if (!acct.image && prof.Image && prof.Image.trim() !== '') image = prof.Image;
-          }
-        } catch (profileErr) {
-          console.error(`[mbkauthe] Error fetching fullname/image for account list:`, profileErr);
-        }
-      }
-
       validated.push({
         sessionId: row.sid,
         username: row.UserName,
-        fullName,
-        image,
+        fullName: acct.fullName || row.FullName || acct.username || row.UserName,
+        image: acct.image || (typeof row.Image === 'string' && row.Image.trim() !== '' ? row.Image : null),
         isCurrent: currentSessionId && row.sid === currentSessionId
       });
-    } catch (err) {
-      console.error(`[mbkauthe] Error validating remembered account:`, err);
     }
-  }
 
-  return res.json({ accounts: validated, currentSessionId });
+    return res.json({ accounts: validated, currentSessionId });
+  } catch (err) {
+    console.error(`[mbkauthe] Error validating remembered accounts:`, err);
+    return res.status(500).json(createErrorResponse(500, ErrorCodes.INTERNAL_SERVER_ERROR));
+  }
 });
 
 // Switch active session to another remembered account
@@ -679,17 +683,8 @@ router.post("/api/switch-session", LoginLimit, async (req, res) => {
       return res.status(401).json(createErrorResponse(401, ErrorCodes.SESSION_EXPIRED));
     }
 
-    let fullName = row.UserName;
-    let switchProfileImage = null;
-    try {
-      const prof = await authRepo.getUserProfileByUsername(row.UserName, "multi-session-switch-fullname-image");
-      if (prof) {
-        if (prof.FullName) fullName = prof.FullName;
-        if (prof.Image && prof.Image.trim() !== '') switchProfileImage = prof.Image;
-      }
-    } catch (profileErr) {
-      console.error(`[mbkauthe] Error fetching fullname/image during switch:`, profileErr);
-    }
+    const fullName = row.FullName || row.UserName;
+    const switchProfileImage = typeof row.Image === 'string' && row.Image.trim() !== '' ? row.Image : null;
 
     // Regenerate session to avoid fixation
     await new Promise((resolve, reject) => {

package/lib/routes/dbLogs.js

@@ -1,15 +1,213 @@
 import express from "express";
+import rateLimit from "express-rate-limit";
 import { renderError } from "#response.js";
 import { dblogin } from "#pool.js";
 import { getQueryCount, getQueryLog, resetQueryCount, resetQueryLog } from "../utils/dbQueryLogger.js";
 import { mbkautheVar } from "#config.js";
-import rateLimit from 'express-rate-limit';
 
 const router = express.Router();
 
 const isDbLogsEnabled = () => process.env.env === "dev" && process.env.dbLogs === "true";
 
-// Rate limiter for info/test routes
+const clampLimit = (value, fallback = 50, max = 500) => {
+  const parsed = Number(value);
+  if (!Number.isFinite(parsed) || parsed < 1) {
+    return fallback;
+  }
+  return Math.min(max, Math.floor(parsed));
+};
+
+const normalizeStringFilter = (value) => {
+  if (typeof value !== "string") return "";
+  return value.trim();
+};
+
+const parseSuccessFilter = (value) => {
+  if (value === true || value === "true") return true;
+  if (value === false || value === "false") return false;
+  return null;
+};
+
+const getRawQueryLog = () => {
+  if (typeof getQueryLog === "function") return getQueryLog();
+  if (typeof dblogin.getQueryLog === "function") return dblogin.getQueryLog();
+  return [];
+};
+
+const filterQueryLog = (queryLog, filters) => {
+  const poolName = normalizeStringFilter(filters.pool);
+  const username = normalizeStringFilter(filters.username).toLowerCase();
+  const url = normalizeStringFilter(filters.url).toLowerCase();
+  const success = parseSuccessFilter(filters.success);
+
+  return queryLog.filter((entry) => {
+    if (poolName && (entry?.pool?.name || "") !== poolName) {
+      return false;
+    }
+
+    if (username) {
+      const candidate = String(entry?.request?.username || entry?.request?.userId || "").toLowerCase();
+      if (!candidate.includes(username)) {
+        return false;
+      }
+    }
+
+    if (url) {
+      const candidateUrl = String(entry?.request?.url || "").toLowerCase();
+      if (!candidateUrl.includes(url)) {
+        return false;
+      }
+    }
+
+    if (success !== null && Boolean(entry?.success) !== success) {
+      return false;
+    }
+
+    return true;
+  });
+};
+
+const sortQueryLogNewestFirst = (queryLog) =>
+  [...queryLog].sort((a, b) => {
+    const left = Date.parse(b?.time || "") || 0;
+    const right = Date.parse(a?.time || "") || 0;
+    return left - right;
+  });
+
+const average = (numbers) => {
+  if (!numbers.length) return 0;
+  return numbers.reduce((sum, value) => sum + value, 0) / numbers.length;
+};
+
+const buildSummary = (queryLog) => {
+  const durations = queryLog
+    .map((entry) => Number(entry?.durationMs))
+    .filter((value) => Number.isFinite(value));
+  const executionDurations = queryLog
+    .map((entry) => Number(entry?.executionDurationMs))
+    .filter((value) => Number.isFinite(value));
+  const waitDurations = queryLog
+    .map((entry) => Number(entry?.poolWait?.waitMs))
+    .filter((value) => Number.isFinite(value));
+  const errorCount = queryLog.filter((entry) => entry?.success === false).length;
+  const pressuredQueries = queryLog.filter((entry) => entry?.poolWait?.hadPoolPressure).length;
+
+  const slowestQueries = [...queryLog]
+    .sort((a, b) => (Number(b?.durationMs) || 0) - (Number(a?.durationMs) || 0))
+    .slice(0, 5)
+    .map((entry) => ({
+      time: entry.time,
+      query: entry.query,
+      name: entry.name,
+      fingerprint: entry.fingerprint,
+      durationMs: entry.durationMs,
+      executionDurationMs: entry.executionDurationMs,
+      waitMs: entry.poolWait?.waitMs || 0,
+      success: entry.success,
+      request: entry.request,
+      pool: entry.pool,
+    }));
+
+  const repeatedGroupsMap = new Map();
+  for (const entry of queryLog) {
+    const key = entry?.fingerprint || entry?.normalizedQuery || entry?.query;
+    if (!key) continue;
+
+    const existing = repeatedGroupsMap.get(key);
+    if (existing) {
+      existing.count += 1;
+      existing.totalDurationMs += Number(entry?.durationMs) || 0;
+      existing.totalExecutionDurationMs += Number(entry?.executionDurationMs) || 0;
+      existing.totalWaitMs += Number(entry?.poolWait?.waitMs) || 0;
+      existing.errorCount += entry?.success === false ? 1 : 0;
+      if ((Date.parse(entry?.time || "") || 0) > (Date.parse(existing.lastSeen || "") || 0)) {
+        existing.lastSeen = entry.time;
+      }
+      continue;
+    }
+
+    repeatedGroupsMap.set(key, {
+      fingerprint: entry.fingerprint,
+      normalizedQuery: entry.normalizedQuery,
+      sampleQuery: entry.query,
+      sampleName: entry.name,
+      poolName: entry?.pool?.name || null,
+      requestUrl: entry?.request?.url || null,
+      count: 1,
+      totalDurationMs: Number(entry?.durationMs) || 0,
+      totalExecutionDurationMs: Number(entry?.executionDurationMs) || 0,
+      totalWaitMs: Number(entry?.poolWait?.waitMs) || 0,
+      errorCount: entry?.success === false ? 1 : 0,
+      lastSeen: entry.time,
+    });
+  }
+
+  const repeatedGroups = [...repeatedGroupsMap.values()]
+    .filter((group) => group.count > 1)
+    .sort((a, b) => {
+      if (b.count !== a.count) return b.count - a.count;
+      return b.totalDurationMs - a.totalDurationMs;
+    })
+    .slice(0, 8)
+    .map((group) => ({
+      fingerprint: group.fingerprint,
+      normalizedQuery: group.normalizedQuery,
+      sampleQuery: group.sampleQuery,
+      sampleName: group.sampleName,
+      poolName: group.poolName,
+      requestUrl: group.requestUrl,
+      count: group.count,
+      avgDurationMs: group.totalDurationMs / group.count,
+      avgExecutionDurationMs: group.totalExecutionDurationMs / group.count,
+      avgWaitMs: group.totalWaitMs / group.count,
+      errorCount: group.errorCount,
+      lastSeen: group.lastSeen,
+    }));
+
+  return {
+    totalVisible: queryLog.length,
+    avgDurationMs: average(durations),
+    avgExecutionDurationMs: average(executionDurations),
+    avgWaitMs: average(waitDurations),
+    errorCount,
+    pressuredQueries,
+    slowestQueries,
+    repeatedGroups,
+  };
+};
+
+const buildResponsePayload = (req) => {
+  const queryCount = typeof getQueryCount === "function"
+    ? getQueryCount()
+    : typeof dblogin.getQueryCount === "function"
+    ? dblogin.getQueryCount()
+    : 0;
+  const queryLimit = clampLimit(req.query.limit);
+  const filters = {
+    pool: normalizeStringFilter(req.query.pool),
+    username: normalizeStringFilter(req.query.username),
+    url: normalizeStringFilter(req.query.url),
+    success: parseSuccessFilter(req.query.success),
+  };
+  const filtered = filterQueryLog(getRawQueryLog(), filters);
+  const ordered = sortQueryLogNewestFirst(filtered);
+  const queryLog = ordered.slice(0, queryLimit);
+  const summary = buildSummary(queryLog);
+
+  return {
+    queryCount,
+    queryLimit,
+    filters: {
+      pool: filters.pool,
+      username: filters.username,
+      url: filters.url,
+      success: filters.success,
+    },
+    summary,
+    queryLog,
+  };
+};
+
 const LogLimit = rateLimit({
   windowMs: 1 * 60 * 1000,
   max: 50,
@@ -19,15 +217,14 @@ const LogLimit = rateLimit({
   },
   validate: {
     trustProxy: false,
-    xForwardedForHeader: false
-  }
+    xForwardedForHeader: false,
+  },
 });
 
-// DB stats API (JSON)
 router.get(["/db.json"], LogLimit, async (req, res) => {
   try {
     const isDev = isDbLogsEnabled();
-    const queryLimit = Number(req.query.limit) || 50;
+    const queryLimit = clampLimit(req.query.limit);
 
     if (!isDev) {
       return res.status(403).json({
@@ -36,21 +233,33 @@ router.get(["/db.json"], LogLimit, async (req, res) => {
         isDev,
         queryCount: 0,
         queryLimit,
-        queryLog: []
+        filters: {
+          pool: normalizeStringFilter(req.query.pool),
+          username: normalizeStringFilter(req.query.username),
+          url: normalizeStringFilter(req.query.url),
+          success: parseSuccessFilter(req.query.success),
+        },
+        summary: {
+          totalVisible: 0,
+          avgDurationMs: 0,
+          avgExecutionDurationMs: 0,
+          avgWaitMs: 0,
+          errorCount: 0,
+          pressuredQueries: 0,
+          slowestQueries: [],
+          repeatedGroups: [],
+        },
+        queryLog: [],
       });
     }
 
-    const queryCount = typeof getQueryCount === 'function' ? getQueryCount() : (typeof dblogin.getQueryCount === 'function' ? dblogin.getQueryCount() : 0);
-    const queryLog = typeof getQueryLog === 'function' ? getQueryLog({ limit: queryLimit }) : (typeof dblogin.getQueryLog === 'function' ? dblogin.getQueryLog({ limit: queryLimit }) : []);
-
-    return res.json({ queryCount, queryLimit, queryLog, isDev });
+    return res.json({ ...buildResponsePayload(req), isDev });
   } catch (err) {
-    console.error(`[mbkauthe] /db.json route error:`, err);
-    return res.status(500).json({ success: false, message: 'Could not fetch DB stats.' });
+    console.error("[mbkauthe] /db.json route error:", err);
+    return res.status(500).json({ success: false, message: "Could not fetch DB stats." });
   }
 });
 
-// Dedicated reset API for DB logs and counters
 router.post(["/db/reset"], LogLimit, async (req, res) => {
   try {
     const isDev = isDbLogsEnabled();
@@ -58,39 +267,48 @@ router.post(["/db/reset"], LogLimit, async (req, res) => {
       return res.status(403).json({
         success: false,
         message: "DB logs are disabled.",
-        isDev
+        isDev,
       });
     }
 
-    if (typeof resetQueryCount === 'function') resetQueryCount();
-    else if (typeof dblogin.resetQueryCount === 'function') dblogin.resetQueryCount();
+    if (typeof resetQueryCount === "function") resetQueryCount();
+    else if (typeof dblogin.resetQueryCount === "function") dblogin.resetQueryCount();
 
-    if (typeof resetQueryLog === 'function') resetQueryLog();
-    else if (typeof dblogin.resetQueryLog === 'function') dblogin.resetQueryLog();
+    if (typeof resetQueryLog === "function") resetQueryLog();
+    else if (typeof dblogin.resetQueryLog === "function") dblogin.resetQueryLog();
 
-    return res.json({ success: true, message: 'Query log and count have been reset.' });
+    return res.json({ success: true, message: "Query log and count have been reset." });
   } catch (err) {
-    console.error(`[mbkauthe] /db/reset route error:`, err);
-    return res.status(500).json({ success: false, message: 'Could not reset DB stats.' });
+    console.error("[mbkauthe] /db/reset route error:", err);
+    return res.status(500).json({ success: false, message: "Could not reset DB stats." });
   }
 });
 
-// DB stats page (HTML)
 router.get(["/db"], LogLimit, async (req, res) => {
   try {
     const isDev = isDbLogsEnabled();
-    const queryLimit = Number(req.query.limit) || 50;
-    const resetDone = req.query.resetDone === '1';
-    return res.render('pages/dbLogs.handlebars', {
+    const queryLimit = clampLimit(req.query.limit);
+    const resetDone = req.query.resetDone === "1";
+    const successFilter = parseSuccessFilter(req.query.success);
+
+    return res.render("pages/dbLogs.handlebars", {
       layout: false,
       appName: mbkautheVar.APP_NAME,
       queryLimit,
       resetDone,
       isDev,
-      disabledMessage: isDev ? null : 'DB logs are disabled.'
+      filters: {
+        pool: normalizeStringFilter(req.query.pool),
+        username: normalizeStringFilter(req.query.username),
+        url: normalizeStringFilter(req.query.url),
+        successAny: successFilter === null,
+        successTrue: successFilter === true,
+        successFalse: successFilter === false,
+      },
+      disabledMessage: isDev ? null : "DB logs are disabled.",
     });
   } catch (err) {
-    console.error(`[mbkauthe] /db route error:`, err);
+    console.error("[mbkauthe] /db route error:", err);
     return renderError(res, req, {
       layout: false,
       code: 500,
@@ -102,4 +320,4 @@ router.get(["/db"], LogLimit, async (req, res) => {
   }
 });
 
-export default router;
+export default router;

package/lib/routes/misc.js

@@ -12,6 +12,7 @@ import { fileURLToPath } from "url";
 import path from "path";
 import fs from "fs";
 import dotenv from "dotenv";
+import { createLogger } from "../utils/logger.js";
 
 dotenv.config();
 
@@ -20,6 +21,7 @@ const __dirname = path.dirname(fileURLToPath(import.meta.url));
 
 const router = express.Router();
 const authRepo = new AuthRepository({ db: dblogin });
+const logMisc = createLogger("misc");
 // Rate limiter for info/test routes
 const LoginLimit = rateLimit({
   windowMs: 1 * 60 * 1000,
@@ -472,9 +474,9 @@ export async function checkVersion() {
         if (hasValidLatest && latestVersion !== packageJson.version) {
             console.warn(`[mbkauthe] Current version (${packageJson.version}) is outdated. Latest version: ${latestVersion}. Consider updating mbkauthe.`);
         } else if (hasValidLatest) {
-            console.info(`[mbkauthe] Running latest version (${packageJson.version}).`);
+            logMisc(`Running latest version (${packageJson.version}).`);
         } else {
-            console.info(`[mbkauthe] Skipped version check warning: latest version unavailable.`);
+            logMisc(`Skipped version check warning: latest version unavailable.`);
         }
     } catch (error) {
         console.warn(`[mbkauthe] Failed to check for updates: ${error.message}`);
@@ -544,13 +546,13 @@ router.post("/api/terminateAllSessions", AdminOperationLimit, authenticate(mbkau
 
     req.session.destroy((err) => {
       if (err) {
-        console.log(`[mbkauthe] Error destroying session:`, err);
+        console.error(`[mbkauthe] Error destroying session:`, err);
         return res.status(500).json({ success: false, message: "Failed to terminate sessions" });
       }
 
       clearSessionCookies(res);
 
-      console.log(`[mbkauthe] All sessions terminated successfully`);
+      logMisc(`All sessions terminated successfully`);
       res.status(200).json({
         success: true,
         message: "All sessions terminated successfully",