[FEATURE] ACCESS_LOG #448
Description
Is your feature request related to a problem? Please describe.
Provide a separate ACCESS_LOG option (default off) that can create a log for which users have logged in, how they logged in (provider), and what time etc.
The full logs give a lot of information about what is going on, but the level of information is very much geared towards finding problems, this is more informative for specific users.
Describe the solution you'd like
An option that can be a single on/off for default logging, and potentially allowing more control over the format and contents for easier security access and analysis.
Describe alternatives you've considered
The alternative is to set the LOG_LEVEL to the minimum level needed, and then cherrypick the relevant information from it, but this can leak internal information about tinyauth that is not relevant to user access.
Additional context
From Google -
AI Overview
There is no single universal "access log standard," but common, predefined formats like the [Combined Log Format(https://www.google.com/search?q=Combined+Log+Format&ie=UTF-&mstk=AUtExfBf7_TGVjSJxf55lGKizYjEuADa8krsLi_ha8oFJJySOlxlezjU8NIZ37kefgYSiM-NLiud8JBblbTuNdALyaBxqPLDg4SuWW1kEztLKrPeudTXnvu3eTB_CjR617R4sv4DxoBV66oBKbGvSY_dOA44SFpGJK2Fcynqzk9N2-QEZlfWgHIexxYKgSPOu9FehLVK0lFz8nv78eS5v8iNRJwv8Q&csui=3&ved=2ahUKEwiExIzc_d2QAxXovokEHeXFAFoQgK4QegQIARAE) are widely used for web servers like NGINX and Apache. These standard formats capture essential request details, including client IP, timestamp, HTTP request, status code, response size, and user agent, which are useful for analysis, monitoring, and troubleshooting. Web servers and proxies also allow administrators to create custom formats to log additional information.