-- Login attempts table for brute-force protection
-- Run this on the enchantrix.online database after importing u1980_1

CREATE TABLE IF NOT EXISTS ldw_login_attempts (
    id BIGINT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
    username VARCHAR(100) NOT NULL,
    ip_address VARCHAR(45) NOT NULL,
    attempted_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
    INDEX idx_username_time (username, attempted_at),
    INDEX idx_ip_time (ip_address, attempted_at)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

-- Also ensure ldw_user.password column can hold bcrypt hashes
ALTER TABLE ldw_user MODIFY password VARCHAR(255) NOT NULL;