diff --git a/includes/auth.js b/includes/auth.js
index 20addc3..cadbd3e 100644
--- a/includes/auth.js
+++ b/includes/auth.js
@@ -4,20 +4,6 @@ import { RateLimiterMemory } from 'rate-limiter-flexible';
 import sanitizeHtml from 'sanitize-html';
 import helmet from 'helmet';
 import csurf from 'csurf';
-import winston from 'winston';
-import validator from 'validator';
-
-// Initialize logger
-const logger = winston.createLogger({
-  level: 'info',
-  format: winston.format.combine(
-    winston.format.timestamp(),
-    winston.format.json()
-  ),
-  transports: [
-    new winston.transports.File({ filename: 'security.log' })
-  ]
-});
 
 // Environment variable validation
 const requiredEnvVars = [
@@ -33,7 +19,7 @@ const requiredEnvVars = [
 
 for (const envVar of requiredEnvVars) {
   if (!process.env[envVar]) {
-    logger.error(`Missing required environment variable: ${envVar}`);
+    console.log(`Missing required environment variable: ${envVar}`);
     process.exit(1);
   }
 }
@@ -54,7 +40,7 @@ setInterval(() => {
   for (const [linkId, linkData] of temporaryLinks.entries()) {
     if (linkData.expiresAt < now) {
       temporaryLinks.delete(linkId);
-      logger.info(`Cleaned up expired link: ${linkId}`);
+      console.log(`Cleaned up expired link: ${linkId}`);
     }
   }
 }, cleanupInterval);
@@ -62,12 +48,12 @@ setInterval(() => {
 // Input sanitization and validation
 const sanitizeInput = (input) => {
   if (typeof input !== 'string') {
-    logger.warn(`Invalid input type: expected string, got ${typeof input}`);
+    console.log(`Invalid input type: expected string, got ${typeof input}`);
     return null;
   }
   // Allow alphanumeric characters and underscores
   if (!/^[a-zA-Z0-9_]+$/.test(input)) {
-    logger.warn(`Invalid input format: ${input}`);
+    console.log(`Invalid input format: ${input}`);
     return null;
   }
   return sanitizeHtml(input);
@@ -117,13 +103,13 @@ export async function generateLoginLink(req, res) {
 
         // Validate inputs
         if (!sanitizeInput(secretKey) || secretKey !== process.env.ADMIN_SECRET_KEY) {
-          logger.warn(`Invalid secret key attempt from IP: ${req.ip}`);
+          console.log(`Invalid secret key attempt from IP: ${req.ip}`);
           return res.status(401).json({ error: 'Unauthorized' });
         }
 
         const sanitizedUsername = sanitizeInput(username);
         if (!sanitizedUsername) {
-          logger.warn(`Invalid username attempt from IP: ${req.ip}, username: ${username}`);
+          console.log(`Invalid username attempt from IP: ${req.ip}, username: ${username}`);
           return res.status(400).json({ error: 'Invalid username' });
         }
 
@@ -139,7 +125,7 @@ export async function generateLoginLink(req, res) {
           .timeout(5000);
 
         if (!tokenResponse.body.token) {
-          logger.error(`Failed to generate API key for username: ${sanitizedUsername}`);
+          console.log(`Failed to generate API key for username: ${sanitizedUsername}`);
           return res.status(500).json({ error: 'Authentication service error' });
         }
 
@@ -159,14 +145,14 @@ export async function generateLoginLink(req, res) {
         // Secure timeout
         setTimeout(() => {
           temporaryLinks.delete(linkId);
-          logger.info(`Expired link removed: ${linkId}`);
+          console.log(`Expired link removed: ${linkId}`);
         }, Math.min(3600000, parseInt(process.env.LINK_EXPIRY_SECONDS, 10) * 1000));
 
-        logger.info(`Generated login link for username: ${sanitizedUsername} from IP: ${req.ip}, userAgent: ${req.get('User-Agent') || 'Unknown'}`);
+        console.log(`Generated login link for username: ${sanitizedUsername} from IP: ${req.ip}, userAgent: ${req.get('User-Agent') || 'Unknown'}`);
         res.json({ loginLink });
       });
     } catch (error) {
-      logger.error(`Error generating login link: ${error.message}`);
+      console.log(`Error generating login link: ${error.message}`);
       res.status(500).json({ error: 'Server error' });
     }
   });
@@ -193,7 +179,7 @@ export function handleAutoLogin(req, res) {
 
     if (!linkData || linkData.expiresAt < Date.now()) {
       temporaryLinks.delete(sanitizedLinkId);
-      logger.warn(`Expired or invalid login attempt for link: ${sanitizedLinkId} from IP: ${req.ip}`);
+      console.log(`Expired or invalid login attempt for link: ${sanitizedLinkId} from IP: ${req.ip}`);
 
       return res.send(`
         <html>
@@ -227,7 +213,7 @@ export function handleAutoLogin(req, res) {
 
     if (strictUserAgentCheck && !isUserAgentMatch && !isLocal) {
       temporaryLinks.delete(sanitizedLinkId);
-      logger.warn(
+      console.log(
         `Suspicious login attempt for link: ${sanitizedLinkId} from IP: ${req.ip}, ` +
         `expected IP: ${linkData.ip}, isLocal: ${isLocal}, ` +
         `userAgentMatch: ${isUserAgentMatch}, ` +
@@ -238,7 +224,7 @@ export function handleAutoLogin(req, res) {
     }
 
     if (!isUserAgentMatch) {
-      logger.info(
+      console.log(
         `Non-critical user-agent mismatch for link: ${sanitizedLinkId} from IP: ${req.ip}, ` +
         `expectedUserAgent: ${linkData.userAgent}, ` +
         `actualUserAgent: ${req.get('User-Agent') || 'Unknown'}`
@@ -246,7 +232,7 @@ export function handleAutoLogin(req, res) {
     }
 
     temporaryLinks.delete(sanitizedLinkId);
-    logger.info(`Successful auto-login for username: ${linkData.username} from IP: ${req.ip}, userAgent: ${req.get('User-Agent') || 'Unknown'}`);
+    console.log(`Successful auto-login for username: ${linkData.username} from IP: ${req.ip}, userAgent: ${req.get('User-Agent') || 'Unknown'}`);
 
     // Secure API key storage with additional client-side security and debugging
     res.send(`