diff --git a/.gitignore b/.gitignore
index 696344a..5411f93 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@ vendor/
 config.json
 composer.phar
 DOMAIN_OVERRIDE
+*.log
diff --git a/README.md b/README.md
index eb10583..8f8505a 100644
--- a/README.md
+++ b/README.md
@@ -7,11 +7,13 @@ Warrant canary available at /etc/ttyserver/canary
 ## TODO: (From Fedi Reports)
 
 * [ ] Descriptive pubkey upload responses
-* [ ] Fix OAuth Process (Invalid showing up)
-* [X] Change Sign Up to Log In
+* [ ] **Fix OAuth Process (Invalid showing up)**
 * [ ] UI to manage user's public keys
 * [ ] Web Notifications for user activity
 * [ ] Web UI to opt into [Gemini Web Proxy](https://git.corrupt.link/maddiefuzz/skeksis)
 * [ ] Canary description popup?
 * [ ] Shift-Click for Keygen Options
 * [ ] Download SSH Public Key on fingerprint click?
+
+## Completed TODO:
+ * Change Sign Up to Log In
diff --git a/auth/index.php b/auth/index.php
index 02ef7c4..241493b 100644
--- a/auth/index.php
+++ b/auth/index.php
@@ -1,8 +1,18 @@
 <?php
 $config = json_decode(file_get_contents("/var/www/usergen/config.json", true));
+    ini_set('display_errors', 1);
+    ini_set('display_startup_errors', 1);
+    error_reporting(E_ALL);
+function flog($log_msg) {
+    $log_filename = "/var/www/html";
+    $log_file_data = $log_filename.'/log_' . date('d-M-Y') . '.log';
+    // if you don't add `FILE_APPEND`, the file will be erased each time you add a log
+    file_put_contents($log_file_data, $log_msg . "\n", FILE_APPEND);
+}
 
 if (isset($_REQUEST["act"])){
     // internal functions such as id request
+    flog("Ret ACT:16 ✨ ".$_REQUEST["act"]." FROM ".$_SERVER["REMOTE_ADDR"]);
     switch($_REQUEST["act"]){
         case "id":
             // return OAUTH app ID
@@ -14,8 +24,19 @@ if (isset($_REQUEST["act"])){
             break;
     }
 }else if (isset($_REQUEST["code"])){
-    // Mastodon callback
+    // Mastodon callback (Authorization Code from /oauth/authorize)
     $MastCode = $_REQUEST["code"];
+    // var_dump($_REQUEST);
+}
+if (isset($_REQUEST["token"])){
+    // Token passed, use for repeated OAUTH
+    /* TODO: Long-Term Auth
+        * Check if HT Token valid
+        * Generate Browser Token
+        * Encrypt Browser Token with Client Data (User Agent + IP)
+          * $_SERVER["HTTP_USER_AGENT"] + $_SERVER["REMOTE_ADDR"]
+    */
+    flog("token:35 ✨ ".$_REQUEST["token"]);
 }
 ?>
 <!DOCTYPE html>
@@ -72,6 +93,7 @@ if (isset($_REQUEST["act"])){
                     curl_setopt($request, CURLOPT_POSTFIELDS, $options);
                     $response = curl_exec($request);
                     curl_close($request);
+                    flog("oauth_token:91 ✨ ".$response);
                     $Auth = json_decode($response);
                     if(isset($Auth->token_type)){
                         // Valid Auth?
@@ -85,6 +107,8 @@ if (isset($_REQUEST["act"])){
                         curl_close($request);
                         $User = json_decode($response);
 
+                        flog("cred_verify:104 ✨ ".$response);
+
                         if (isset($User->id)){
                             // Congrats!
                             $AuthToken = $Auth->access_token;
@@ -118,11 +142,10 @@ if (isset($_REQUEST["act"])){
 
                     // revoke token after usage
                 ?>
-                <div id="usertoken" hidden><?php echo $AuthToken; ?></div>
+                <div id="usertoken" ><?php echo $AuthToken; ?></div>
                 <div class="row"<?php if(strpos($AuthToken, "Bad") === false){
                     echo "hidden";
                 }?>>
-                    <!-- Select to upload public key or generate a new one locally -->
                     <span>
                         Invalid
                     </span>
@@ -135,13 +158,11 @@ if (isset($_REQUEST["act"])){
                 </div><div class="row button"<?php if(strpos($AuthToken, "Bad") === false){
                     echo "hidden";
                 }?>>
-                    <!-- Select to upload public key or generate a new one locally -->
                     <button class="col keyButton" onclick="beginOauth()">Retry</button>
                 </div>
                 <div class="row"<?php if(strpos($AuthToken, "Bad") !== false){
                     echo "hidden";
                 }?>>
-                    <!-- Select to upload public key or generate a new one locally -->
                     <span>
                         <?php
                             $Welcomes = array("Welcome", "Dobrodošli", "Vitejte", "Welkom", "Tervetuloa", "Willkommen", "Fáilte", "Benvenuto", "Bienvenidos", "Välkommen", "ようこそ");
