added base examples and drills

kata/auth/original/README.md

@@ -0,0 +1,3 @@
+# auth original
+
+Messy login logic mixing lockout policy, clock handling, token generation, mutation, logging, and file I/O.

kata/auth/original/authService.js

@@ -0,0 +1,36 @@
+const fs = require("fs");
+
+function login(filePath, username, password) {
+  const raw = fs.readFileSync(filePath, "utf8");
+  const state = JSON.parse(raw);
+  const user = state.users.find((item) => item.username === username);
+
+  if (!user) {
+    throw new Error("User not found");
+  }
+
+  if (user.lockedUntil && new Date(user.lockedUntil).getTime() > Date.now()) {
+    return { ok: false, reason: "locked" };
+  }
+
+  if (user.password !== password) {
+    user.failedAttempts = user.failedAttempts + 1;
+
+    if (user.failedAttempts >= 3) {
+      user.lockedUntil = new Date(Date.now() + 15 * 60 * 1000).toISOString();
+    }
+
+    fs.writeFileSync(filePath, JSON.stringify(state, null, 2));
+    return { ok: false, reason: "invalid-password" };
+  }
+
+  user.failedAttempts = 0;
+  user.lockedUntil = null;
+  user.lastLoginAt = new Date().toISOString();
+  fs.writeFileSync(filePath, JSON.stringify(state, null, 2));
+  console.log("Logged in", username);
+
+  return { ok: true, token: "token-" + username + "-" + Date.now() };
+}
+
+module.exports = { login };

kata/auth/original/state.json

@@ -0,0 +1,11 @@
+{
+  "users": [
+    {
+      "username": "ada",
+      "password": "secret",
+      "failedAttempts": 0,
+      "lockedUntil": null,
+      "lastLoginAt": null
+    }
+  ]
+}