From f313410770b363722c9199720a050c979be4f768 Mon Sep 17 00:00:00 2001 From: KNSO Date: Sat, 23 May 2026 00:03:10 +0200 Subject: [PATCH] fix1 --- server/routes/auth.js | 26 ++++++++++++++++ server/services/appwriteClient.js | 51 +++++++++++++++++++++++++++++-- 2 files changed, 75 insertions(+), 2 deletions(-) diff --git a/server/routes/auth.js b/server/routes/auth.js index 86c872b..aef0ce4 100644 --- a/server/routes/auth.js +++ b/server/routes/auth.js @@ -59,6 +59,23 @@ async function validatePortalAccess(appwriteUserId) { return { customer, portalAccess } } +const DEBUG_LOG = (location, message, data, hypothesisId) => { + // #region agent log + fetch('http://127.0.0.1:7281/ingest/30e8e71c-b377-4e72-84f9-593826c6d234', { + method: 'POST', + headers: { 'Content-Type': 'application/json', 'X-Debug-Session-Id': '80bbfc' }, + body: JSON.stringify({ + sessionId: '80bbfc', + location, + message, + data, + hypothesisId, + timestamp: Date.now(), + }), + }).catch(() => {}) + // #endregion +} + router.post('/login', async (req, res) => { const { email, password } = req.body || {} if (!email || !password) { @@ -67,7 +84,12 @@ router.post('/login', async (req, res) => { try { const user = await loginWithAppwrite(email.trim(), password) + DEBUG_LOG('auth.js:login', 'appwrite user ok', { userId: user.$id }, 'H3') const { customer, portalAccess } = await validatePortalAccess(user.$id) + DEBUG_LOG('auth.js:login', 'portal validation ok', { + customerId: customer.$id, + portalAccessEnabled: Boolean(customer.portalAccessEnabled), + }, 'H4') setPortalSession(res, { customerId: customer.$id, @@ -87,6 +109,10 @@ router.post('/login', async (req, res) => { return res.json({ success: true, customer: sanitizeCustomer(customer) }) } catch (err) { const status = err.status || 500 + DEBUG_LOG('auth.js:login', 'login failed', { + status, + message: err?.message?.slice(0, 120), + }, status === 403 ? 'H4' : status === 401 ? 'H1' : 'H5') return res.status(status).json({ error: err.message || 'Anmeldung fehlgeschlagen' }) } }) diff --git a/server/services/appwriteClient.js b/server/services/appwriteClient.js index 91b961e..c68df74 100644 --- a/server/services/appwriteClient.js +++ b/server/services/appwriteClient.js @@ -1,18 +1,65 @@ import { createUserClient } from './appwriteAdmin.js' +const DEBUG_LOG = (location, message, data, hypothesisId) => { + // #region agent log + fetch('http://127.0.0.1:7281/ingest/30e8e71c-b377-4e72-84f9-593826c6d234', { + method: 'POST', + headers: { 'Content-Type': 'application/json', 'X-Debug-Session-Id': '80bbfc' }, + body: JSON.stringify({ + sessionId: '80bbfc', + location, + message, + data, + hypothesisId, + timestamp: Date.now(), + }), + }).catch(() => {}) + // #endregion +} + export async function loginWithAppwrite(email, password) { const { client, account } = createUserClient() + let session try { - await account.createEmailPasswordSession(email, password) + session = await account.createEmailPasswordSession(email, password) + DEBUG_LOG('appwriteClient.js:session', 'createEmailPasswordSession ok', { + hasSecret: Boolean(session?.secret), + sessionId: session?.$id || null, + }, 'H1') } catch (err) { + DEBUG_LOG('appwriteClient.js:session', 'createEmailPasswordSession fail', { + code: err?.code, + type: err?.type, + message: err?.message?.slice(0, 120), + }, 'H1') const message = err?.message || 'Anmeldung fehlgeschlagen' const error = new Error(message) error.status = 401 throw error } - const user = await account.get() + if (session?.secret) { + client.setSession(session.secret) + DEBUG_LOG('appwriteClient.js:setSession', 'setSession applied', { hasSessionHeader: true }, 'H2') + } else { + DEBUG_LOG('appwriteClient.js:setSession', 'no session.secret', {}, 'H2') + } + + let user + try { + user = await account.get() + DEBUG_LOG('appwriteClient.js:get', 'account.get ok', { userId: user?.$id || null }, 'H2') + } catch (err) { + DEBUG_LOG('appwriteClient.js:get', 'account.get fail', { + code: err?.code, + message: err?.message?.slice(0, 120), + }, 'H2') + const message = err?.message || 'Anmeldung fehlgeschlagen' + const error = new Error(message) + error.status = err?.message?.includes('scopes') ? 401 : 500 + throw error + } try { await account.deleteSession('current')