fix1

server/routes/auth.js

@@ -59,6 +59,23 @@ async function validatePortalAccess(appwriteUserId) {
   return { customer, portalAccess }
 }
 
+const DEBUG_LOG = (location, message, data, hypothesisId) => {
+  // #region agent log
+  fetch('http://127.0.0.1:7281/ingest/30e8e71c-b377-4e72-84f9-593826c6d234', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json', 'X-Debug-Session-Id': '80bbfc' },
+    body: JSON.stringify({
+      sessionId: '80bbfc',
+      location,
+      message,
+      data,
+      hypothesisId,
+      timestamp: Date.now(),
+    }),
+  }).catch(() => {})
+  // #endregion
+}
+
 router.post('/login', async (req, res) => {
   const { email, password } = req.body || {}
   if (!email || !password) {
@@ -67,7 +84,12 @@ router.post('/login', async (req, res) => {
 
   try {
     const user = await loginWithAppwrite(email.trim(), password)
+    DEBUG_LOG('auth.js:login', 'appwrite user ok', { userId: user.$id }, 'H3')
     const { customer, portalAccess } = await validatePortalAccess(user.$id)
+    DEBUG_LOG('auth.js:login', 'portal validation ok', {
+      customerId: customer.$id,
+      portalAccessEnabled: Boolean(customer.portalAccessEnabled),
+    }, 'H4')
 
     setPortalSession(res, {
       customerId: customer.$id,
@@ -87,6 +109,10 @@ router.post('/login', async (req, res) => {
     return res.json({ success: true, customer: sanitizeCustomer(customer) })
   } catch (err) {
     const status = err.status || 500
+    DEBUG_LOG('auth.js:login', 'login failed', {
+      status,
+      message: err?.message?.slice(0, 120),
+    }, status === 403 ? 'H4' : status === 401 ? 'H1' : 'H5')
     return res.status(status).json({ error: err.message || 'Anmeldung fehlgeschlagen' })
   }
 })