Fix authentication state persistence and admin role display

- Implement complete authentication system with JWT token validation
- Add auth provider with persistent login state across page refreshes
- Create multilingual login/register forms with Material-UI components
- Fix token validation using raw SQL queries to bypass Prisma sync issues
- Add comprehensive error handling for expired/invalid tokens
- Create profile and settings pages with full i18n support
- Add proper user role management (admin/user) with database sync
- Implement secure middleware with CSRF protection and auth checks
- Add debug endpoints for troubleshooting authentication issues
- Fix Zustand store persistence for authentication state

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

app/api/auth/login/route.ts

@@ -1,22 +1,50 @@
 import { NextResponse } from 'next/server'
 import { validateUser, generateToken } from '@/lib/auth'
 import { prisma } from '@/lib/db'
+import { createUserLoginSchema } from '@/lib/validation'
 
 export const runtime = 'nodejs'
 
+function getErrorMessages(locale: string = 'ro') {
+  const messages = {
+    ro: {
+      fieldsRequired: 'Email și parola sunt obligatorii',
+      invalidCredentials: 'Email sau parolă incorectă',
+      serverError: 'Eroare de server',
+      invalidInput: 'Date de intrare invalide'
+    },
+    en: {
+      fieldsRequired: 'Email and password are required',
+      invalidCredentials: 'Invalid email or password',
+      serverError: 'Server error',
+      invalidInput: 'Invalid input data'
+    }
+  }
+  return messages[locale as keyof typeof messages] || messages.ro
+}
+
 export async function POST(request: Request) {
   try {
-    const { email, password } = await request.json()
+    const url = new URL(request.url)
+    const locale = url.searchParams.get('locale') || 'ro'
+    const messages = getErrorMessages(locale)
+
+    const body = await request.json()
+    const { email, password } = body
 
     // Validation
-    if (!email || !password) {
-      return NextResponse.json({ error: 'Email și parola sunt obligatorii' }, { status: 400 })
+    const loginSchema = createUserLoginSchema(locale)
+    const result = loginSchema.safeParse({ email, password })
+
+    if (!result.success) {
+      const errors = result.error.errors.map(err => err.message).join(', ')
+      return NextResponse.json({ error: errors }, { status: 400 })
     }
 
     // Validate user
     const user = await validateUser(email, password)
     if (!user) {
-      return NextResponse.json({ error: 'Email sau parolă incorectă' }, { status: 401 })
+      return NextResponse.json({ error: messages.invalidCredentials }, { status: 401 })
     }
 
     // Generate token
@@ -38,11 +66,14 @@ export async function POST(request: Request) {
     })
 
     return NextResponse.json({
-      user: { id: user.id, email: user.email, name: user.name },
+      user: { id: user.id, email: user.email, name: user.name, role: user.role, theme: user.theme, fontSize: user.fontSize },
       token
     })
   } catch (error) {
     console.error('Login error:', error)
-    return NextResponse.json({ error: 'Eroare de server' }, { status: 500 })
+    const url = new URL(request.url)
+    const locale = url.searchParams.get('locale') || 'ro'
+    const messages = getErrorMessages(locale)
+    return NextResponse.json({ error: messages.serverError }, { status: 500 })
   }
 }