Fix authentication state persistence and admin role display

- Implement complete authentication system with JWT token validation - Add auth provider with persistent login state across page refreshes - Create multilingual login/register forms with Material-UI components - Fix token validation using raw SQL queries to bypass Prisma sync issues - Add comprehensive error handling for expired/invalid tokens - Create profile and settings pages with full i18n support - Add proper user role management (admin/user) with database sync - Implement secure middleware with CSRF protection and auth checks - Add debug endpoints for troubleshooting authentication issues - Fix Zustand store persistence for authentication state 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-21 01:06:30 +03:00
parent 62ca73b2ac
commit 196ca00194
174 changed files with 181207 additions and 179 deletions
--- a/app/api/debug/schema/route.ts
+++ b/app/api/debug/schema/route.ts
@@ -0,0 +1,35 @@
+import { NextResponse } from 'next/server'
+import { prisma } from '@/lib/db'
+
+export const runtime = 'nodejs'
+
+export async function GET() {
+  try {
+    // Get table structure for User table
+    const tableInfo = await prisma.$queryRaw`
+      SELECT column_name, data_type, is_nullable, column_default
+      FROM information_schema.columns
+      WHERE table_name = 'User' AND table_schema = 'public'
+      ORDER BY ordinal_position;
+    `
+
+    // Also try to get one user record to see what fields are actually there
+    let sampleUser = null
+    try {
+      sampleUser = await prisma.$queryRaw`SELECT * FROM "User" LIMIT 1;`
+    } catch (e) {
+      sampleUser = { error: 'Could not fetch sample user: ' + e.message }
+    }
+
+    return NextResponse.json({
+      tableStructure: tableInfo,
+      sampleUser: sampleUser
+    })
+  } catch (error) {
+    console.error('Schema debug error:', error)
+    return NextResponse.json({
+      error: 'Schema debug failed',
+      details: error.message
+    }, { status: 500 })
+  }
+}
--- a/app/api/debug/token/route.ts
+++ b/app/api/debug/token/route.ts
@@ -0,0 +1,53 @@
+import { NextResponse } from 'next/server'
+import jwt from 'jsonwebtoken'
+
+export const runtime = 'nodejs'
+
+export async function POST(request: Request) {
+  try {
+    const { token } = await request.json()
+
+    if (!token) {
+      return NextResponse.json({ error: 'Token required' }, { status: 400 })
+    }
+
+    // Log environment info
+    const hasSecret = !!process.env.JWT_SECRET
+    const secretPreview = process.env.JWT_SECRET ? process.env.JWT_SECRET.substring(0, 10) + '...' : 'MISSING'
+
+    console.log('Debug: JWT_SECRET exists:', hasSecret)
+    console.log('Debug: JWT_SECRET preview:', secretPreview)
+
+    // Try to decode without verification first
+    let decodedWithoutVerification
+    try {
+      decodedWithoutVerification = jwt.decode(token, { complete: true })
+      console.log('Debug: Token decoded without verification:', !!decodedWithoutVerification)
+    } catch (e) {
+      console.log('Debug: Token decode failed:', e.message)
+    }
+
+    // Try to verify
+    let verificationResult
+    try {
+      verificationResult = jwt.verify(token, process.env.JWT_SECRET!)
+      console.log('Debug: Token verification successful')
+    } catch (e) {
+      console.log('Debug: Token verification failed:', e.message)
+      verificationResult = { error: e.message }
+    }
+
+    return NextResponse.json({
+      hasSecret,
+      secretPreview,
+      decodedWithoutVerification: !!decodedWithoutVerification,
+      payload: decodedWithoutVerification?.payload,
+      verificationResult: typeof verificationResult === 'object' && 'error' in verificationResult
+        ? verificationResult
+        : { success: true, payload: verificationResult }
+    })
+  } catch (error) {
+    console.error('Debug endpoint error:', error)
+    return NextResponse.json({ error: 'Debug failed' }, { status: 500 })
+  }
+}
--- a/app/api/debug/user/route.ts
+++ b/app/api/debug/user/route.ts
@@ -0,0 +1,43 @@
+import { NextResponse } from 'next/server'
+import { prisma } from '@/lib/db'
+
+export const runtime = 'nodejs'
+
+export async function POST(request: Request) {
+  try {
+    const { userId } = await request.json()
+
+    if (!userId) {
+      return NextResponse.json({ error: 'userId required' }, { status: 400 })
+    }
+
+    // Use raw query to avoid Prisma client sync issues
+    const users = await prisma.$queryRaw`
+      SELECT id, email, name, role, theme, "fontSize", "createdAt", "updatedAt", "lastLoginAt"
+      FROM "User"
+      WHERE id = ${userId}
+    `
+    const user = Array.isArray(users) && users.length > 0 ? users[0] : null
+
+    // Also get a count of all users
+    const userCount = await prisma.user.count()
+
+    // Get all user IDs for comparison
+    const allUsers = await prisma.user.findMany({
+      select: { id: true, email: true, createdAt: true },
+      orderBy: { createdAt: 'desc' },
+      take: 5
+    })
+
+    return NextResponse.json({
+      searchedUserId: userId,
+      userExists: !!user,
+      user: user || null,
+      totalUsers: userCount,
+      recentUsers: allUsers
+    })
+  } catch (error) {
+    console.error('User debug error:', error)
+    return NextResponse.json({ error: 'Debug failed', details: error.message }, { status: 500 })
+  }
+}