Fix : added login page edits

Sohan-Rout · Sohan-Rout · commit d779e9fecac3 · 2025-09-28T21:43:23.000+05:30
diff --git a/app/api/auth/route.js b/app/api/auth/route.js
@@ -43,12 +43,8 @@ export async function POST(req) {
     }
 
     else if (action === 'login') {
-      // Authenticate user using Supabase admin API (signInWithPassword)
-      const { data, error } = await supabase.auth.admin.signInWithPassword({ email, password })
-      if (error) {
-        return new Response(JSON.stringify({ success: false, message: error.message }), { status: 400 })
-      }
-      return new Response(JSON.stringify({ success: true, message: 'Login successful.' }), { status: 200 })
+      // For login, only verify captcha and return success.
+      return new Response(JSON.stringify({ success: true, message: 'Captcha verified. You can now login using email/password.' }), { status: 200 })
     }
 
     // Invalid action
diff --git a/app/login/page.jsx b/app/login/page.jsx
@@ -42,23 +42,30 @@ export default function LoginPage() {
     try {
       if (!captchaToken) throw new Error('Please complete captcha')
 
-      const res = await fetch('/auth', {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({
-          email,
-          password,
-          captchaToken,
-          action: isLogin ? 'login' : 'signup'
-        }),
-      })
-
-      const data = await res.json()
-      if (!data.success) throw new Error(data.message || 'Action failed')
-
       if (isLogin) {
+        // Verify captcha first via API route
+        const verifyRes = await fetch('/auth', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ email, password, captchaToken, action: 'login' }),
+        })
+        const verifyData = await verifyRes.json()
+        if (!verifyData.success) throw new Error(verifyData.message || 'Captcha verification failed')
+
+        // After captcha verified, login using frontend anon key
+        const { error } = await supabase.auth.signInWithPassword({ email, password })
+        if (error) throw error
+
         router.push('/dashboard')
       } else {
+        // Signup flow remains the same
+        const res = await fetch('/auth', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ email, password, captchaToken, action: 'signup' }),
+        })
+        const data = await res.json()
+        if (!data.success) throw new Error(data.message || 'Signup failed')
         alert(data.message)
         setIsLogin(true)
       }

Original file line number	Diff line number	Diff line change
`@@ -43,12 +43,8 @@ export async function POST(req) {`
`43`	`43`	`}`
`44`	`44`
`45`	`45`	`else if (action === 'login') {`
`46`		`- // Authenticate user using Supabase admin API (signInWithPassword)`
`47`		`- const { data, error } = await supabase.auth.admin.signInWithPassword({ email, password })`
`48`		`- if (error) {`
`49`		`- return new Response(JSON.stringify({ success: false, message: error.message }), { status: 400 })`
`50`		`- }`
`51`		`- return new Response(JSON.stringify({ success: true, message: 'Login successful.' }), { status: 200 })`
	`46`	`+ // For login, only verify captcha and return success.`
	`47`	`+ return new Response(JSON.stringify({ success: true, message: 'Captcha verified. You can now login using email/password.' }), { status: 200 })`
`52`	`48`	`}`
`53`	`49`
`54`	`50`	`// Invalid action`