Add current status document with remaining work
This commit is contained in:
dwindown
142
CURRENT-STATUS.md
Normal file
142
CURRENT-STATUS.md
Normal file
@@ -0,0 +1,142 @@
|
||||
# Current Status & Remaining Work
|
||||
|
||||
## ✅ Completed
|
||||
|
||||
### 1. Code Duplication Fixed
|
||||
- **Created**: `supabase/shared/email-template-renderer.ts`
|
||||
- **Updated**: `send-auth-otp` imports from shared file (eliminates 260 lines of duplicate code)
|
||||
- **Benefit**: Single source of truth for email master template
|
||||
|
||||
### 2. Unconfirmed Email Login Detection
|
||||
- **Added**: `isResendOTP` state to track existing users
|
||||
- **Updated**: Login error handler detects "Email not confirmed" error
|
||||
- **Result**: Shows helpful message when user tries to login with unconfirmed email
|
||||
|
||||
## ⚠️ Remaining Work
|
||||
|
||||
### Issue: Unconfirmed Email User Flow
|
||||
|
||||
**Problem**: User registers → Closes tab → Tries to login → Gets error "Email not confirmed" → **What next?**
|
||||
|
||||
**Current Behavior**:
|
||||
```
|
||||
User tries to login → Error: "Email not confirmed"
|
||||
→ Shows toast message
|
||||
→ Sets isResendOTP = true
|
||||
→ Shows OTP form
|
||||
```
|
||||
|
||||
**Missing Pieces**:
|
||||
1. ✅ Detection of unconfirmed email
|
||||
2. ❌ **Need user_id to send OTP** (we only have email at this point)
|
||||
3. ❌ **Need button to "Request OTP"** for existing users
|
||||
4. ❌ **Need to fetch user_id from database** using email
|
||||
|
||||
### Proposed Solution
|
||||
|
||||
Add a new edge function or database query to get user_id by email:
|
||||
|
||||
```typescript
|
||||
// In useAuth hook
|
||||
getUserIdByEmail: (email: string) => Promise<string | null>
|
||||
```
|
||||
|
||||
Then update the auth page flow:
|
||||
|
||||
```typescript
|
||||
if (error.message.includes('Email not confirmed')) {
|
||||
// Fetch user_id from database
|
||||
const userId = await getUserIdByEmail(email);
|
||||
|
||||
if (userId) {
|
||||
setPendingUserId(userId);
|
||||
setIsResendOTP(true);
|
||||
setShowOTP(true);
|
||||
|
||||
toast({
|
||||
title: 'Email Belum Dikonfirmasi',
|
||||
description: 'Silakan verifikasi email Anda. Kirim ulang kode OTP?',
|
||||
});
|
||||
|
||||
// Auto-send OTP
|
||||
const result = await sendAuthOTP(userId, email);
|
||||
if (result.success) {
|
||||
setResendCountdown(60);
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
### Quick Fix for Now (Manual)
|
||||
|
||||
For immediate testing, you can:
|
||||
|
||||
1. **Get user_id manually from database**:
|
||||
```sql
|
||||
SELECT id, email, email_confirmed_at
|
||||
FROM auth.users
|
||||
WHERE email = 'user@example.com';
|
||||
```
|
||||
|
||||
2. **Test OTP with curl**:
|
||||
```bash
|
||||
curl -X POST https://lovable.backoffice.biz.id/functions/v1/send-auth-otp \
|
||||
-H "Authorization: Bearer YOUR_SERVICE_KEY" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d '{"user_id":"USER_ID_FROM_STEP_1","email":"user@example.com"}'
|
||||
```
|
||||
|
||||
3. **User receives OTP** and can verify
|
||||
|
||||
## Testing Checklist
|
||||
|
||||
### Registration Flow ✅
|
||||
- [x] Register new user
|
||||
- [x] Receive OTP email with master template
|
||||
- [x] Enter OTP code
|
||||
- [x] Email confirmed
|
||||
- [x] Can login
|
||||
|
||||
### Unconfirmed Email Login ⚠️
|
||||
- [x] Login fails with "Email not confirmed" error
|
||||
- [ ] User can request new OTP
|
||||
- [ ] User receives new OTP
|
||||
- [ ] User can verify and login
|
||||
|
||||
## Files Changed in This Session
|
||||
|
||||
1. **supabase/shared/email-template-renderer.ts** (NEW)
|
||||
- Extracted master template from src/lib
|
||||
- Can be imported by edge functions
|
||||
|
||||
2. **supabase/functions/send-auth-otp/index.ts**
|
||||
- Removed 260 lines of duplicate EmailTemplateRenderer class
|
||||
- Now imports from `../shared/email-template-renderer.ts`
|
||||
|
||||
3. **src/pages/auth.tsx**
|
||||
- Added `isResendOTP` state
|
||||
- Updated login error handler
|
||||
- Shows helpful message for unconfirmed email
|
||||
|
||||
## Next Steps
|
||||
|
||||
### Option 1: Quick Fix (5 minutes)
|
||||
Add a "Request OTP" button that appears when login fails. User clicks button → enters email → we fetch user_id from database → send OTP.
|
||||
|
||||
### Option 2: Complete Solution (15 minutes)
|
||||
1. Create `get-user-by-email` edge function
|
||||
2. Add `getUserIdByEmail` to useAuth hook
|
||||
3. Auto-send OTP on login failure
|
||||
4. Show "OTP sent" message
|
||||
5. User enters OTP → verified → can login
|
||||
|
||||
## For Now
|
||||
|
||||
**Users who register but don't verify email**:
|
||||
- Can't login (shows error)
|
||||
- Need to register again with new email OR
|
||||
- Manually verify via database query
|
||||
|
||||
**This is acceptable for testing** but should be fixed before production use.
|
||||
|
||||
Would you like me to implement the complete solution now?
|
||||
Reference in New Issue
Block a user