3.9 KiB
3.9 KiB
Current Status & Remaining Work
✅ Completed
1. Code Duplication Fixed
- Created:
supabase/shared/email-template-renderer.ts - Updated:
send-auth-otpimports from shared file (eliminates 260 lines of duplicate code) - Benefit: Single source of truth for email master template
2. Unconfirmed Email Login Detection
- Added:
isResendOTPstate to track existing users - Updated: Login error handler detects "Email not confirmed" error
- Result: Shows helpful message when user tries to login with unconfirmed email
⚠️ Remaining Work
Issue: Unconfirmed Email User Flow
Problem: User registers → Closes tab → Tries to login → Gets error "Email not confirmed" → What next?
Current Behavior:
User tries to login → Error: "Email not confirmed"
→ Shows toast message
→ Sets isResendOTP = true
→ Shows OTP form
Missing Pieces:
- ✅ Detection of unconfirmed email
- ❌ Need user_id to send OTP (we only have email at this point)
- ❌ Need button to "Request OTP" for existing users
- ❌ Need to fetch user_id from database using email
Proposed Solution
Add a new edge function or database query to get user_id by email:
// In useAuth hook
getUserIdByEmail: (email: string) => Promise<string | null>
Then update the auth page flow:
if (error.message.includes('Email not confirmed')) {
// Fetch user_id from database
const userId = await getUserIdByEmail(email);
if (userId) {
setPendingUserId(userId);
setIsResendOTP(true);
setShowOTP(true);
toast({
title: 'Email Belum Dikonfirmasi',
description: 'Silakan verifikasi email Anda. Kirim ulang kode OTP?',
});
// Auto-send OTP
const result = await sendAuthOTP(userId, email);
if (result.success) {
setResendCountdown(60);
}
}
}
Quick Fix for Now (Manual)
For immediate testing, you can:
- Get user_id manually from database:
SELECT id, email, email_confirmed_at
FROM auth.users
WHERE email = 'user@example.com';
- Test OTP with curl:
curl -X POST https://lovable.backoffice.biz.id/functions/v1/send-auth-otp \
-H "Authorization: Bearer YOUR_SERVICE_KEY" \
-H "Content-Type: application/json" \
-d '{"user_id":"USER_ID_FROM_STEP_1","email":"user@example.com"}'
- User receives OTP and can verify
Testing Checklist
Registration Flow ✅
- Register new user
- Receive OTP email with master template
- Enter OTP code
- Email confirmed
- Can login
Unconfirmed Email Login ⚠️
- Login fails with "Email not confirmed" error
- User can request new OTP
- User receives new OTP
- User can verify and login
Files Changed in This Session
-
supabase/shared/email-template-renderer.ts (NEW)
- Extracted master template from src/lib
- Can be imported by edge functions
-
supabase/functions/send-auth-otp/index.ts
- Removed 260 lines of duplicate EmailTemplateRenderer class
- Now imports from
../shared/email-template-renderer.ts
-
src/pages/auth.tsx
- Added
isResendOTPstate - Updated login error handler
- Shows helpful message for unconfirmed email
- Added
Next Steps
Option 1: Quick Fix (5 minutes)
Add a "Request OTP" button that appears when login fails. User clicks button → enters email → we fetch user_id from database → send OTP.
Option 2: Complete Solution (15 minutes)
- Create
get-user-by-emailedge function - Add
getUserIdByEmailto useAuth hook - Auto-send OTP on login failure
- Show "OTP sent" message
- User enters OTP → verified → can login
For Now
Users who register but don't verify email:
- Can't login (shows error)
- Need to register again with new email OR
- Manually verify via database query
This is acceptable for testing but should be fixed before production use.
Would you like me to implement the complete solution now?