Implement 5-day plan

2025-12-20 09:31:13 -05:00 · 2025-10-21 12:37:28 +00:00
parent 638d49c8d9
commit 12433e49e3
8 changed files with 490 additions and 73 deletions
--- a/supabase/functions/cancel-email-change/index.ts
+++ b/supabase/functions/cancel-email-change/index.ts
@@ -1,4 +1,5 @@
 import { createClient } from 'https://esm.sh/@supabase/supabase-js@2.57.4';
+import { edgeLogger, startRequest, endRequest } from '../_shared/logger.ts';

 const corsHeaders = {
  'Access-Control-Allow-Origin': '*',
@@ -6,16 +7,28 @@ const corsHeaders = {
 };

 Deno.serve(async (req) => {
+  const tracking = startRequest();
+  
  // Handle CORS preflight requests
  if (req.method === 'OPTIONS') {
-    return new Response(null, { headers: corsHeaders });
+    return new Response(null, { 
+      headers: { 
+        ...corsHeaders,
+        'X-Request-ID': tracking.requestId 
+      } 
+    });
  }

  try {
    // Get the user from the authorization header
    const authHeader = req.headers.get('Authorization');
    if (!authHeader) {
-      console.error('Missing authorization header');
+      const duration = endRequest(tracking);
+      edgeLogger.error('Missing authorization header', { 
+        action: 'cancel_email_change',
+        requestId: tracking.requestId,
+        duration 
+      });
      throw new Error('No authorization header provided. Please ensure you are logged in.');
    }

@@ -49,12 +62,22 @@ Deno.serve(async (req) => {
    const { data: { user }, error: authError } = await supabaseAdmin.auth.getUser(token);
    
    if (authError || !user) {
-      console.error('Auth verification failed:', authError);
+      const duration = endRequest(tracking);
+      edgeLogger.error('Auth verification failed', { 
+        action: 'cancel_email_change',
+        requestId: tracking.requestId,
+        duration,
+        error: authError 
+      });
      throw new Error('Invalid session token. Please refresh the page and try again.');
    }

    const userId = user.id;
-    console.log(`Cancelling email change for user ${userId}`);
+    edgeLogger.info('Cancelling email change for user', { 
+      action: 'cancel_email_change',
+      requestId: tracking.requestId,
+      userId 
+    });

    // Call the database function to clear email change fields
    // This function has SECURITY DEFINER privileges to access auth.users
@@ -85,6 +108,14 @@ Deno.serve(async (req) => {
      // Don't fail the request if audit logging fails
    }

+    const duration = endRequest(tracking);
+    edgeLogger.info('Successfully cancelled email change', { 
+      action: 'cancel_email_change',
+      requestId: tracking.requestId,
+      userId,
+      duration 
+    });
+
    return new Response(
      JSON.stringify({
        success: true,
@@ -94,21 +125,37 @@ Deno.serve(async (req) => {
          email: null,
          new_email: null,
        },
+        requestId: tracking.requestId,
      }),
      {
-        headers: { ...corsHeaders, 'Content-Type': 'application/json' },
+        headers: { 
+          ...corsHeaders, 
+          'Content-Type': 'application/json',
+          'X-Request-ID': tracking.requestId 
+        },
        status: 200,
      }
    );
  } catch (error) {
-    console.error('Error in cancel-email-change function:', error);
+    const duration = endRequest(tracking);
+    edgeLogger.error('Error in cancel-email-change function', { 
+      action: 'cancel_email_change',
+      requestId: tracking.requestId,
+      duration,
+      error: error instanceof Error ? error.message : String(error) 
+    });
    return new Response(
      JSON.stringify({
        success: false,
        error: error instanceof Error ? error.message : 'An unknown error occurred',
+        requestId: tracking.requestId,
      }),
      {
-        headers: { ...corsHeaders, 'Content-Type': 'application/json' },
+        headers: { 
+          ...corsHeaders, 
+          'Content-Type': 'application/json',
+          'X-Request-ID': tracking.requestId 
+        },
        status: 400,
      }
    );