Fix orphaned password verification error

2025-12-21 17:31:12 -05:00 · 2025-10-14 15:50:45 +00:00
parent 71991f267b
commit 1f206ceecf
3 changed files with 48 additions and 16 deletions
--- a/src/lib/identityService.ts
+++ b/src/lib/identityService.ts
@@ -290,33 +290,54 @@ export async function hasOrphanedPassword(): Promise<boolean> {
 }

 /**
- * Re-verify password authentication by attempting sign-in
- * This forces Supabase to create the email identity if it's missing
+ * Re-verify password authentication by signing in and triggering email confirmation
+ * This creates the missing email identity through Supabase's confirmation flow
 */
 export async function reverifyPasswordAuth(
  email: string,
  password: string
 ): Promise<IdentityOperationResult> {
  try {
-    const { error } = await supabase.auth.signInWithPassword({
+    // Step 1: Verify credentials by signing in
+    console.log('[IdentityService] Verifying password credentials');
+    const { data: authData, error: signInError } = await supabase.auth.signInWithPassword({
      email,
      password
    });
    
-    if (error) throw error;
-    
-    // Check if email identity was created
-    const emailCreated = await waitForEmailProvider(3);
-    
-    if (!emailCreated) {
+    if (signInError) {
      return {
        success: false,
-        error: 'Sign-in successful but identity verification failed. Please contact support.'
+        error: 'Invalid email or password'
      };
    }
    
-    return { success: true };
+    // Step 2: Trigger email confirmation to create identity
+    console.log('[IdentityService] Credentials verified, triggering email confirmation');
+    const { error: updateError } = await supabase.auth.updateUser({
+      email: email // Re-confirming email triggers identity creation
+    });
+    
+    if (updateError) throw updateError;
+    
+    // Step 3: Sign out so user can confirm email
+    console.log('[IdentityService] Signing out to complete email confirmation');
+    await supabase.auth.signOut();
+    
+    // Step 4: Log the verification
+    if (authData.user) {
+      await logIdentityChange(authData.user.id, 'password_verified', {
+        method: 'orphaned_password_recovery'
+      });
+    }
+    
+    return { 
+      success: true,
+      needsEmailConfirmation: true,
+      email
+    };
  } catch (error: any) {
+    console.error('[IdentityService] Failed to verify password:', error);
    return {
      success: false,
      error: error.message || 'Failed to verify password authentication'