Refactor: Implement sign-out and re-login flow

2025-12-21 17:31:12 -05:00 · 2025-10-14 15:16:49 +00:00
parent 92943f2692
commit 52cad6c4dc
5 changed files with 84 additions and 119 deletions
--- a/src/lib/identityService.ts
+++ b/src/lib/identityService.ts
@@ -204,7 +204,9 @@ export async function addPasswordToAccount(
    }
    
    const { data: { user } } = await supabase.auth.getUser();
-    if (!user?.email) {
+    const userEmail = user?.email;
+    
+    if (!userEmail) {
      return {
        success: false,
        error: 'No email address found on your account'
@@ -216,56 +218,21 @@ export async function addPasswordToAccount(
    const { error: updateError } = await supabase.auth.updateUser({ password });
    if (updateError) throw updateError;
    
-    // Step 2: IMMEDIATELY attempt sign-in to force identity creation
-    // This is the ONLY reliable way to create the email identity
-    console.log('[IdentityService] Attempting sign-in to create email identity');
-    const { error: signInError } = await supabase.auth.signInWithPassword({
-      email: user.email,
-      password: password
+    // Step 2: Log the password addition
+    await logIdentityChange(user!.id, 'password_added', { 
+      method: 'oauth_with_relogin_required' 
    });
    
-    if (signInError) {
-      // Sign-in failed, but password was set
-      console.error('[IdentityService] Sign-in failed:', signInError);
-      
-      // Check if it's just an email confirmation issue
-      if (signInError.message?.includes('Email not confirmed')) {
-        // Password is set, identity might be created, just needs confirmation
-        console.log('[IdentityService] Email confirmation required, checking identity');
-        const emailCreated = await waitForEmailProvider(3);
-        if (emailCreated) {
-          await logIdentityChange(user.id, 'password_added', { 
-            method: 'oauth_fallback_unconfirmed' 
-          });
-          return { success: true };
-        }
-      }
-      
-      return {
-        success: false,
-        error: `Password was set but authentication failed: ${signInError.message}. Please try signing out and signing back in with your email and password.`
-      };
-    }
+    // Step 3: Sign the user out so they can sign back in with email/password
+    console.log('[IdentityService] Signing user out to force re-login');
+    await supabase.auth.signOut();
    
-    // Step 3: Verify identity was created
-    console.log('[IdentityService] Sign-in successful, verifying identity creation');
-    const emailCreated = await waitForEmailProvider(4);
-    
-    if (!emailCreated) {
-      console.error('[IdentityService] Identity not found after successful sign-in');
-      return {
-        success: false,
-        error: 'Password authentication was successful but identity verification failed. Please refresh the page.'
-      };
-    }
-    
-    // Step 4: Log success
-    console.log('[IdentityService] Email identity successfully created');
-    await logIdentityChange(user.id, 'password_added', { 
-      method: 'oauth_fallback_signin' 
-    });
-    
-    return { success: true };
+    // Return success with relogin flag
+    return { 
+      success: true,
+      needsRelogin: true,
+      email: userEmail
+    };
    
  } catch (error: any) {
    console.error('[IdentityService] Failed to add password:', error);