mirror of
https://github.com/pacnpal/thrilltrack-explorer.git
synced 2025-12-20 08:11:13 -05:00
112 lines
3.1 KiB
TypeScript
112 lines
3.1 KiB
TypeScript
import { createClient } from 'https://esm.sh/@supabase/supabase-js@2.57.4';
|
|
|
|
const corsHeaders = {
|
|
'Access-Control-Allow-Origin': '*',
|
|
'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type',
|
|
};
|
|
|
|
Deno.serve(async (req) => {
|
|
// Handle CORS preflight requests
|
|
if (req.method === 'OPTIONS') {
|
|
return new Response(null, { headers: corsHeaders });
|
|
}
|
|
|
|
try {
|
|
// Create admin client with service role key
|
|
const supabaseAdmin = createClient(
|
|
Deno.env.get('SUPABASE_URL') ?? '',
|
|
Deno.env.get('SUPABASE_SERVICE_ROLE_KEY') ?? '',
|
|
{
|
|
auth: {
|
|
autoRefreshToken: false,
|
|
persistSession: false
|
|
}
|
|
}
|
|
);
|
|
|
|
// Get the user from the authorization header
|
|
const authHeader = req.headers.get('Authorization');
|
|
if (!authHeader) {
|
|
throw new Error('No authorization header');
|
|
}
|
|
|
|
const token = authHeader.replace('Bearer ', '');
|
|
const { data: { user }, error: userError } = await supabaseAdmin.auth.getUser(token);
|
|
|
|
if (userError || !user) {
|
|
throw new Error('Unauthorized');
|
|
}
|
|
|
|
console.log(`Cancelling email change for user ${user.id}`, {
|
|
currentEmail: user.email,
|
|
newEmail: user.new_email
|
|
});
|
|
|
|
// Use admin client to force reset email to current value
|
|
// This clears any pending email changes (new_email field)
|
|
const { data: updatedUser, error: updateError } = await supabaseAdmin.auth.admin.updateUserById(
|
|
user.id,
|
|
{
|
|
email: user.email,
|
|
email_confirm: true, // Skip sending confirmation email since we're "changing" to same email
|
|
}
|
|
);
|
|
|
|
if (updateError) {
|
|
console.error('Error cancelling email change:', updateError);
|
|
throw updateError;
|
|
}
|
|
|
|
console.log(`Successfully cancelled email change for user ${user.id}`, {
|
|
resultEmail: updatedUser.user.email,
|
|
resultNewEmail: updatedUser.user.new_email
|
|
});
|
|
|
|
// Log the cancellation in admin_audit_log
|
|
const { error: auditError } = await supabaseAdmin
|
|
.from('admin_audit_log')
|
|
.insert({
|
|
admin_user_id: user.id,
|
|
target_user_id: user.id,
|
|
action: 'email_change_cancelled',
|
|
details: {
|
|
cancelled_at: new Date().toISOString(),
|
|
current_email: user.email,
|
|
},
|
|
});
|
|
|
|
if (auditError) {
|
|
console.error('Error logging audit:', auditError);
|
|
// Don't fail the request if audit logging fails
|
|
}
|
|
|
|
return new Response(
|
|
JSON.stringify({
|
|
success: true,
|
|
message: 'Email change cancelled successfully',
|
|
user: {
|
|
id: updatedUser.user.id,
|
|
email: updatedUser.user.email,
|
|
new_email: updatedUser.user.new_email,
|
|
},
|
|
}),
|
|
{
|
|
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
|
|
status: 200,
|
|
}
|
|
);
|
|
} catch (error) {
|
|
console.error('Error in cancel-email-change function:', error);
|
|
return new Response(
|
|
JSON.stringify({
|
|
success: false,
|
|
error: error.message,
|
|
}),
|
|
{
|
|
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
|
|
status: 400,
|
|
}
|
|
);
|
|
}
|
|
});
|