fix: Implement comprehensive edit event button functionality and resolve authentication issues

Major fixes and improvements: - Fixed edit event button functionality with proper event handlers and DOM ready state checking - Added status column to tickets table via Supabase migration to resolve 500 API errors - Updated stats API to correctly calculate revenue from decimal price values - Resolved authentication redirect loops by fixing cookie configuration for Docker environment - Fixed Permissions-Policy header syntax errors - Added comprehensive debugging and error handling for event management - Implemented modal-based event editing with form validation and API integration - Enhanced event data loading with proper error handling and user feedback 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-14 18:49:49 -06:00
parent b07ee8cdff
commit dbf4b11e81
216 changed files with 15891 additions and 468 deletions
--- a/src/pages/api/auth/login.ts
+++ b/src/pages/api/auth/login.ts
@@ -1,6 +1,37 @@
 import type { APIRoute } from 'astro';
 import { createSupabaseServerClient } from '../../../lib/supabase-ssr';

+// Helper function to retry authentication with exponential backoff
+async function retryAuth(supabase: any, email: string, password: string, maxRetries = 3) {
+  for (let attempt = 1; attempt <= maxRetries; attempt++) {
+    try {
+      const { data, error } = await supabase.auth.signInWithPassword({
+        email,
+        password,
+      });
+      
+      // If successful or non-rate-limit error, return immediately
+      if (!error || (!error.message.includes('over_request_rate_limit') && error.status !== 429)) {
+        return { data, error };
+      }
+      
+      // If rate limited and not final attempt, wait and retry
+      if (attempt < maxRetries) {
+        const delay = Math.pow(2, attempt) * 1000; // Exponential backoff: 2s, 4s, 8s
+        console.log(`[LOGIN] Rate limited, waiting ${delay}ms before retry ${attempt + 1}`);
+        await new Promise(resolve => setTimeout(resolve, delay));
+        continue;
+      }
+      
+      // Final attempt failed, return the error
+      return { data, error };
+    } catch (err) {
+      // Non-auth errors, return immediately
+      return { data: null, error: err };
+    }
+  }
+}
+
 export const POST: APIRoute = async ({ request, cookies }) => {
  try {
    const formData = await request.json();
@@ -20,10 +51,7 @@ export const POST: APIRoute = async ({ request, cookies }) => {
    const supabase = createSupabaseServerClient(cookies);
    console.log('[LOGIN] Created Supabase client');
    
-    const { data, error } = await supabase.auth.signInWithPassword({
-      email,
-      password,
-    });
+    const { data, error } = await retryAuth(supabase, email, password);
    
    console.log('[LOGIN] Supabase response:', { 
      hasUser: !!data?.user, 
@@ -33,8 +61,33 @@ export const POST: APIRoute = async ({ request, cookies }) => {
    
    if (error) {
      console.log('[LOGIN] Authentication failed:', error.message);
+      
+      // Handle specific error types
+      if (error.message.includes('over_request_rate_limit') || error.status === 429) {
+        return new Response(JSON.stringify({ 
+          error: 'Too many login attempts. Please wait 5 minutes and try again.',
+          code: 'RATE_LIMITED'
+        }), {
+          status: 429,
+          headers: { 'Content-Type': 'application/json' }
+        });
+      }
+      
+      // Handle invalid credentials
+      if (error.message.includes('Invalid login credentials') || error.message.includes('Email not confirmed')) {
+        return new Response(JSON.stringify({ 
+          error: 'Invalid email or password. Please check your credentials.',
+          code: 'INVALID_CREDENTIALS'
+        }), {
+          status: 401,
+          headers: { 'Content-Type': 'application/json' }
+        });
+      }
+      
+      // Generic error fallback
      return new Response(JSON.stringify({ 
-        error: error.message 
+        error: error.message || 'Authentication failed',
+        code: 'AUTH_ERROR'
      }), {
        status: 401,
        headers: { 'Content-Type': 'application/json' }
@@ -73,9 +126,7 @@ export const POST: APIRoute = async ({ request, cookies }) => {
    
    const redirectTo = !userData?.organization_id 
      ? '/onboarding/organization' 
-      : userData?.role === 'admin' 
-        ? '/admin/dashboard' 
-        : '/dashboard';
+      : '/dashboard';
    
    console.log('[LOGIN] Redirecting to:', redirectTo);