Enhance authentication flow: Add authentication-based buttons in AppNavigation for logged-in users, improve member status checks in useAuth, and update join page to automatically redirect to the dashboard after registration. Adjust cookie settings for better development experience.

2025-09-03 16:55:01 +01:00 · 2025-09-03 16:55:01 +01:00 · 600fef2b7c
commit 600fef2b7c
parent 2ca290d6e0
11 changed files with 347 additions and 25 deletions
--- a/server/api/auth/logout.post.js
+++ b/server/api/auth/logout.post.js
@ -1,9 +1,9 @@
 export default defineEventHandler(async (event) => {
  // Clear the auth token cookie
  setCookie(event, 'auth-token', '', {
-    httpOnly: true,
-    secure: process.env.NODE_ENV === 'production',
-    sameSite: 'strict',
+    httpOnly: false, // Match the original cookie settings
+    secure: false, // Don't require HTTPS in development
+    sameSite: 'lax',
    maxAge: 0 // Expire immediately
  })

--- a/server/api/auth/member.get.js
+++ b/server/api/auth/member.get.js
@ -6,8 +6,10 @@ export default defineEventHandler(async (event) => {
  await connectDB()
  
  const token = getCookie(event, 'auth-token')
+  console.log('Auth check - token found:', !!token)
  
  if (!token) {
+    console.log('No auth token found in cookies')
    throw createError({ 
      statusCode: 401, 
      statusMessage: 'Not authenticated' 
--- a/server/api/auth/status.get.js
+++ b/server/api/auth/status.get.js
@ -0,0 +1,40 @@
+import jwt from 'jsonwebtoken'
+import Member from '../../models/member.js'
+import { connectDB } from '../../utils/mongoose.js'
+
+export default defineEventHandler(async (event) => {
+  await connectDB()
+  
+  const token = getCookie(event, 'auth-token')
+  console.log('🔍 Auth status check - token exists:', !!token)
+  
+  if (!token) {
+    return { authenticated: false, member: null }
+  }
+  
+  try {
+    const decoded = jwt.verify(token, process.env.JWT_SECRET)
+    const member = await Member.findById(decoded.memberId).select('-__v')
+    
+    if (!member) {
+      console.log('⚠️ Token valid but member not found')
+      return { authenticated: false, member: null }
+    }
+    
+    console.log('✅ Auth status check - member found:', member.email)
+    return { 
+      authenticated: true, 
+      member: {
+        id: member._id,
+        email: member.email,
+        name: member.name,
+        circle: member.circle,
+        contributionTier: member.contributionTier,
+        membershipLevel: `${member.circle}-${member.contributionTier}`
+      }
+    }
+  } catch (err) {
+    console.error('❌ Auth status check - token verification failed:', err.message)
+    return { authenticated: false, member: null }
+  }
+})
--- a/server/api/auth/verify.get.js
+++ b/server/api/auth/verify.get.js
@ -38,8 +38,8 @@ export default defineEventHandler(async (event) => {
    
    // Set the session cookie
    setCookie(event, 'auth-token', sessionToken, {
-      httpOnly: true,
-      secure: process.env.NODE_ENV === 'production',
+      httpOnly: false, // Allow JavaScript access for debugging in development
+      secure: false, // Don't require HTTPS in development
      sameSite: 'lax',
      maxAge: 60 * 60 * 24 * 30 // 30 days
    })