diff --git a/src/app/api/auth/wp-login/route.ts b/src/app/api/auth/wp-login/route.ts index 87c76c8..7c2e2b1 100644 --- a/src/app/api/auth/wp-login/route.ts +++ b/src/app/api/auth/wp-login/route.ts @@ -47,13 +47,34 @@ export async function POST(request: NextRequest) { ); } - // 3. Validate the phpass hash + // 3. If the legacy row is already linked to an auth user (password upgraded + // via a previous successful login, or relinked manually), skip phpass + // entirely — the legacy hash is stale once a Supabase password exists. + if (legacyUser.auth_user_id || legacyUser.password_upgraded) { + const { data: signInData, error: signInError } = await supabase.auth.signInWithPassword({ + email: email.toLowerCase().trim(), + password, + }); + if (signInError || !signInData.session) { + return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 }); + } + return NextResponse.json({ + success: true, + session: signInData.session, + user: signInData.user, + migrated: true, + legacy: true, + }); + } + + // 4. First-time login for a never-migrated WP user — validate phpass. const passwordValid = await validatePhpassPassword(password, legacyUser.wp_hashed_password); if (!passwordValid) { return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 }); } - // 4. If user already has a Supabase auth account, sign them in + // (legacy fallthrough — auth_user_id is null at this point, but keep the + // shape of the prior post-validation branch for code readability.) if (legacyUser.auth_user_id) { // User already migrated — sign in normally const { data: signInData, error: signInError } = await supabase.auth.signInWithPassword({