wp-login: skip phpass when legacy row is already linked to auth user
Previously the route ran phpass validation against wp_legacy_users. wp_hashed_password before checking auth_user_id, even for users who had already been migrated. That meant any user whose Supabase password diverged from the original WP hash (e.g., curated migration users like ryan.salazar@relevantmediaproperties.com — wp_id=1 'broadcastbeat', where the hash on the legacy row is from the migration template, not the user's current password) would get 401 even with the correct Supabase password. Fix: if auth_user_id is set OR password_upgraded is true, skip phpass and go directly to supabase.auth.signInWithPassword. The legacy hash is only authoritative for the first-ever login (when neither flag is set). Returns legacy:true so the client can distinguish from the fully-native signInWithPassword fallback (legacy:false).
This commit is contained in:
@@ -47,13 +47,34 @@ export async function POST(request: NextRequest) {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
// 3. Validate the phpass hash
|
// 3. If the legacy row is already linked to an auth user (password upgraded
|
||||||
|
// via a previous successful login, or relinked manually), skip phpass
|
||||||
|
// entirely — the legacy hash is stale once a Supabase password exists.
|
||||||
|
if (legacyUser.auth_user_id || legacyUser.password_upgraded) {
|
||||||
|
const { data: signInData, error: signInError } = await supabase.auth.signInWithPassword({
|
||||||
|
email: email.toLowerCase().trim(),
|
||||||
|
password,
|
||||||
|
});
|
||||||
|
if (signInError || !signInData.session) {
|
||||||
|
return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 });
|
||||||
|
}
|
||||||
|
return NextResponse.json({
|
||||||
|
success: true,
|
||||||
|
session: signInData.session,
|
||||||
|
user: signInData.user,
|
||||||
|
migrated: true,
|
||||||
|
legacy: true,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
// 4. First-time login for a never-migrated WP user — validate phpass.
|
||||||
const passwordValid = await validatePhpassPassword(password, legacyUser.wp_hashed_password);
|
const passwordValid = await validatePhpassPassword(password, legacyUser.wp_hashed_password);
|
||||||
if (!passwordValid) {
|
if (!passwordValid) {
|
||||||
return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 });
|
return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 });
|
||||||
}
|
}
|
||||||
|
|
||||||
// 4. If user already has a Supabase auth account, sign them in
|
// (legacy fallthrough — auth_user_id is null at this point, but keep the
|
||||||
|
// shape of the prior post-validation branch for code readability.)
|
||||||
if (legacyUser.auth_user_id) {
|
if (legacyUser.auth_user_id) {
|
||||||
// User already migrated — sign in normally
|
// User already migrated — sign in normally
|
||||||
const { data: signInData, error: signInError } = await supabase.auth.signInWithPassword({
|
const { data: signInData, error: signInError } = await supabase.auth.signInWithPassword({
|
||||||
|
|||||||
Reference in New Issue
Block a user