wp-login: fall back to native signInWithPassword when no wp_legacy_users row
The /api/auth/wp-login route previously returned 401 immediately if the email had no bb.wp_legacy_users entry. That made it impossible for modern staff accounts (created directly via the Supabase Auth Admin API, no WP migration history) to sign in via /client-login. When the legacy lookup misses, fall through to a regular supabase.auth.signInWithPassword call. If that succeeds, return a success response with legacy=false so the client can distinguish modern auth from a phpass-migrated session. Existing legacy WP users keep working — the fallback only fires when the legacy lookup returns no rows.
This commit is contained in:
@@ -17,8 +17,24 @@ export async function POST(request: NextRequest) {
|
||||
const { data: wpUser, error: lookupError } = await supabase
|
||||
.rpc('get_wp_user_hash', { p_email: email.toLowerCase().trim() });
|
||||
|
||||
// No legacy WP record → fall through to native Supabase auth.
|
||||
// Covers users created directly via the Auth Admin API (e.g. modern
|
||||
// staff accounts that never lived in the WP install).
|
||||
if (lookupError || !wpUser || wpUser.length === 0) {
|
||||
return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 });
|
||||
const { data: nativeSignIn, error: nativeErr } = await supabase.auth.signInWithPassword({
|
||||
email: email.toLowerCase().trim(),
|
||||
password,
|
||||
});
|
||||
if (nativeErr || !nativeSignIn.session) {
|
||||
return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 });
|
||||
}
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
session: nativeSignIn.session,
|
||||
user: nativeSignIn.user,
|
||||
migrated: true,
|
||||
legacy: false,
|
||||
});
|
||||
}
|
||||
|
||||
const legacyUser = wpUser[0];
|
||||
|
||||
Reference in New Issue
Block a user