From 7471901fee46527278fbbd030c56301d54428aeb Mon Sep 17 00:00:00 2001
From: Justin Edmund <justin@jedmund.com>
Date: Tue, 2 Dec 2025 08:11:16 -0800
Subject: [PATCH] fix userAdapter instantiation in auth endpoints

---
 src/hooks.server.ts               |  6 ++++++
 src/routes/auth/login/+server.ts  | 16 +++++++++++++---
 src/routes/auth/signup/+server.ts |  3 +--
 3 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 51f4627d..99d202b0 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -9,12 +9,18 @@ export const handleSession: Handle = async ({ event, resolve }) => {
 	const user = getUserFromCookies(event.cookies)
 
 	// Debug logging for auth issues
+	const allCookies = event.cookies.getAll()
+	console.log('[hooks.server] Request to:', event.url.pathname)
+	console.log('[hooks.server] All cookies:', allCookies.map(c => c.name))
+
 	if (account) {
 		console.log('[hooks.server] Account cookie found:', {
 			hasToken: !!account.token,
 			hasExpiresAt: !!account.expires_at,
 			username: account.username
 		})
+	} else {
+		console.log('[hooks.server] No account cookie found')
 	}
 
 	event.locals.session = {
diff --git a/src/routes/auth/login/+server.ts b/src/routes/auth/login/+server.ts
index e3b199bf..34c9e389 100644
--- a/src/routes/auth/login/+server.ts
+++ b/src/routes/auth/login/+server.ts
@@ -3,7 +3,7 @@ import { json } from '@sveltejs/kit'
 import { dev } from '$app/environment'
 import { z } from 'zod'
 import { passwordGrantLogin } from '$lib/auth/oauth'
-import { UserAdapter } from '$lib/api/adapters/user.adapter'
+import { userAdapter } from '$lib/api/adapters/user.adapter'
 import { buildCookies } from '$lib/auth/map'
 import { setAccountCookie, setUserCookie, setRefreshCookie } from '$lib/auth/cookies'
 
@@ -22,23 +22,29 @@ export const POST: RequestHandler = async ({ request, cookies, fetch }) => {
 	}
 
 	try {
+		console.log('[Login] Starting login for:', parsed.data.email)
 		const oauth = await passwordGrantLogin(fetch, parsed.data)
+		console.log('[Login] OAuth successful, got token for user:', oauth.user.username)
 
-		// Create a UserAdapter instance and pass the auth token
-		const userAdapter = new UserAdapter()
+		// Get user info using the pre-configured adapter
 		const info = await userAdapter.getInfo(oauth.user.username, {
 			headers: {
 				Authorization: `Bearer ${oauth.access_token}`
 			}
 		})
+		console.log('[Login] Got user info:', info.username)
 
 		const { account, user, accessTokenExpiresAt, refresh } = buildCookies(oauth, info)
 
 		// Use secure cookies in production (dev flag handles this correctly behind proxies)
 		const secure = !dev
+		console.log('[Login] Setting cookies - secure:', secure, 'dev:', dev)
+		console.log('[Login] Account cookie data:', { userId: account.userId, username: account.username, hasToken: !!account.token })
+
 		setAccountCookie(cookies, account, { secure, expires: accessTokenExpiresAt })
 		setUserCookie(cookies, user, { secure, expires: accessTokenExpiresAt })
 		setRefreshCookie(cookies, refresh, { secure, expires: accessTokenExpiresAt })
+		console.log('[Login] Cookies set, returning response')
 
 		// Return access token for client-side storage
 		return json({
@@ -49,6 +55,10 @@ export const POST: RequestHandler = async ({ request, cookies, fetch }) => {
 			expires_at: accessTokenExpiresAt.toISOString()
 		})
 	} catch (e: any) {
+		console.error('[Login] Error:', e)
+		console.error('[Login] Error message:', e?.message)
+		console.error('[Login] Error stack:', e?.stack)
+
 		if (String(e?.message) === 'unauthorized') {
 			return json({ error: 'Invalid email or password' }, { status: 401 })
 		}
diff --git a/src/routes/auth/signup/+server.ts b/src/routes/auth/signup/+server.ts
index 2167affe..d139b623 100644
--- a/src/routes/auth/signup/+server.ts
+++ b/src/routes/auth/signup/+server.ts
@@ -4,7 +4,7 @@ import { dev } from '$app/environment'
 import { z } from 'zod'
 import { PUBLIC_SIERO_API_URL } from '$env/static/public'
 import { passwordGrantLogin } from '$lib/auth/oauth'
-import { UserAdapter } from '$lib/api/adapters/user.adapter'
+import { userAdapter } from '$lib/api/adapters/user.adapter'
 import { buildCookies } from '$lib/auth/map'
 import { setAccountCookie, setUserCookie, setRefreshCookie } from '$lib/auth/cookies'
 
@@ -75,7 +75,6 @@ export const POST: RequestHandler = async ({ request, cookies, fetch }) => {
 		})
 
 		// 3. Get additional user info
-		const userAdapter = new UserAdapter()
 		const info = await userAdapter.getInfo(oauth.user.username, {
 			headers: {
 				Authorization: `Bearer ${oauth.access_token}`