From 9957faafd166510178dcd901c4afd0be33115bbb Mon Sep 17 00:00:00 2001
From: Sohan Rout <sohanrout84@gmail.com>
Date: Sun, 28 Sep 2025 21:22:20 +0530
Subject: [PATCH] Fix : added turnsite to only signup only

---
 app/api/auth/route.js |  40 +++++++++++++++++++++++++---------------
 app/login/page.jsx    |  10 ++++++----
 public/google.webp    | Bin 0 -> 1782 bytes
 3 files changed, 31 insertions(+), 19 deletions(-)
 create mode 100644 public/google.webp

diff --git a/app/api/auth/route.js b/app/api/auth/route.js
index 6633ff2..9894e1f 100644
--- a/app/api/auth/route.js
+++ b/app/api/auth/route.js
@@ -7,14 +7,19 @@ const supabase = createClient(
 
 export async function POST(req) {
   try {
-    const { email, password, captchaToken, action } = await req.json()
+    // Parse JSON body safely
+    const body = await req.json()
+    const { email, password, captchaToken, action } = body || {}
 
-    if (!email || !password)
-      return new Response(JSON.stringify({ message: 'Email and password required' }), { status: 400 })
+    // Validate required fields
+    if (!email || !password) {
+      return new Response(JSON.stringify({ success: false, message: 'Email and password are required' }), { status: 400 })
+    }
 
     if (action === 'signup') {
-      if (!captchaToken)
-        return new Response(JSON.stringify({ message: 'Captcha token missing' }), { status: 400 })
+      if (!captchaToken) {
+        return new Response(JSON.stringify({ success: false, message: 'Captcha token missing' }), { status: 400 })
+      }
 
       // Verify Turnstile token
       const verifyRes = await fetch('https://challenges.cloudflare.com/turnstile/v0/siteverify', {
@@ -26,27 +31,32 @@ export async function POST(req) {
         }),
       })
 
-      const data = await verifyRes.json()
-      if (!data.success)
-        return new Response(JSON.stringify({ message: 'Captcha verification failed' }), { status: 400 })
+      const verifyData = await verifyRes.json()
+      if (!verifyData.success) {
+        return new Response(JSON.stringify({ success: false, message: 'Captcha verification failed' }), { status: 400 })
+      }
 
       // Create Supabase user
       const { user, error } = await supabase.auth.admin.createUser({ email, password })
-      if (error)
-        return new Response(JSON.stringify({ message: error.message }), { status: 400 })
+      if (error) {
+        return new Response(JSON.stringify({ success: false, message: error.message }), { status: 400 })
+      }
 
-      return new Response(JSON.stringify({ message: 'Signup successful! Check your email.' }), { status: 200 })
+      return new Response(JSON.stringify({ success: true, message: 'Signup successful! Check your email.' }), { status: 200 })
     }
 
+    // Login stays frontend-only
     else if (action === 'login') {
-      return new Response(JSON.stringify({ message: 'Use frontend login with anon key' }), { status: 400 })
+      return new Response(JSON.stringify({ success: false, message: 'Use frontend login with anon key' }), { status: 400 })
     }
 
+    // Invalid action
     else {
-      return new Response(JSON.stringify({ message: 'Invalid action' }), { status: 400 })
+      return new Response(JSON.stringify({ success: false, message: 'Invalid action' }), { status: 400 })
     }
+
   } catch (err) {
-    console.error(err)
-    return new Response(JSON.stringify({ message: 'Internal server error' }), { status: 500 })
+    console.error('API Error:', err)
+    return new Response(JSON.stringify({ success: false, message: 'Internal server error' }), { status: 500 })
   }
 }
\ No newline at end of file
diff --git a/app/login/page.jsx b/app/login/page.jsx
index ac91dde..f1cfa59 100644
--- a/app/login/page.jsx
+++ b/app/login/page.jsx
@@ -41,7 +41,7 @@ export default function LoginPage() {
 
     try {
       if (isLogin) {
-        // Login with frontend anon key
+        // Login using frontend anon key only, no captcha
         const { error } = await supabase.auth.signInWithPassword({ email, password })
         if (error) throw error
         router.push('/dashboard')
@@ -56,13 +56,13 @@ export default function LoginPage() {
         })
 
         const data = await res.json()
-        if (!res.ok) throw new Error(data.message)
+        if (!data.success) throw new Error(data.message || 'Signup failed')
 
         alert(data.message)
         setIsLogin(true) // switch to login after signup
       }
     } catch (err) {
-      setError(err.message)
+      setError(err.message || 'Something went wrong')
     } finally {
       setLoading(false)
     }
@@ -141,6 +141,7 @@ export default function LoginPage() {
               </div>
             )}
 
+            {/* Turnstile only for signup */}
             {!isLogin && (
               <div className="flex justify-center">
                 <Turnstile
@@ -203,7 +204,8 @@ export default function LoginPage() {
             onClick={handleGoogleSignIn}
             className="w-full flex items-center justify-center py-3 px-4 rounded-lg border border-gray-300 dark:border-gray-600 bg-white dark:bg-gray-700 text-gray-700 dark:text-gray-200 font-medium hover:bg-gray-50 dark:hover:bg-gray-600 transition-all"
           >
-            Continue with Google
+              <img src="./google.webp" width={24}></img>
+              <span className='mx-2'>Continue with Google</span>
           </button>
 
           <div className="text-center text-xs text-gray-500 dark:text-gray-400 mt-6">
diff --git a/public/google.webp b/public/google.webp
new file mode 100644
index 0000000000000000000000000000000000000000..4355fcec8264f0f1c0c8224a674b8cb1f2ac81e2
GIT binary patch
literal 1782
zcmV<S1_}96Nk&HQ1^@t8MM6+kP&il$0000G0001A003VA06|PpNCg7`00E!`$+l_R
z8qc=h>)Ez#+qP}nwsG-{Z`-zQ+nkMk?%89`HRH7-Vghg@nX_#39z#cs9@?u#g*@(5
zou2x-#QfmO!p2_YpLCzlpIux!ys<Bd@(1&?hg9OUn7mRhl(Kh=*@r8JkpG&PzB!M%
zRbqa=tqNaBfbSPGv_b+MVdhB*HqAzv-zDJJEi{m@f7k0Mfsa({B7qNrc5?}QFtp1{
z-~*wZ^Z&s5Lj8RSyC2k#i1JH223E-l068l4+4v-(57gU<>H`B1yX&nndO-hQjeP|{
z&9N<+p3qMdeo8jbv!-Rx1Nzm4{#9kD*83yU1qR=tr9k}&k*+Y<Q`qBS@M3RR{EF2E
zUUnC9OSt(4sUO^|DBKP3^CahaI4a!Sj&$ZshNJ0}&*ABxl&+qX7v@*+bOvRTD_1FS
z^()4m8js(1uh|Du6A5#qhL}!Jj#AW%LXobF-{D2$$P~syZVZmBWgK*4UgRKSp&MHw
zDU3009En_D40I#Ky$g{P#u#4?G8Vd#7Fo+U<i@ec6vo4DY>#wh{NcvpNI8ZS^I~KK
zl+j+aO7IoqE-%U?xXKWXO6A$bzGWcc49a)~MInBks66G106H^nN`yZd(#c*LV}1td
zluzvmvvvlZDKgR81PU_dNKRwFG9F0cB<ERMbA&l5iHaOqYblRV^Cf{dIMT<^%amu4
zY<H40H*-j+Ba*_GBxz-2k#LcGPnL`|u}ZjmV&EN?oHcM!$ob<`r^#29lq!EI<TS)i
zqlui&rjYfF(DTK^zdVt>1xQ8q34aHO?KDIl7!WV#m?uT?Ur>*zh{#Jj23E-#$y}!8
zw6mXzZYK`jS2BGK<edL|@f+yny(r5=a~}pmvx^6-pxZILeb8<Y+5za7`8}wWF!^La
z{b6)PD8H76*$Q6;aT83hviDbK7|(yr*meY1_HILG@*&I;r;Y5$iGatxr1o$>gr0xW
zeZ0Rf56TQ5t4>dSJ<gAh>=|4F&gLxJyvNW{V}|u<Q@t>59034UP&gpM0{{RJ6#$(9
zDqsL$06uLjlSZT>A)zf)Opt&LiEIGA`W9N=Iep{uW7@jF{X6gXF7f#6$N0Wz|H^v+
z^8o!b=?~@u`M3B_*3W%!=6<R_z<PjxOaFz|0q6ny0qLpxk?>3Vjr*nTUDN^8-_eih
zzeQ##=wT9K#0?5>lV@;mv`7If=&Toi217B;GQ2*vM!=hyR5Oa!sZVUI<i1AW6l=-F
zVu5QIe)ktQe)`XgKOqJH0RCbRpg|jn394$f<)ibU-H>^o9n`*=WoPY2yhb9q0i}W=
z?$KSK%AZEsHSaWg8d2ud!E#t9cjSc3)_ON{OV-PeglrM0tik64XIVwV?Hve_K5iog
zAx^`;*5?%v!mmw~UgAF1!mvJjozL){e{s?;D%$O4|3Dv`wT0$&bYuiB>`cY96rQ{~
zAxLy!uu2j$XGd~Kuv2i5FP1M3Fpwh}wl4RT!y`|nHYkQHuShv;{L-3@;;-6~j?yZ&
z8c!nouVUW-Y{#%lKYBEZlQUin=m2dwrabN62RTmLXi<hjH8p?B-|Z!N0x;`+Z53BE
z90lzDJ&2D2oRCloGZJP+C=l;o*q;<uoTBMQ^w5tDcD0!k)x$c<xZTx%1s}h_aq$9t
z@|x^8Al>mx%?@=lZ5n}G>5$>dKK~Xn{v;Li(TB5&ThKj=V+;Cek1{;4t79M!QSKcm
zNPiR>kp!Rn*Pw}1#KNxdet{?tz}U^?xo0&Bqz1v~N~cs6*JHdAjdpIco5&z6Qf1eK
zx9-AL)$jyvAao+ET&hw|T8Vyn!gBW)L`leIl@q3;{y+6y_*C7T!^2bulg>RubBg?o
z75D|)v=bG0GHde1-0L44!FnRsqk}FQZ+{g$Sl-W<{Ac$6b`}-eRG*Yi3bjc5Es*O$
zbZPkf-GBHNe)+bbxOB(iYx)Q%+BnACF=zLcqtyNDYgBE`fjoWn!Fe5}4if$t@?wdW
zm5OnUk~LVmodALmAtCi(7TXK*SWL*4JmJSAuzda6jejR|U#w(|@Z1i+xSn_z>e=do
zI%?D&k++&!{2o8wM~8l*vgM{KOHLjBaTYtW<<MUbQay%ZdV-Stkv+>t{sqN?&C_g!
zX?CGnUMp&*->8L_*T!W_*LCnpx$!+lMqJ3?Ls3_bHc(uKJDM!>UFr0tlZ{WOp63^n
zCJ`-)m$B+&=k})byVc?#QF>~$0Z3!s2})yYd+0d!()?C-WhC05Rv7;c@Bim9|MQ4{
Y|C@<^>E&w%J@jY;l5ZSfR>%MV03zLSS^xk5

literal 0
HcmV?d00001