@blackcode_sa/metaestetics-api 1.14.0 → 1.14.2

package/dist/index.d.mts

@@ -8443,7 +8443,7 @@ declare class AuthService extends BaseService {
      * @returns Object containing user, practitioner (if exists), and draft profiles (if any)
      */
     signUpPractitionerWithGoogle(idToken: string): Promise<{
-        user: User;
+        user: User | null;
         practitioner: Practitioner | null;
         draftProfiles: Practitioner[];
     }>;

package/dist/index.d.ts

@@ -8443,7 +8443,7 @@ declare class AuthService extends BaseService {
      * @returns Object containing user, practitioner (if exists), and draft profiles (if any)
      */
     signUpPractitionerWithGoogle(idToken: string): Promise<{
-        user: User;
+        user: User | null;
         practitioner: Practitioner | null;
         draftProfiles: Practitioner[];
     }>;

package/dist/index.js

@@ -11308,6 +11308,9 @@ var PractitionerService = class extends BaseService {
    */
   async processBasicInfo(basicInfo, practitionerId) {
     const processedBasicInfo = { ...basicInfo };
+    if (processedBasicInfo.email) {
+      processedBasicInfo.email = processedBasicInfo.email.toLowerCase().trim();
+    }
     if (basicInfo.profileImageUrl) {
       const uploadedUrl = await this.handleProfilePhotoUpload(
         basicInfo.profileImageUrl,
@@ -11731,7 +11734,8 @@ var PractitionerService = class extends BaseService {
     try {
       const normalizedEmail = email.toLowerCase().trim();
       console.log("[PRACTITIONER] Searching for all draft practitioners by email", {
-        email: normalizedEmail
+        email: normalizedEmail,
+        originalEmail: email
       });
       const q = (0, import_firestore32.query)(
         (0, import_firestore32.collection)(this.db, PRACTITIONERS_COLLECTION),
@@ -11742,7 +11746,26 @@ var PractitionerService = class extends BaseService {
       const querySnapshot = await (0, import_firestore32.getDocs)(q);
       if (querySnapshot.empty) {
         console.log("[PRACTITIONER] No draft practitioners found for email", {
-          email: normalizedEmail
+          email: normalizedEmail,
+          originalEmail: email
+        });
+        const debugQ = (0, import_firestore32.query)(
+          (0, import_firestore32.collection)(this.db, PRACTITIONERS_COLLECTION),
+          (0, import_firestore32.where)("basicInfo.email", "==", normalizedEmail),
+          (0, import_firestore32.limit)(5)
+        );
+        const debugSnapshot = await (0, import_firestore32.getDocs)(debugQ);
+        console.log("[PRACTITIONER] Debug: Found practitioners with this email (any status):", {
+          count: debugSnapshot.size,
+          practitioners: debugSnapshot.docs.map((doc47) => {
+            var _a;
+            return {
+              id: doc47.id,
+              email: (_a = doc47.data().basicInfo) == null ? void 0 : _a.email,
+              status: doc47.data().status,
+              userRef: doc47.data().userRef
+            };
+          })
         });
         return [];
       }
@@ -16029,6 +16052,7 @@ var AuthService = class extends BaseService {
    * @returns Object containing user, practitioner (if exists), and draft profiles (if any)
    */
   async signUpPractitionerWithGoogle(idToken) {
+    var _a, _b;
     try {
       console.log("[AUTH] Starting practitioner Google Sign-In/Sign-Up");
       let email;
@@ -16062,12 +16086,67 @@ var AuthService = class extends BaseService {
         console.log("[AUTH] User exists with Google provider, signing in");
         const credential2 = import_auth8.GoogleAuthProvider.credential(idToken);
         const { user: firebaseUser2 } = await (0, import_auth8.signInWithCredential)(this.auth, credential2);
-        const existingUser2 = await this.userService.getUserById(firebaseUser2.uid);
+        let existingUser2 = null;
+        try {
+          existingUser2 = await this.userService.getUserById(firebaseUser2.uid);
+          console.log("[AUTH] User document found:", existingUser2.uid);
+        } catch (userError) {
+          console.log("[AUTH] User document not found in Firestore, checking for draft profiles", {
+            errorCode: userError == null ? void 0 : userError.code,
+            errorMessage: userError == null ? void 0 : userError.message,
+            errorType: (_a = userError == null ? void 0 : userError.constructor) == null ? void 0 : _a.name,
+            isAuthError: userError instanceof AuthError
+          });
+          const practitionerService2 = new PractitionerService(this.db, this.auth, this.app);
+          const draftProfiles3 = await practitionerService2.getDraftProfilesByEmail(normalizedEmail);
+          console.log("[AUTH] Draft profiles check result:", {
+            email: normalizedEmail,
+            draftProfilesCount: draftProfiles3.length,
+            draftProfileIds: draftProfiles3.map((p) => p.id)
+          });
+          if (draftProfiles3.length === 0) {
+            console.log("[AUTH] No draft profiles found, signing out and throwing error");
+            try {
+              await (0, import_auth8.signOut)(this.auth);
+            } catch (signOutError) {
+              console.warn("[AUTH] Error signing out Firebase user (non-critical):", signOutError);
+            }
+            throw new AuthError(
+              "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+              "AUTH/NO_DRAFT_PROFILES",
+              404
+            );
+          }
+          console.log("[AUTH] Draft profiles found, attempting to create user document");
+          const draftProfilesFound = await practitionerService2.getDraftProfilesByEmail(normalizedEmail);
+          try {
+            existingUser2 = await this.userService.createUser(firebaseUser2, ["practitioner" /* PRACTITIONER */], {
+              skipProfileCreation: true
+            });
+            console.log("[AUTH] Created user document for existing Firebase user with draft profiles:", existingUser2.uid);
+          } catch (createError) {
+            console.error("[AUTH] Error creating user document:", {
+              error: createError,
+              code: createError == null ? void 0 : createError.code,
+              message: createError == null ? void 0 : createError.message
+            });
+            try {
+              await (0, import_auth8.signOut)(this.auth);
+            } catch (signOutError) {
+              console.warn("[AUTH] Error signing out Firebase user (non-critical):", signOutError);
+            }
+            throw new AuthError(
+              "Unable to create account. Please use the token provided by your clinic to register, or contact support.",
+              "AUTH/USER_CREATION_FAILED",
+              500
+            );
+          }
+        }
         if (!existingUser2) {
           await (0, import_auth8.signOut)(this.auth);
           throw new AuthError(
-            "No account found. Please contact support.",
-            "AUTH/USER_NOT_FOUND",
+            "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+            "AUTH/NO_DRAFT_PROFILES",
             404
           );
         }
@@ -16117,16 +16196,47 @@ var AuthService = class extends BaseService {
         console.error("[AUTH] Error checking for existing user:", error);
       }
       console.log("[AUTH] Checking for draft profiles");
-      const draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+      let draftProfiles = [];
+      try {
+        draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+        console.log("[AUTH] Draft profiles check complete", { count: draftProfiles.length });
+      } catch (draftCheckError) {
+        console.error("[AUTH] Error checking draft profiles:", draftCheckError);
+        try {
+          await (0, import_auth8.signOut)(this.auth);
+        } catch (signOutError) {
+          console.warn("[AUTH] Error signing out Firebase user (non-critical):", signOutError);
+        }
+        throw new AuthError(
+          "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+          "AUTH/NO_DRAFT_PROFILES",
+          404
+        );
+      }
       let user;
       if (existingUser) {
         user = existingUser;
         console.log("[AUTH] Using existing user account");
       } else {
+        if (draftProfiles.length === 0) {
+          console.log("[AUTH] No draft profiles found, signing out and throwing error");
+          try {
+            await (0, import_auth8.signOut)(this.auth);
+          } catch (signOutError) {
+            console.warn("[AUTH] Error signing out Firebase user (non-critical):", signOutError);
+          }
+          const noDraftError = new AuthError(
+            "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+            "AUTH/NO_DRAFT_PROFILES",
+            404
+          );
+          console.log("[AUTH] Throwing NO_DRAFT_PROFILES error:", noDraftError.code);
+          throw noDraftError;
+        }
         user = await this.userService.createUser(firebaseUser, ["practitioner" /* PRACTITIONER */], {
           skipProfileCreation: true
         });
-        console.log("[AUTH] Created new user account");
+        console.log("[AUTH] Created new user account with draft profiles available");
       }
       let practitioner = null;
       if (user.practitionerProfile) {
@@ -16144,10 +16254,33 @@ var AuthService = class extends BaseService {
       };
     } catch (error) {
       console.error("[AUTH] Error in signUpPractitionerWithGoogle:", error);
+      console.error("[AUTH] Error type:", (_b = error == null ? void 0 : error.constructor) == null ? void 0 : _b.name);
+      console.error("[AUTH] Error instanceof AuthError:", error instanceof AuthError);
+      console.error("[AUTH] Error code:", error == null ? void 0 : error.code);
+      console.error("[AUTH] Error message:", error == null ? void 0 : error.message);
       if (error instanceof AuthError) {
+        console.log("[AUTH] Preserving AuthError:", error.code);
         throw error;
       }
-      throw handleFirebaseError(error);
+      const errorMessage = (error == null ? void 0 : error.message) || (error == null ? void 0 : error.toString()) || "";
+      if (errorMessage.includes("NO_DRAFT_PROFILES") || errorMessage.includes("clinic invitation")) {
+        console.log("[AUTH] Detected clinic invitation error in message, converting to AuthError");
+        throw new AuthError(
+          "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+          "AUTH/NO_DRAFT_PROFILES",
+          404
+        );
+      }
+      const wrappedError = handleFirebaseError(error);
+      console.log("[AUTH] Wrapped error:", wrappedError.message);
+      if (wrappedError.message.includes("permissions") || wrappedError.message.includes("Account creation failed")) {
+        throw new AuthError(
+          "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+          "AUTH/NO_DRAFT_PROFILES",
+          404
+        );
+      }
+      throw wrappedError;
     }
   }
   /**

package/dist/index.mjs

@@ -11331,6 +11331,9 @@ var PractitionerService = class extends BaseService {
    */
   async processBasicInfo(basicInfo, practitionerId) {
     const processedBasicInfo = { ...basicInfo };
+    if (processedBasicInfo.email) {
+      processedBasicInfo.email = processedBasicInfo.email.toLowerCase().trim();
+    }
     if (basicInfo.profileImageUrl) {
       const uploadedUrl = await this.handleProfilePhotoUpload(
         basicInfo.profileImageUrl,
@@ -11754,7 +11757,8 @@ var PractitionerService = class extends BaseService {
     try {
       const normalizedEmail = email.toLowerCase().trim();
       console.log("[PRACTITIONER] Searching for all draft practitioners by email", {
-        email: normalizedEmail
+        email: normalizedEmail,
+        originalEmail: email
       });
       const q = query13(
         collection13(this.db, PRACTITIONERS_COLLECTION),
@@ -11765,7 +11769,26 @@ var PractitionerService = class extends BaseService {
       const querySnapshot = await getDocs13(q);
       if (querySnapshot.empty) {
         console.log("[PRACTITIONER] No draft practitioners found for email", {
-          email: normalizedEmail
+          email: normalizedEmail,
+          originalEmail: email
+        });
+        const debugQ = query13(
+          collection13(this.db, PRACTITIONERS_COLLECTION),
+          where13("basicInfo.email", "==", normalizedEmail),
+          limit7(5)
+        );
+        const debugSnapshot = await getDocs13(debugQ);
+        console.log("[PRACTITIONER] Debug: Found practitioners with this email (any status):", {
+          count: debugSnapshot.size,
+          practitioners: debugSnapshot.docs.map((doc47) => {
+            var _a;
+            return {
+              id: doc47.id,
+              email: (_a = doc47.data().basicInfo) == null ? void 0 : _a.email,
+              status: doc47.data().status,
+              userRef: doc47.data().userRef
+            };
+          })
         });
         return [];
       }
@@ -16116,6 +16139,7 @@ var AuthService = class extends BaseService {
    * @returns Object containing user, practitioner (if exists), and draft profiles (if any)
    */
   async signUpPractitionerWithGoogle(idToken) {
+    var _a, _b;
     try {
       console.log("[AUTH] Starting practitioner Google Sign-In/Sign-Up");
       let email;
@@ -16149,12 +16173,67 @@ var AuthService = class extends BaseService {
         console.log("[AUTH] User exists with Google provider, signing in");
         const credential2 = GoogleAuthProvider.credential(idToken);
         const { user: firebaseUser2 } = await signInWithCredential(this.auth, credential2);
-        const existingUser2 = await this.userService.getUserById(firebaseUser2.uid);
+        let existingUser2 = null;
+        try {
+          existingUser2 = await this.userService.getUserById(firebaseUser2.uid);
+          console.log("[AUTH] User document found:", existingUser2.uid);
+        } catch (userError) {
+          console.log("[AUTH] User document not found in Firestore, checking for draft profiles", {
+            errorCode: userError == null ? void 0 : userError.code,
+            errorMessage: userError == null ? void 0 : userError.message,
+            errorType: (_a = userError == null ? void 0 : userError.constructor) == null ? void 0 : _a.name,
+            isAuthError: userError instanceof AuthError
+          });
+          const practitionerService2 = new PractitionerService(this.db, this.auth, this.app);
+          const draftProfiles3 = await practitionerService2.getDraftProfilesByEmail(normalizedEmail);
+          console.log("[AUTH] Draft profiles check result:", {
+            email: normalizedEmail,
+            draftProfilesCount: draftProfiles3.length,
+            draftProfileIds: draftProfiles3.map((p) => p.id)
+          });
+          if (draftProfiles3.length === 0) {
+            console.log("[AUTH] No draft profiles found, signing out and throwing error");
+            try {
+              await firebaseSignOut(this.auth);
+            } catch (signOutError) {
+              console.warn("[AUTH] Error signing out Firebase user (non-critical):", signOutError);
+            }
+            throw new AuthError(
+              "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+              "AUTH/NO_DRAFT_PROFILES",
+              404
+            );
+          }
+          console.log("[AUTH] Draft profiles found, attempting to create user document");
+          const draftProfilesFound = await practitionerService2.getDraftProfilesByEmail(normalizedEmail);
+          try {
+            existingUser2 = await this.userService.createUser(firebaseUser2, ["practitioner" /* PRACTITIONER */], {
+              skipProfileCreation: true
+            });
+            console.log("[AUTH] Created user document for existing Firebase user with draft profiles:", existingUser2.uid);
+          } catch (createError) {
+            console.error("[AUTH] Error creating user document:", {
+              error: createError,
+              code: createError == null ? void 0 : createError.code,
+              message: createError == null ? void 0 : createError.message
+            });
+            try {
+              await firebaseSignOut(this.auth);
+            } catch (signOutError) {
+              console.warn("[AUTH] Error signing out Firebase user (non-critical):", signOutError);
+            }
+            throw new AuthError(
+              "Unable to create account. Please use the token provided by your clinic to register, or contact support.",
+              "AUTH/USER_CREATION_FAILED",
+              500
+            );
+          }
+        }
         if (!existingUser2) {
           await firebaseSignOut(this.auth);
           throw new AuthError(
-            "No account found. Please contact support.",
-            "AUTH/USER_NOT_FOUND",
+            "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+            "AUTH/NO_DRAFT_PROFILES",
             404
           );
         }
@@ -16204,16 +16283,47 @@ var AuthService = class extends BaseService {
         console.error("[AUTH] Error checking for existing user:", error);
       }
       console.log("[AUTH] Checking for draft profiles");
-      const draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+      let draftProfiles = [];
+      try {
+        draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+        console.log("[AUTH] Draft profiles check complete", { count: draftProfiles.length });
+      } catch (draftCheckError) {
+        console.error("[AUTH] Error checking draft profiles:", draftCheckError);
+        try {
+          await firebaseSignOut(this.auth);
+        } catch (signOutError) {
+          console.warn("[AUTH] Error signing out Firebase user (non-critical):", signOutError);
+        }
+        throw new AuthError(
+          "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+          "AUTH/NO_DRAFT_PROFILES",
+          404
+        );
+      }
       let user;
       if (existingUser) {
         user = existingUser;
         console.log("[AUTH] Using existing user account");
       } else {
+        if (draftProfiles.length === 0) {
+          console.log("[AUTH] No draft profiles found, signing out and throwing error");
+          try {
+            await firebaseSignOut(this.auth);
+          } catch (signOutError) {
+            console.warn("[AUTH] Error signing out Firebase user (non-critical):", signOutError);
+          }
+          const noDraftError = new AuthError(
+            "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+            "AUTH/NO_DRAFT_PROFILES",
+            404
+          );
+          console.log("[AUTH] Throwing NO_DRAFT_PROFILES error:", noDraftError.code);
+          throw noDraftError;
+        }
         user = await this.userService.createUser(firebaseUser, ["practitioner" /* PRACTITIONER */], {
           skipProfileCreation: true
         });
-        console.log("[AUTH] Created new user account");
+        console.log("[AUTH] Created new user account with draft profiles available");
       }
       let practitioner = null;
       if (user.practitionerProfile) {
@@ -16231,10 +16341,33 @@ var AuthService = class extends BaseService {
       };
     } catch (error) {
       console.error("[AUTH] Error in signUpPractitionerWithGoogle:", error);
+      console.error("[AUTH] Error type:", (_b = error == null ? void 0 : error.constructor) == null ? void 0 : _b.name);
+      console.error("[AUTH] Error instanceof AuthError:", error instanceof AuthError);
+      console.error("[AUTH] Error code:", error == null ? void 0 : error.code);
+      console.error("[AUTH] Error message:", error == null ? void 0 : error.message);
       if (error instanceof AuthError) {
+        console.log("[AUTH] Preserving AuthError:", error.code);
         throw error;
       }
-      throw handleFirebaseError(error);
+      const errorMessage = (error == null ? void 0 : error.message) || (error == null ? void 0 : error.toString()) || "";
+      if (errorMessage.includes("NO_DRAFT_PROFILES") || errorMessage.includes("clinic invitation")) {
+        console.log("[AUTH] Detected clinic invitation error in message, converting to AuthError");
+        throw new AuthError(
+          "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+          "AUTH/NO_DRAFT_PROFILES",
+          404
+        );
+      }
+      const wrappedError = handleFirebaseError(error);
+      console.log("[AUTH] Wrapped error:", wrappedError.message);
+      if (wrappedError.message.includes("permissions") || wrappedError.message.includes("Account creation failed")) {
+        throw new AuthError(
+          "No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.",
+          "AUTH/NO_DRAFT_PROFILES",
+          404
+        );
+      }
+      throw wrappedError;
     }
   }
   /**

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@blackcode_sa/metaestetics-api",
   "private": false,
-  "version": "1.14.0",
+  "version": "1.14.2",
   "description": "Firebase authentication service with anonymous upgrade support",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

package/src/services/auth/auth.service.ts

@@ -1012,7 +1012,7 @@ export class AuthService extends BaseService {
   async signUpPractitionerWithGoogle(
     idToken: string
   ): Promise<{
-    user: User;
+    user: User | null;
     practitioner: Practitioner | null;
     draftProfiles: Practitioner[];
   }> {
@@ -1061,12 +1061,81 @@ export class AuthService extends BaseService {
         const credential = GoogleAuthProvider.credential(idToken);
         const { user: firebaseUser } = await signInWithCredential(this.auth, credential);
         
-        const existingUser = await this.userService.getUserById(firebaseUser.uid);
+        let existingUser: User | null = null;
+        try {
+          existingUser = await this.userService.getUserById(firebaseUser.uid);
+          console.log('[AUTH] User document found:', existingUser.uid);
+        } catch (userError: any) {
+          // User document doesn't exist in Firestore
+          console.log('[AUTH] User document not found in Firestore, checking for draft profiles', {
+            errorCode: userError?.code,
+            errorMessage: userError?.message,
+            errorType: userError?.constructor?.name,
+            isAuthError: userError instanceof AuthError,
+          });
+          
+          // Check for draft profiles before signing out
+          const practitionerService = new PractitionerService(this.db, this.auth, this.app);
+          const draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+          
+          console.log('[AUTH] Draft profiles check result:', {
+            email: normalizedEmail,
+            draftProfilesCount: draftProfiles.length,
+            draftProfileIds: draftProfiles.map(p => p.id),
+          });
+          
+          if (draftProfiles.length === 0) {
+            // No draft profiles - sign out and throw error
+            console.log('[AUTH] No draft profiles found, signing out and throwing error');
+            try {
+              await firebaseSignOut(this.auth);
+            } catch (signOutError) {
+              console.warn('[AUTH] Error signing out Firebase user (non-critical):', signOutError);
+            }
+            throw new AuthError(
+              'No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.',
+              'AUTH/NO_DRAFT_PROFILES',
+              404,
+            );
+          }
+          
+          // Draft profiles exist - try to create User document
+          // Firestore rules should allow authenticated users to create their own User document
+          console.log('[AUTH] Draft profiles found, attempting to create user document');
+          const draftProfilesFound = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+          
+          try {
+            existingUser = await this.userService.createUser(firebaseUser, [UserRole.PRACTITIONER], {
+              skipProfileCreation: true,
+            });
+            console.log('[AUTH] Created user document for existing Firebase user with draft profiles:', existingUser.uid);
+          } catch (createError: any) {
+            console.error('[AUTH] Error creating user document:', {
+              error: createError,
+              code: createError?.code,
+              message: createError?.message,
+            });
+            // If creation fails, sign out and throw error
+            // User will need to use token flow or contact support
+            try {
+              await firebaseSignOut(this.auth);
+            } catch (signOutError) {
+              console.warn('[AUTH] Error signing out Firebase user (non-critical):', signOutError);
+            }
+            throw new AuthError(
+              'Unable to create account. Please use the token provided by your clinic to register, or contact support.',
+              'AUTH/USER_CREATION_FAILED',
+              500,
+            );
+          }
+        }
+        
+        // User document exists - check for practitioner profile and draft profiles
         if (!existingUser) {
           await firebaseSignOut(this.auth);
           throw new AuthError(
-            'No account found. Please contact support.',
-            'AUTH/USER_NOT_FOUND',
+            'No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.',
+            'AUTH/NO_DRAFT_PROFILES',
             404,
           );
         }
@@ -1134,7 +1203,24 @@ export class AuthService extends BaseService {
 
       // Check for draft profiles
       console.log('[AUTH] Checking for draft profiles');
-      const draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+      let draftProfiles: Practitioner[] = [];
+      try {
+        draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+        console.log('[AUTH] Draft profiles check complete', { count: draftProfiles.length });
+      } catch (draftCheckError: any) {
+        console.error('[AUTH] Error checking draft profiles:', draftCheckError);
+        // If checking draft profiles fails, sign out and throw appropriate error
+        try {
+          await firebaseSignOut(this.auth);
+        } catch (signOutError) {
+          console.warn('[AUTH] Error signing out Firebase user (non-critical):', signOutError);
+        }
+        throw new AuthError(
+          'No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.',
+          'AUTH/NO_DRAFT_PROFILES',
+          404,
+        );
+      }
 
       let user: User;
       if (existingUser) {
@@ -1142,11 +1228,32 @@ export class AuthService extends BaseService {
         user = existingUser;
         console.log('[AUTH] Using existing user account');
       } else {
-        // Create new user document
+        // For new users: Only create account if there are draft profiles OR if user already has a practitioner profile
+        // Since doctors can only join via clinic invitation, we should not create accounts without invitations
+        if (draftProfiles.length === 0) {
+          console.log('[AUTH] No draft profiles found, signing out and throwing error');
+          // Sign out the Firebase user since we're not creating an account
+          // Wrap in try-catch to handle any sign-out errors gracefully
+          try {
+            await firebaseSignOut(this.auth);
+          } catch (signOutError) {
+            console.warn('[AUTH] Error signing out Firebase user (non-critical):', signOutError);
+            // Continue anyway - the important part is we're not creating the account
+          }
+          const noDraftError = new AuthError(
+            'No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.',
+            'AUTH/NO_DRAFT_PROFILES',
+            404,
+          );
+          console.log('[AUTH] Throwing NO_DRAFT_PROFILES error:', noDraftError.code);
+          throw noDraftError;
+        }
+        
+        // Create new user document only if draft profiles exist
         user = await this.userService.createUser(firebaseUser, [UserRole.PRACTITIONER], {
           skipProfileCreation: true,
         });
-        console.log('[AUTH] Created new user account');
+        console.log('[AUTH] Created new user account with draft profiles available');
       }
 
       // Check if user already has practitioner profile
@@ -1166,12 +1273,46 @@ export class AuthService extends BaseService {
         practitioner,
         draftProfiles,
       };
-    } catch (error) {
+    } catch (error: any) {
       console.error('[AUTH] Error in signUpPractitionerWithGoogle:', error);
+      console.error('[AUTH] Error type:', error?.constructor?.name);
+      console.error('[AUTH] Error instanceof AuthError:', error instanceof AuthError);
+      console.error('[AUTH] Error code:', error?.code);
+      console.error('[AUTH] Error message:', error?.message);
+      
+      // Preserve AuthError instances (like NO_DRAFT_PROFILES) without wrapping
       if (error instanceof AuthError) {
+        console.log('[AUTH] Preserving AuthError:', error.code);
         throw error;
       }
-      throw handleFirebaseError(error);
+      
+      // Check if error message contains NO_DRAFT_PROFILES before wrapping
+      const errorMessage = error?.message || error?.toString() || '';
+      if (errorMessage.includes('NO_DRAFT_PROFILES') || errorMessage.includes('clinic invitation')) {
+        console.log('[AUTH] Detected clinic invitation error in message, converting to AuthError');
+        throw new AuthError(
+          'No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.',
+          'AUTH/NO_DRAFT_PROFILES',
+          404,
+        );
+      }
+      
+      // For other errors, wrap them but preserve the original message if it's helpful
+      const wrappedError = handleFirebaseError(error);
+      console.log('[AUTH] Wrapped error:', wrappedError.message);
+      
+      // If the wrapped error message is generic, try to preserve more context
+      if (wrappedError.message.includes('permissions') || wrappedError.message.includes('Account creation failed')) {
+        // This might be a permissions error during sign-out or user creation
+        // If we got here and there were no draft profiles, it's likely the same issue
+        throw new AuthError(
+          'No clinic invitation found for this email. Please contact your clinic administrator to receive an invitation, or use the token provided by your clinic.',
+          'AUTH/NO_DRAFT_PROFILES',
+          404,
+        );
+      }
+      
+      throw wrappedError;
     }
   }
 

package/src/services/practitioner/practitioner.service.ts

@@ -158,6 +158,11 @@ export class PractitionerService extends BaseService {
   ): Promise<PractitionerBasicInfo> {
     const processedBasicInfo = { ...basicInfo };
 
+    // Normalize email to lowercase to ensure consistent matching
+    if (processedBasicInfo.email) {
+      processedBasicInfo.email = processedBasicInfo.email.toLowerCase().trim();
+    }
+
     // Handle profile photo upload if needed
     if (basicInfo.profileImageUrl) {
       const uploadedUrl = await this.handleProfilePhotoUpload(
@@ -734,6 +739,7 @@ export class PractitionerService extends BaseService {
       
       console.log("[PRACTITIONER] Searching for all draft practitioners by email", {
         email: normalizedEmail,
+        originalEmail: email,
       });
 
       const q = query(
@@ -748,7 +754,26 @@ export class PractitionerService extends BaseService {
       if (querySnapshot.empty) {
         console.log("[PRACTITIONER] No draft practitioners found for email", {
           email: normalizedEmail,
+          originalEmail: email,
         });
+        
+        // Debug: Try to find ANY practitioners with this email (regardless of status)
+        const debugQ = query(
+          collection(this.db, PRACTITIONERS_COLLECTION),
+          where("basicInfo.email", "==", normalizedEmail),
+          limit(5)
+        );
+        const debugSnapshot = await getDocs(debugQ);
+        console.log("[PRACTITIONER] Debug: Found practitioners with this email (any status):", {
+          count: debugSnapshot.size,
+          practitioners: debugSnapshot.docs.map(doc => ({
+            id: doc.id,
+            email: doc.data().basicInfo?.email,
+            status: doc.data().status,
+            userRef: doc.data().userRef,
+          })),
+        });
+        
         return [];
       }