@onairos/react-native 3.1.12 → 3.1.13

package/lib/module/services/authService.js

@@ -0,0 +1,905 @@
+import AsyncStorage from '@react-native-async-storage/async-storage';
+import { API_CONFIG, getApiHeaders, getAuthHeaders } from '../config/api';
+
+// API base URL
+const API_BASE_URL = API_CONFIG.BASE_URL;
+
+// Interface for authentication responses
+
+// Interface for Apple authentication payload
+
+/**
+ * Interface for the timer response from backend
+ */
+
+/**
+ * Interface for the profile response from backend
+ */
+
+/**
+ * Interface for creating/updating user profile
+ */
+
+/**
+ * Authenticate with Apple
+ * @param appleAuthData Data from Apple authentication
+ * @returns Authentication response with token and user data
+ */
+/**
+ * Authenticate with Onairos (similar to Apple authentication)
+ * @param onairosAuthData Data from Onairos authentication
+ * @returns Authentication response with token and user data
+ */
+export const authenticateWithOnairos = async onairosAuthData => {
+  try {
+    console.log('🔑 Authenticating with Onairos...');
+
+    // For Onairos, we already have the JWT token from TrainingModal
+    // We just need to create a proper user object like Apple does
+
+    // Store the token in all the expected locations
+    // CRITICAL FIX: Store as Onairos token (OAuth gives Onairos JWT)
+    const {
+      TokenType,
+      storeJWT
+    } = await import('./jwtStorageService');
+    await storeJWT(TokenType.ONAIROS, onairosAuthData.token);
+
+    // Extract username from email or use stored username
+    const storedUsername = await AsyncStorage.getItem('onairos_username');
+    const userName = storedUsername || onairosAuthData.email.split('@')[0] || 'Onairos User';
+
+    // Store username and email
+    await AsyncStorage.setItem('onairos_username', userName);
+    await AsyncStorage.setItem('user_email', onairosAuthData.email);
+    console.log('🔑 Onairos auth token stored:', `${onairosAuthData.token.substring(0, 20)}...`);
+    console.log('👤 User info:', {
+      email: onairosAuthData.email,
+      username: userName
+    });
+    return {
+      token: onairosAuthData.token,
+      user: {
+        id: Date.now().toString(),
+        // Generate a unique ID
+        name: userName,
+        email: onairosAuthData.email,
+        profilePicture: ''
+      },
+      onairos: {
+        hasConnectedOnairos: true,
+        onairosUserId: Date.now().toString(),
+        lastConnectedAt: new Date().toISOString()
+      }
+    };
+  } catch (error) {
+    console.error('❌ Onairos authentication error:', error);
+    throw error;
+  }
+};
+
+/**
+ * Authenticate with Onairos using the standardized /login/signin endpoint
+ * @param credentials Email and password for Onairos sign-in
+ * @returns Authentication response with token and user data
+ */
+export const authenticateWithOnairosSignIn = async credentials => {
+  try {
+    console.log('🔑 Signing in with Onairos via /login/signin endpoint...');
+    const response = await fetch(`${API_BASE_URL}/login/signin`, {
+      method: 'POST',
+      headers: getApiHeaders(),
+      body: JSON.stringify(credentials)
+    });
+    if (!response.ok) {
+      const errorData = await response.json();
+      throw new Error(errorData.error || 'Onairos sign-in failed');
+    }
+    const authData = await response.json();
+    console.log('✅ Onairos sign-in successful');
+
+    // Check for authentication token first - this is the most critical part
+    if (!authData.token) {
+      throw new Error('No authentication token returned from Onairos sign-in');
+    }
+
+    // Log if result field is missing or unexpected (but don't fail)
+    if (!authData.result || authData.result !== "User logged in successfully" && authData.result !== "User created successfully") {
+      console.warn('🔑 Onairos sign-in: Unexpected or missing result field:', authData.result);
+      console.warn('🔑 Onairos sign-in: Proceeding with authentication since token is present');
+    }
+
+    // CRITICAL FIX: Store as Onairos token (sign-in gives Onairos JWT)
+    const {
+      TokenType,
+      storeJWT
+    } = await import('./jwtStorageService');
+    await storeJWT(TokenType.ONAIROS, authData.token);
+
+    // Store username from standardized response
+    if (authData.username) {
+      await AsyncStorage.setItem('onairos_username', authData.username);
+    }
+    await AsyncStorage.setItem('user_email', credentials.email);
+    console.log('🔑 Onairos sign-in token stored:', `${authData.token.substring(0, 20)}...`);
+    return {
+      token: authData.token,
+      user: {
+        id: Date.now().toString(),
+        name: authData.username,
+        email: credentials.email,
+        profilePicture: ''
+      },
+      onairos: {
+        hasConnectedOnairos: true,
+        onairosUserId: Date.now().toString(),
+        lastConnectedAt: new Date().toISOString()
+      }
+    };
+  } catch (error) {
+    console.error('❌ Onairos sign-in error:', error);
+    throw error;
+  }
+};
+export const authenticateWithApple = async appleAuthData => {
+  try {
+    const userName = appleAuthData.fullName ? `${appleAuthData.fullName.givenName || ''} ${appleAuthData.fullName.familyName || ''}`.trim() : 'Onairos User';
+
+    // Call the Apple authentication endpoint - backend should return proper Enoch JWT
+    console.log('🍎 Authenticating with Apple via backend...');
+    const appleAuthResponse = await fetch(`${API_BASE_URL}/enoch/auth/apple`, {
+      method: 'POST',
+      headers: getApiHeaders(),
+      body: JSON.stringify({
+        identity_token: appleAuthData.identityToken,
+        nonce: appleAuthData.nonce,
+        user_identifier: appleAuthData.user,
+        // Always present
+        email: appleAuthData.email,
+        // Can be null if user hides email
+        name: userName
+      })
+    });
+    if (!appleAuthResponse.ok) {
+      const errorData = await appleAuthResponse.json();
+      throw new Error(errorData.error || 'Apple authentication failed');
+    }
+    const authData = await appleAuthResponse.json();
+    console.log('✅ Apple authentication successful');
+
+    // CRITICAL: Log detailed Apple authentication response for comparison
+    console.log('🍎 ===== APPLE AUTHENTICATION DETAILS =====');
+    console.log('🍎 Response status:', appleAuthResponse.status);
+    console.log('🍎 Response ok:', appleAuthResponse.ok);
+    console.log('🍎 Response result field:', authData.result);
+    console.log('🍎 Response token present:', !!authData.token);
+    console.log('🍎 Response username present:', !!authData.username);
+    if (authData.token) {
+      console.log('🍎 Token preview:', `${authData.token.substring(0, 30)}...${authData.token.substring(authData.token.length - 10)}`);
+      console.log('🍎 Token length:', authData.token.length);
+      console.log('🍎 Token parts count:', authData.token.split('.').length);
+    }
+    console.log('🍎 ===== END APPLE AUTHENTICATION DETAILS =====');
+
+    // Check for authentication token first - this is the most critical part
+    if (!authData.token) {
+      throw new Error('No authentication token returned from Apple auth');
+    }
+
+    // Log if result field is missing or unexpected (but don't fail)
+    if (!authData.result || authData.result !== "User logged in successfully" && authData.result !== "User created successfully") {
+      console.warn('🍎 Apple auth: Unexpected or missing result field:', authData.result);
+      console.warn('🍎 Apple auth: Proceeding with authentication since token is present');
+    }
+
+    // CRITICAL FIX: Store as Onairos token (Apple sign-in gives Onairos JWT)
+    console.log('💾 Storing Apple-returned token as Onairos JWT');
+    const {
+      TokenType,
+      storeJWT
+    } = await import('./jwtStorageService');
+    await storeJWT(TokenType.ONAIROS, authData.token);
+
+    // Store username from standardized response
+    if (authData.username) {
+      await AsyncStorage.setItem('onairos_username', authData.username);
+    }
+
+    // Store the Apple user's email if available, otherwise use Apple user identifier
+    if (appleAuthData.email) {
+      await AsyncStorage.setItem('user_email', appleAuthData.email);
+      console.log('📧 Apple user email stored:', appleAuthData.email);
+    } else {
+      // Apple user chose "Hide My Email" - use Apple user identifier as fallback
+      const fallbackEmail = `apple_${appleAuthData.user}@privaterelay.apple.com`;
+      await AsyncStorage.setItem('user_email', fallbackEmail);
+      console.log('📧 Apple user email hidden - using fallback:', fallbackEmail);
+    }
+    console.log('🔑 Apple auth token stored:', `${authData.token.substring(0, 20)}...`);
+
+    // DEBUG: Log Apple token details to compare with Onairos tokens
+    console.log('🔍 DEBUG: Apple token details:');
+    console.log('🔍 DEBUG: Token length:', authData.token.length);
+    console.log('🔍 DEBUG: Token parts:', authData.token.split('.').length);
+    console.log('🔍 DEBUG: Token preview:', `${authData.token.substring(0, 50)}...`);
+    try {
+      const tokenParts = authData.token.split('.');
+      if (tokenParts.length === 3) {
+        console.log('🔍 DEBUG: Apple JWT header (base64):', tokenParts[0].substring(0, 30) + '...');
+        console.log('🔍 DEBUG: Apple JWT payload (base64):', tokenParts[1].substring(0, 30) + '...');
+        console.log('🔍 DEBUG: Apple JWT signature (base64):', tokenParts[2].substring(0, 30) + '...');
+      }
+    } catch (decodeError) {
+      console.log('🔍 DEBUG: Could not analyze Apple JWT structure:', decodeError);
+    }
+    return {
+      token: authData.token,
+      user: {
+        id: Date.now().toString(),
+        // Generate a unique ID since standardized response doesn't include user.id
+        name: authData.username,
+        email: appleAuthData.email || '',
+        profilePicture: ''
+      },
+      onairos: authData.onairos || {
+        hasConnectedOnairos: false,
+        // Default to false for fresh Apple users
+        onairosUserId: undefined,
+        lastConnectedAt: undefined
+      }
+    };
+  } catch (error) {
+    console.error('❌ Apple authentication error:', error);
+
+    // CRITICAL: Log detailed Apple authentication error
+    console.error('🚨 ===== APPLE AUTHENTICATION ERROR =====');
+    console.error('🚨 Error type:', error instanceof Error ? error.constructor.name : typeof error);
+    console.error('🚨 Error message:', error instanceof Error ? error.message : String(error));
+    console.error('🚨 Error stack:', error instanceof Error ? error.stack : 'No stack trace');
+    console.error('🚨 Apple auth data provided:', JSON.stringify(appleAuthData, null, 2));
+    console.error('🚨 ===== END APPLE ERROR DETAILS =====');
+    throw error;
+  }
+};
+
+/**
+ * Save authentication token
+ * @param token JWT token
+ */
+export const saveAuthToken = async token => {
+  try {
+    await AsyncStorage.setItem('auth_token', token);
+  } catch (error) {
+    console.error('Error saving auth token:', error);
+    throw error;
+  }
+};
+
+/**
+ * Debug function to check all auth-related storage
+ */
+export const debugAuthStorage = async () => {
+  console.log('🔍 [AUTH STORAGE DEBUG] Checking all auth-related storage:');
+  const authToken = await AsyncStorage.getItem('auth_token');
+  const onairosJwt = await AsyncStorage.getItem('onairos_jwt_token');
+  const enochToken = await AsyncStorage.getItem('enoch_token');
+  const userEmail = await AsyncStorage.getItem('user_email');
+  const onairosUsername = await AsyncStorage.getItem('onairos_username');
+  const authMethod = await AsyncStorage.getItem('auth_method');
+  console.log('🔑 auth_token:', authToken ? `"${authToken}"` : 'null');
+  console.log('🔑 onairos_jwt_token:', onairosJwt ? `"${onairosJwt}"` : 'null');
+  console.log('🔑 enoch_token:', enochToken ? `"${enochToken}"` : 'null');
+  console.log('🔑 user_email:', userEmail ? `"${userEmail}"` : 'null');
+  console.log('🔑 onairos_username:', onairosUsername ? `"${onairosUsername}"` : 'null');
+  console.log('🔑 auth_method:', authMethod ? `"${authMethod}"` : 'null');
+
+  // Check if any token is actually an email
+  const allTokens = [authToken, onairosJwt, enochToken];
+  allTokens.forEach((token, index) => {
+    const tokenNames = ['auth_token', 'onairos_jwt_token', 'enoch_token'];
+    if (token && token.includes('@') && token.includes('.')) {
+      console.error(`❌ [AUTH STORAGE DEBUG] ${tokenNames[index]} contains email instead of JWT: "${token}"`);
+    }
+  });
+};
+
+/**
+ * Clear all auth tokens and start fresh
+ */
+export const clearAllAuthTokens = async () => {
+  console.log('🧹 [AUTH DEBUG] Clearing all auth tokens via centralized service...');
+
+  // CRITICAL FIX: Clear all JWT token types
+  const {
+    clearAllJWT
+  } = await import('./jwtStorageService');
+  await clearAllJWT();
+
+  // Clear other auth-related data
+  await AsyncStorage.multiRemove(['user_email', 'onairos_username', 'auth_method']);
+  console.log('✅ [AUTH DEBUG] All auth tokens and data cleared');
+};
+
+/**
+ * Get saved authentication token - CRITICAL FIX: Try all token types
+ * @returns Saved JWT token or null if not found
+ */
+export const getAuthToken = async () => {
+  try {
+    console.log('🔑 [AUTH DEBUG] Checking all available JWT tokens...');
+
+    // CRITICAL FIX: Try all token types in priority order
+    const {
+      TokenType,
+      getJWT
+    } = await import('./jwtStorageService');
+
+    // Try Onairos token first (most common for main app usage)
+    let token = await getJWT(TokenType.ONAIROS);
+    if (token) {
+      console.log('✅ [AUTH DEBUG] Found Onairos JWT token:', `${token.substring(0, 20)}...`);
+      return token;
+    }
+
+    // Try Enoch token second (for Enoch-specific routes)
+    token = await getJWT(TokenType.ENOCH);
+    if (token) {
+      console.log('✅ [AUTH DEBUG] Found Enoch JWT token:', `${token.substring(0, 20)}...`);
+      return token;
+    }
+
+    // Try Auth token last (for context-specific flows)
+    token = await getJWT(TokenType.AUTH);
+    if (token) {
+      console.log('✅ [AUTH DEBUG] Found Auth token:', `${token.substring(0, 20)}...`);
+      return token;
+    }
+    console.warn('❌ [AUTH DEBUG] No valid JWT tokens found in any storage location');
+    return null;
+  } catch (error) {
+    console.error('❌ [AUTH DEBUG] Error during token retrieval:', error);
+    return null;
+  }
+};
+
+/**
+ * Remove authentication token (logout)
+ */
+export const removeAuthToken = async () => {
+  try {
+    await AsyncStorage.removeItem('auth_token');
+  } catch (error) {
+    console.error('Error removing auth token:', error);
+  }
+};
+
+/**
+ * Validate if user is properly authenticated
+ * @returns boolean indicating if user has valid authentication
+ */
+export const isAuthenticated = async () => {
+  try {
+    const token = await getAuthToken();
+    return token !== null && token.length > 50;
+  } catch (error) {
+    console.error('❌ [AUTH VALIDATION] Error checking authentication status:', error);
+    return false;
+  }
+};
+
+/**
+ * Ensure authentication is available before making API calls
+ * @param apiName - Name of the API being called (for logging)
+ * @returns boolean indicating if authentication is available
+ */
+export const ensureAuthentication = async apiName => {
+  const isAuth = await isAuthenticated();
+  if (!isAuth) {
+    console.warn(`⚠️ [${apiName}] No valid authentication available - API call may return limited data`);
+  } else {
+    console.log(`✅ [${apiName}] Authentication validated for API call`);
+  }
+  return isAuth;
+};
+
+/**
+ * Get saved Enoch authentication token specifically
+ * @returns Saved Enoch JWT token or null if not found
+ */
+export const getEnochToken = async () => {
+  try {
+    return await AsyncStorage.getItem('enoch_token');
+  } catch (error) {
+    console.error('Error getting Enoch token:', error);
+    return null;
+  }
+};
+
+/**
+ * Save Enoch authentication token specifically
+ * @param token Enoch JWT token
+ */
+export const saveEnochToken = async token => {
+  try {
+    await AsyncStorage.setItem('enoch_token', token);
+    await AsyncStorage.setItem('auth_token', token); // Also save as general auth token
+  } catch (error) {
+    console.error('Error saving Enoch token:', error);
+    throw error;
+  }
+};
+
+/**
+ * Verify token with backend
+ * @returns Boolean indicating if token is valid
+ */
+export const verifyToken = async () => {
+  try {
+    const token = await getAuthToken();
+    if (!token) {
+      console.warn('🔒 [TOKEN VERIFY] No token available for verification');
+      return false;
+    }
+    console.log('🔒 [TOKEN VERIFY] Verifying token with backend...');
+    console.log('🔒 [TOKEN VERIFY] Token preview:', `${token.substring(0, 20)}...`);
+    const response = await fetch(`${API_BASE_URL}/api/auth/verify`, {
+      method: 'GET',
+      headers: getAuthHeaders(token)
+    });
+    console.log('🔒 [TOKEN VERIFY] Verification response status:', response.status);
+    if (response.ok) {
+      console.log('✅ [TOKEN VERIFY] Token is valid');
+      return true;
+    } else {
+      const errorText = await response.text();
+      console.warn('❌ [TOKEN VERIFY] Token verification failed:', response.status, errorText);
+      return false;
+    }
+  } catch (error) {
+    console.error('❌ [TOKEN VERIFY] Token verification error:', error);
+    return false;
+  }
+};
+
+/**
+ * Get user profile from backend using stored token
+ * Note: This endpoint doesn't exist as GET, so we'll try to fetch via other means
+ * @returns User profile data
+ */
+export const getUserProfile = async () => {
+  try {
+    var _token;
+    // Try to get the Enoch token first, then fall back to general auth token
+    let token = await getEnochToken();
+    if (!token) {
+      token = await getAuthToken();
+    }
+    if (!token) {
+      throw new Error('No authentication token found');
+    }
+    console.log('🔍 Attempting to fetch user profile with token:', ((_token = token) === null || _token === void 0 ? void 0 : _token.substring(0, 20)) + '...');
+
+    // First try to get profile from Enoch user endpoint
+    try {
+      console.log('🔍 Attempting to fetch user profile from Enoch endpoint...');
+      const response = await fetch(`${API_BASE_URL}/enoch/user/profile`, {
+        method: 'GET',
+        headers: getAuthHeaders(token)
+      });
+      if (response.ok) {
+        const userData = await response.json();
+        console.log('✅ User profile fetched successfully from Enoch endpoint');
+
+        // Use JWT user ID if available, otherwise use the response ID
+        const userId = userData.id || userData._id;
+
+        // Transform the response to match expected format
+        return {
+          id: userId,
+          name: userData.name || 'Onairos User',
+          email: userData.email,
+          description: userData.bio || userData.description || '',
+          photoUrl: userData.photoUrl || userData.photo_url || '',
+          profilePicture: userData.photoUrl || userData.photo_url || '',
+          interests: userData.interests || [],
+          verified: userData.verified || false,
+          createdAt: userData.createdAt || new Date().toISOString(),
+          updatedAt: userData.updatedAt || new Date().toISOString(),
+          onboarded: userData.onboarded || false
+        };
+      } else {
+        console.warn('⚠️ Enoch profile endpoint failed:', response.status, await response.text());
+      }
+    } catch (enochError) {
+      console.warn('⚠️ Error with Enoch profile endpoint:', enochError);
+    }
+
+    // Try to create a profile using the POST endpoint (since that's what exists)
+    try {
+      console.log('🔍 Attempting to create/get profile via POST endpoint...');
+
+      // Get user data from AsyncStorage (no JWT decoding needed)
+      const storedUserEmail = await AsyncStorage.getItem('user_email');
+      const storedUserName = await AsyncStorage.getItem('onairos_username');
+      const userEmail = storedUserEmail || 'user@example.com';
+      const userName = storedUserName || 'Onairos User';
+      console.log('📧 Using stored user email:', userEmail);
+      console.log('👤 Using stored user name:', userName);
+
+      // Try to create/update profile with real user info
+      const response = await fetch(`${API_BASE_URL}/api/user/profile`, {
+        method: 'PUT',
+        // ✅ FIXED: Changed from POST to PUT to match backend
+        headers: getAuthHeaders(token),
+        body: JSON.stringify({
+          name: userName,
+          bio: 'Welcome to Onairos!',
+          interests: [],
+          photo_url: ''
+        })
+      });
+      if (response.ok) {
+        const profileData = await response.json();
+        console.log('✅ Profile created/updated successfully:', profileData);
+        if (profileData.success && profileData.profile) {
+          // Use the response ID from the profile creation
+          const userId = profileData.profile.id;
+          return {
+            id: userId,
+            name: profileData.profile.name,
+            email: userEmail,
+            description: profileData.profile.bio || '',
+            photoUrl: profileData.profile.photo_url || '',
+            profilePicture: profileData.profile.photo_url || '',
+            interests: [],
+            verified: false,
+            createdAt: profileData.profile.updated_at || new Date().toISOString(),
+            updatedAt: profileData.profile.updated_at || new Date().toISOString(),
+            onboarded: false
+          };
+        }
+      } else {
+        const errorText = await response.text();
+        console.warn('⚠️ Profile creation endpoint failed:', response.status, errorText);
+      }
+    } catch (createError) {
+      console.warn('⚠️ Error with profile creation endpoint:', createError);
+    }
+
+    // If all endpoints fail, throw an error instead of returning fallback
+    console.error('❌ All profile endpoints failed and no JWT user ID available');
+    throw new Error('Unable to determine user ID from authentication token');
+  } catch (error) {
+    console.error('Error fetching user profile:', error);
+    throw error;
+  }
+};
+
+/**
+ * Create or update user profile
+ * @param profileData Profile data to create/update
+ * @returns Profile response from backend
+ */
+export const createOrUpdateProfile = async profileData => {
+  try {
+    const token = await getAuthToken();
+    if (!token) {
+      throw new Error('No authentication token found');
+    }
+    const response = await fetch(`${API_BASE_URL}/api/user/profile`, {
+      method: 'PUT',
+      // ✅ FIXED: Changed from POST to PUT to match backend
+      headers: getAuthHeaders(token),
+      body: JSON.stringify(profileData)
+    });
+    if (!response.ok) {
+      const errorData = await response.json();
+      throw new Error(errorData.message || 'Failed to create/update profile');
+    }
+    return await response.json();
+  } catch (error) {
+    console.error('Error creating/updating profile:', error);
+    throw error;
+  }
+};
+
+/**
+ * Update user's onboarded status
+ * @returns Promise that resolves when update is successful
+ */
+export const updateUserOnboardedStatus = async () => {
+  try {
+    const token = await getAuthToken();
+    if (!token) {
+      throw new Error('No authentication token found');
+    }
+    const response = await fetch(`${API_BASE_URL}/enoch/auth/update-onboarded`, {
+      method: 'POST',
+      headers: getAuthHeaders(token),
+      body: JSON.stringify({
+        onboarded: true
+      })
+    });
+    if (!response.ok) {
+      throw new Error('Failed to update onboarded status');
+    }
+  } catch (error) {
+    console.error('Error updating onboarded status:', error);
+    throw error;
+  }
+};
+
+/**
+ * Fetch the current timer status from the backend
+ * @returns Timer information including expiry and duration
+ */
+export const getEventTimer = async () => {
+  try {
+    const token = await getAuthToken();
+    console.log('🕐 Starting timer fetch. Token available:', !!token);
+
+    // Enhanced token logging for debugging
+    if (token) {
+      console.log('🔑 [TOKEN DEBUG] Token preview:', `${token.substring(0, 20)}...`);
+      console.log('🔑 [TOKEN DEBUG] Token length:', token.length);
+
+      // Check if token looks like a JWT
+      const tokenParts = token.split('.');
+      if (tokenParts.length === 3) {
+        console.log('🔑 [TOKEN DEBUG] Token appears to be a valid JWT format (3 parts)');
+      } else {
+        console.warn('🔑 [TOKEN DEBUG] Token does not appear to be JWT format (expected 3 parts, got', tokenParts.length, ')');
+      }
+    } else {
+      console.warn('🔑 [TOKEN DEBUG] No token available - will only try public endpoint');
+    }
+
+    // Try authenticated endpoint first if we have a token
+    if (token) {
+      try {
+        console.log('🕐 Fetching timer from authenticated endpoint:', `${API_BASE_URL}/enoch/event/timer`);
+        const response = await fetch(`${API_BASE_URL}/enoch/event/timer`, {
+          method: 'GET',
+          headers: getAuthHeaders(token)
+        });
+        if (response.ok) {
+          const timerData = await response.json();
+          console.log('✅ Timer data received from authenticated endpoint:', timerData);
+
+          // Handle both direct timer data and wrapped response formats
+          if (timerData.success !== undefined) {
+            // If wrapped in success object, extract the timer data
+            return timerData.success ? timerData : timerData;
+          } else {
+            // Direct timer data format
+            return timerData;
+          }
+        } else {
+          const errorText = await response.text();
+          console.warn('⚠️ Authenticated timer endpoint failed:', response.status, errorText);
+
+          // Enhanced logging for token-related issues
+          if (response.status === 403) {
+            console.error('🚫 [TOKEN ERROR] 403 Forbidden - Token validation failed');
+            console.error('🔍 [TOKEN ERROR] This likely indicates an invalid or expired token');
+            console.error('🔍 [TOKEN ERROR] Token used:', token ? `${token.substring(0, 20)}...` : 'No token');
+            console.error('🔍 [TOKEN ERROR] Full error response:', errorText);
+
+            // Try to parse error response for more details
+            try {
+              const errorData = JSON.parse(errorText);
+              if (errorData.error) {
+                console.error('🔍 [TOKEN ERROR] Backend error message:', errorData.error);
+              }
+              if (errorData.code) {
+                console.error('🔍 [TOKEN ERROR] Error code:', errorData.code);
+              }
+            } catch (parseError) {
+              console.error('🔍 [TOKEN ERROR] Could not parse error response');
+            }
+          } else if (response.status === 401) {
+            console.error('🚫 [AUTH ERROR] 401 Unauthorized - Missing or invalid authentication');
+            console.error('🔍 [AUTH ERROR] Token used:', token ? `${token.substring(0, 20)}...` : 'No token');
+          } else {
+            console.error('🚫 [API ERROR] Unexpected error status:', response.status);
+            console.error('🔍 [API ERROR] Token used:', token ? `${token.substring(0, 20)}...` : 'No token');
+          }
+        }
+      } catch (authError) {
+        console.warn('⚠️ Error with authenticated timer endpoint:', authError);
+        console.error('🔍 [NETWORK ERROR] Failed to reach authenticated timer endpoint');
+        console.error('🔍 [NETWORK ERROR] Token used:', token ? `${token.substring(0, 20)}...` : 'No token');
+        console.error('🔍 [NETWORK ERROR] Error details:', authError instanceof Error ? authError.message : authError);
+      }
+    }
+
+    // Try public endpoint as fallback
+    try {
+      console.log('🕐 Fetching timer from public endpoint:', `${API_BASE_URL}/enoch/event/public/timer`);
+      const response = await fetch(`${API_BASE_URL}/enoch/event/public/timer`, {
+        method: 'GET',
+        headers: getApiHeaders()
+      });
+      if (response.ok) {
+        const timerData = await response.json();
+        console.log('✅ Timer data received from public endpoint:', timerData);
+
+        // Handle both direct timer data and wrapped response formats
+        if (timerData.success !== undefined) {
+          // If wrapped in success object, extract the timer data
+          return timerData.success ? timerData : timerData;
+        } else {
+          // Direct timer data format
+          return timerData;
+        }
+      } else {
+        const errorText = await response.text();
+        console.warn('⚠️ Public timer endpoint failed:', response.status, errorText);
+      }
+    } catch (publicError) {
+      console.warn('⚠️ Error with public timer endpoint:', publicError);
+    }
+
+    // If both API endpoints fail, provide a realistic fallback timer
+    console.log('⚠️ Both timer endpoints failed, using fallback timer');
+    const nowInSeconds = Math.floor(Date.now() / 1000);
+    const eventTimeInSeconds = nowInSeconds + 3600; // 1 hour from now
+    const secondsRemaining = eventTimeInSeconds - nowInSeconds;
+
+    // Calculate countdown components
+    const days = Math.floor(secondsRemaining / (24 * 60 * 60));
+    const hours = Math.floor(secondsRemaining % (24 * 60 * 60) / (60 * 60));
+    const minutes = Math.floor(secondsRemaining % (60 * 60) / 60);
+    const seconds = Math.floor(secondsRemaining % 60);
+    return {
+      timerExpiry: eventTimeInSeconds,
+      timerDuration: 3600,
+      isReady: false,
+      testMode: true,
+      countdown: {
+        total: secondsRemaining,
+        days,
+        hours,
+        minutes,
+        seconds
+      }
+    };
+  } catch (error) {
+    console.error('❌ Error in getEventTimer:', error);
+
+    // Final fallback timer (30 minutes)
+    const nowInSeconds = Math.floor(Date.now() / 1000);
+    const eventTimeInSeconds = nowInSeconds + 1800; // 30 minutes from now
+
+    return {
+      timerExpiry: eventTimeInSeconds,
+      timerDuration: 1800,
+      isReady: false,
+      testMode: true,
+      countdown: {
+        total: 1800,
+        days: 0,
+        hours: 0,
+        minutes: 30,
+        seconds: 0
+      }
+    };
+  }
+};
+
+/**
+ * Check if a user email has admin privileges
+ * @param email User email to check
+ * @returns True if user is an admin
+ */
+export const isAdminEmail = email => {
+  if (!email) {
+    console.log('🔒 [Admin Check] No email provided');
+    return false;
+  }
+  const adminEmails = ['nicholas.berry@onairos.uk', 'zion.darko@onairos.uk', 'admin@enoch.events', 'admin@onairos.uk'];
+  const isAdmin = adminEmails.includes(email.toLowerCase());
+  if (isAdmin) {
+    console.log('🔑 [Admin Check] Admin access granted for:', email);
+  } else {
+    console.log('🚫 [Admin Check] No admin access for:', email);
+  }
+  return isAdmin;
+};
+
+/**
+ * Get the current admin status from AsyncStorage
+ * This could be used for caching admin status between sessions
+ */
+export const getAdminStatus = async () => {
+  try {
+    const adminStatus = await AsyncStorage.getItem('user_admin_status');
+    return adminStatus === 'true';
+  } catch (error) {
+    console.error('Error getting admin status:', error);
+    return false;
+  }
+};
+
+/**
+ * Save admin status to AsyncStorage
+ * @param isAdmin Whether the user is an admin
+ */
+export const saveAdminStatus = async isAdmin => {
+  try {
+    await AsyncStorage.setItem('user_admin_status', isAdmin.toString());
+  } catch (error) {
+    console.error('Error saving admin status:', error);
+  }
+};
+
+/**
+ * Get stored Onairos username for API calls
+ * This is used for data connector APIs (Reddit, etc.) that need the username
+ * @returns Stored username or null if not found
+ */
+export const getOnairosUsername = async () => {
+  try {
+    return await AsyncStorage.getItem('onairos_username');
+  } catch (error) {
+    console.error('Error getting Onairos username:', error);
+    return null;
+  }
+};
+
+/**
+ * Save Onairos username for API calls
+ * @param username Username to store
+ */
+export const saveOnairosUsername = async username => {
+  try {
+    await AsyncStorage.setItem('onairos_username', username);
+  } catch (error) {
+    console.error('Error saving Onairos username:', error);
+  }
+};
+
+/**
+ * Check if user has connected Onairos to Enoch before
+ * This checks for actual usage/training data, not just account existence
+ * @param userIdentifier - Email, username, or user ID to check
+ * @returns Promise<boolean> - true if user has connected Onairos features to Enoch
+ */
+export const checkEnochOnairosConnection = async userIdentifier => {
+  try {
+    console.log('🔍 Checking Enoch-Onairos connection status for:', userIdentifier);
+    const token = await getAuthToken();
+    const response = await fetch(`${API_BASE_URL}/enoch/user/onairos-connection-status`, {
+      method: 'POST',
+      headers: token ? getAuthHeaders(token) : getApiHeaders(),
+      body: JSON.stringify({
+        userIdentifier,
+        // Can be email, username, or user ID
+        checkType: 'comprehensive' // Check training data, connected platforms, etc.
+      })
+    });
+    if (response.ok) {
+      const data = await response.json();
+      console.log('✅ Enoch-Onairos connection status:', data);
+      return {
+        hasConnectedOnairos: data.hasConnectedOnairos || false,
+        onairosUserId: data.onairosUserId,
+        lastConnectedAt: data.lastConnectedAt,
+        connectionDetails: data.connectionDetails
+      };
+    } else {
+      console.warn('⚠️ Connection status check failed:', response.status);
+      // Default to false if API call fails
+      return {
+        hasConnectedOnairos: false
+      };
+    }
+  } catch (error) {
+    console.error('❌ Error checking Enoch-Onairos connection:', error);
+    // Default to false if error occurs
+    return {
+      hasConnectedOnairos: false
+    };
+  }
+};
+//# sourceMappingURL=authService.js.map