sitepaige-mcp-server 1.0.3 → 1.2.0

package/dist/components/profile.tsx

@@ -1,85 +1,342 @@
-/* 
-Sitepaige Components v1.0.0
-Sitepaige components are automatically added to your project the first time it is built, and are only added again if the "Build Components" button is 
-checked in the system build settings. It is safe to modify this file without it being overwritten unless that setting is selected. 
-*/
-
 'use client';
 
 import { useState, useEffect } from 'react';
+import { useRouter } from 'next/navigation';
+// import { useCsrfToken } from './csrf-provider'; // Disabled for now
 
-interface UserProfile {
-  ID: string;
-  UserName: string;
-  AvatarURL: string | null;
+interface UserData {
+  userid: string;
+  username: string;
+  avatarurl?: string;
+  email?: string;
+  userlevel: number;
+  source: string;
 }
 
 export default function Profile() {
-  const [profile, setProfile] = useState<UserProfile | null>(null);
+  const router = useRouter();
+  // const csrfToken = useCsrfToken(); // Disabled for now
+  const [userData, setUserData] = useState<UserData | null>(null);
   const [loading, setLoading] = useState(true);
   const [error, setError] = useState<string | null>(null);
+  const [success, setSuccess] = useState<string | null>(null);
+  
+  // Password change state
+  const [currentPassword, setCurrentPassword] = useState('');
+  const [newPassword, setNewPassword] = useState('');
+  const [confirmPassword, setConfirmPassword] = useState('');
+  const [isChangingPassword, setIsChangingPassword] = useState(false);
+  
+  // Account deletion state
+  const [showDeleteConfirm, setShowDeleteConfirm] = useState(false);
+  const [deleteConfirmText, setDeleteConfirmText] = useState('');
+  const [isDeleting, setIsDeleting] = useState(false);
 
   useEffect(() => {
-    const fetchProfile = async () => {
+    fetchUserData();
+  }, []);
+
+  const fetchUserData = async () => {
       try {
+      setLoading(true);
         const response = await fetch('/api/Auth', {
-          method: 'GET'
+          credentials: 'include'
         });
 
         if (!response.ok) {
-          throw new Error('Failed to fetch profile');
+        throw new Error('Failed to fetch user data');
         }
 
         const data = await response.json();
-        
-        if (!data.user) {
-          throw new Error('User not authenticated');
-        }
-        
-        // Use the user object from the response
-        const userData = data.user;
-        setProfile({
-          ID: userData.userid,
-          UserName: userData.UserName,
-          AvatarURL: userData.AvatarURL
-        });
+      if (data.user) {
+        setUserData(data.user);
+      } else {
+        // Not authenticated, redirect to login
+        router.push('/login');
+      }
       } catch (err) {
-        setError(err instanceof Error ? err.message : 'An error occurred');
+      setError(err instanceof Error ? err.message : 'Failed to load profile');
       } finally {
         setLoading(false);
       }
     };
 
-    fetchProfile();
-  }, []);
+  const handlePasswordChange = async (e: React.FormEvent) => {
+    e.preventDefault();
+    setError(null);
+    setSuccess(null);
+    
+    // Validate passwords
+    if (newPassword !== confirmPassword) {
+      setError('Passwords do not match');
+      return;
+    }
+    
+    if (newPassword.length < 8) {
+      setError('Password must be at least 8 characters long');
+      return;
+    }
+    
+    setIsChangingPassword(true);
+    
+    try {
+      const response = await fetch('/api/profile', {
+        method: 'PUT',
+        headers: {
+          'Content-Type': 'application/json'
+          // 'X-CSRF-Token': csrfToken || '' // Disabled for now
+        },
+        credentials: 'include',
+        body: JSON.stringify({
+          currentPassword,
+          newPassword
+        })
+      });
+      
+      const data = await response.json();
+      
+      if (!response.ok) {
+        throw new Error(data.error || 'Failed to update password');
+      }
+      
+      setSuccess('Password updated successfully');
+      setCurrentPassword('');
+      setNewPassword('');
+      setConfirmPassword('');
+    } catch (err) {
+      setError(err instanceof Error ? err.message : 'Failed to update password');
+    } finally {
+      setIsChangingPassword(false);
+    }
+  };
 
-  if (loading) {
-    return <div className="flex justify-center items-center min-h-[200px]">Loading...</div>;
-  }
+  const handleDeleteAccount = async () => {
+    if (deleteConfirmText !== 'DELETE') {
+      setError('Please type DELETE to confirm account deletion');
+      return;
+    }
+    
+    setIsDeleting(true);
+    setError(null);
+    
+    try {
+      const response = await fetch('/api/profile', {
+        method: 'DELETE',
+        headers: {
+          'Content-Type': 'application/json'
+          // 'X-CSRF-Token': csrfToken || '' // Disabled for now
+        },
+        credentials: 'include',
+        body: JSON.stringify({
+          confirmDelete: true
+        })
+      });
+      
+      const data = await response.json();
+      
+      if (!response.ok) {
+        throw new Error(data.error || 'Failed to delete account');
+      }
+      
+      // Redirect to home page after successful deletion
+      window.location.href = '/';
+    } catch (err) {
+      setError(err instanceof Error ? err.message : 'Failed to delete account');
+      setIsDeleting(false);
+    }
+  };
+
+  const getUserLevelName = (level: number) => {
+    switch (level) {
+      case 0: return 'Guest';
+      case 1: return 'Registered User';
+      case 2: return 'Admin';
+      default: return 'Unknown';
+    }
+  };
+
+  const getAuthMethodName = (source: string) => {
+    switch (source) {
+      case 'userpass': return 'Email/Password';
+      case 'google': return 'Google';
+      case 'facebook': return 'Facebook';
+      case 'apple': return 'Apple';
+      case 'github': return 'GitHub';
+      default: return source;
+    }
+  };
 
-  if (error) {
-    return <div className="text-red-500 text-center">{error}</div>;
+  if (loading) {
+    return (
+      <div className="flex items-center justify-center min-h-screen">
+        <div className="animate-spin rounded-full h-12 w-12 border-t-2 border-b-2 border-blue-600"></div>
+      </div>
+    );
   }
 
-  if (!profile) {
-    return <div className="text-center">No profile found</div>;
+  if (!userData) {
+    return null; // Will redirect to login
   }
 
   return (
-    <div className="max-w-md mx-auto mt-8 p-6 bg-white rounded-lg shadow-md">
-      <div className="flex flex-col items-center">
-        {profile.AvatarURL && (
-          <img 
-            src={profile.AvatarURL}
-            alt="Profile avatar"
-            className="w-32 h-32 rounded-full mb-4"
+    <div className="container mx-auto px-4 py-8 max-w-4xl">
+      <h1 className="text-3xl font-bold mb-8">Profile Settings</h1>
+      
+      {/* User Information */}
+      <div className="bg-white rounded-lg shadow p-6 mb-8">
+        <h2 className="text-xl font-semibold mb-4">User Information</h2>
+        <div className="grid md:grid-cols-2 gap-4">
+          <div className="flex items-center space-x-4">
+            {userData.avatarurl ? (
+              <img
+                src={userData.avatarurl}
+                alt={userData.username}
+                className="w-16 h-16 rounded-full"
             referrerPolicy="no-referrer"
             crossOrigin="anonymous"
           />
-        )}
-        <h2 className="text-2xl font-semibold text-gray-800">{profile.UserName}</h2>
-        <p className="text-gray-500 mt-2">User ID: {profile.ID}</p>
+            ) : (
+              <div className="w-16 h-16 rounded-full bg-gray-300 flex items-center justify-center">
+                <span className="text-2xl text-gray-600">
+                  {userData.username.charAt(0).toUpperCase()}
+                </span>
+              </div>
+            )}
+            <div>
+              <p className="font-semibold">{userData.username}</p>
+              {userData.email && (
+                <p className="text-sm text-gray-600">{userData.email}</p>
+              )}
+            </div>
+          </div>
+          <div className="space-y-2">
+            <p><span className="font-semibold">User Level:</span> {getUserLevelName(userData.userlevel)}</p>
+            <p><span className="font-semibold">Auth Method:</span> {getAuthMethodName(userData.source)}</p>
+          </div>
+        </div>
+      </div>
+
+      {/* Error and Success Messages */}
+      {error && (
+        <div className="mb-4 p-4 bg-red-50 border border-red-200 text-red-700 rounded">
+          {error}
+        </div>
+      )}
+      {success && (
+        <div className="mb-4 p-4 bg-green-50 border border-green-200 text-green-700 rounded">
+          {success}
+        </div>
+      )}
+
+      {/* Password Change Section - Only for email/password users */}
+      {userData.source === 'userpass' && (
+        <div className="bg-white rounded-lg shadow p-6 mb-8">
+          <h2 className="text-xl font-semibold mb-4">Change Password</h2>
+          <form onSubmit={handlePasswordChange} className="space-y-4">
+            <div>
+              <label htmlFor="currentPassword" className="block text-sm font-medium text-gray-700 mb-1">
+                Current Password
+              </label>
+              <input
+                type="password"
+                id="currentPassword"
+                value={currentPassword}
+                onChange={(e) => setCurrentPassword(e.target.value)}
+                className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500"
+                required
+              />
+            </div>
+            <div>
+              <label htmlFor="newPassword" className="block text-sm font-medium text-gray-700 mb-1">
+                New Password
+              </label>
+              <input
+                type="password"
+                id="newPassword"
+                value={newPassword}
+                onChange={(e) => setNewPassword(e.target.value)}
+                className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500"
+                required
+                minLength={8}
+              />
+              <p className="text-xs text-gray-500 mt-1">Must be at least 8 characters long</p>
+            </div>
+            <div>
+              <label htmlFor="confirmPassword" className="block text-sm font-medium text-gray-700 mb-1">
+                Confirm New Password
+              </label>
+              <input
+                type="password"
+                id="confirmPassword"
+                value={confirmPassword}
+                onChange={(e) => setConfirmPassword(e.target.value)}
+                className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500"
+                required
+              />
+            </div>
+            <button
+              type="submit"
+              disabled={isChangingPassword}
+              className="px-4 py-2 bg-blue-600 text-white rounded-md hover:bg-blue-700 disabled:opacity-50 disabled:cursor-not-allowed"
+            >
+              {isChangingPassword ? 'Updating...' : 'Update Password'}
+            </button>
+          </form>
+        </div>
+      )}
+
+      {/* Delete Account Section */}
+      <div className="bg-white rounded-lg shadow p-6">
+        <h2 className="text-xl font-semibold mb-4 text-red-600">Danger Zone</h2>
+        <div className="border border-red-200 rounded-md p-4">
+          <h3 className="font-semibold mb-2">Delete Account</h3>
+          <p className="text-sm text-gray-600 mb-4">
+            Once you delete your account, there is no going back. Please be certain.
+          </p>
+          
+          {!showDeleteConfirm ? (
+            <button
+              onClick={() => setShowDeleteConfirm(true)}
+              className="px-4 py-2 bg-red-600 text-white rounded-md hover:bg-red-700"
+            >
+              Delete Account
+            </button>
+          ) : (
+            <div className="space-y-4">
+              <p className="text-sm font-semibold">
+                To confirm deletion, please type <span className="font-mono bg-gray-100 px-1">DELETE</span> below:
+              </p>
+              <input
+                type="text"
+                value={deleteConfirmText}
+                onChange={(e) => setDeleteConfirmText(e.target.value)}
+                placeholder="Type DELETE to confirm"
+                className="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-red-500"
+              />
+              <div className="flex space-x-4">
+                <button
+                  onClick={handleDeleteAccount}
+                  disabled={isDeleting || deleteConfirmText !== 'DELETE'}
+                  className="px-4 py-2 bg-red-600 text-white rounded-md hover:bg-red-700 disabled:opacity-50 disabled:cursor-not-allowed"
+                >
+                  {isDeleting ? 'Deleting...' : 'Confirm Delete'}
+                </button>
+                <button
+                  onClick={() => {
+                    setShowDeleteConfirm(false);
+                    setDeleteConfirmText('');
+                    setError(null);
+                  }}
+                  disabled={isDeleting}
+                  className="px-4 py-2 bg-gray-300 text-gray-700 rounded-md hover:bg-gray-400"
+                >
+                  Cancel
+                </button>
+              </div>
+            </div>
+          )}
+        </div>
       </div>
     </div>
   );
-}
+}

package/dist/defaultapp/api/Auth/resend-verification/route.ts

@@ -36,7 +36,7 @@ export async function POST(request: Request) {
     const { verificationToken } = result;
 
     // Get site domain from environment or default
-    const siteDomain = process.env.SITE_DOMAIN || 'https://sitepaige.com';
+    const siteDomain = process.env.NODE_ENV === 'production' ? process.env.DOMAIN : process.env.LOCAL_DOMAIN;
     const verificationUrl = `${siteDomain}/api/Auth/verify-email?token=${verificationToken}`;
 
     // Send verification email

package/dist/defaultapp/api/Auth/route.ts

@@ -41,7 +41,7 @@ export async function POST(request: Request) {
     }
 
     // Handle username/password authentication
-    if (provider === 'username') {
+    if (provider === 'userpass') {
       if (!email || !password) {
         return NextResponse.json(
           { error: 'Email and password are required' },
@@ -69,7 +69,7 @@ export async function POST(request: Request) {
         // Create or update user in the main Users table
         const user = await upsertUser(
           `password_${authRecord.id}`, // Unique OAuth ID for password users
-          'username' as any, // Source type
+          'userpass' as any, // Source type
           email.split('@')[0], // Username from email
           email,
           undefined // No avatar for password auth
@@ -77,14 +77,14 @@ export async function POST(request: Request) {
 
         // Delete existing sessions for this user
         const existingSessions = await db_query(db, 
-          "SELECT ID FROM usersession WHERE userid = ?", 
+          "SELECT id FROM usersession WHERE userid = ?", 
           [user.userid]
         );
         
         if (existingSessions && existingSessions.length > 0) {
-          const sessionIds = existingSessions.map(session => session.ID);
+          const sessionIds = existingSessions.map(session => session.id);
           const placeholders = sessionIds.map(() => '?').join(',');
-          await db_query(db, `DELETE FROM usersession WHERE ID IN (${placeholders})`, sessionIds);
+          await db_query(db, `DELETE FROM usersession WHERE id IN (${placeholders})`, sessionIds);
         }
 
         // Generate secure session token and ID
@@ -93,7 +93,7 @@ export async function POST(request: Request) {
 
         // Create new session with secure token
         await db_query(db, 
-          "INSERT INTO usersession (ID, SessionToken, userid, ExpirationDate) VALUES (?, ?, ?, ?)",
+          "INSERT INTO usersession (id, sessiontoken, userid, expirationdate) VALUES (?, ?, ?, ?)",
           [sessionId, sessionToken, user.userid, new Date(Date.now() + 30 * 24 * 60 * 60 * 1000).toISOString()]
         );
 
@@ -112,10 +112,10 @@ export async function POST(request: Request) {
         // Create a completely clean object to avoid any database result object issues
         const cleanUserData = {
           userid: String(user.userid),
-          userName: String(user.UserName),
-          avatarURL: String(user.AvatarURL || ''),
-          userLevel: Number(user.UserLevel),
-          isAdmin: Number(user.UserLevel) === 2
+          userName: String(user.username),
+          avatarURL: String(user.avatarurl || ''),
+          userLevel: Number(user.userlevel),
+          isAdmin: Number(user.userlevel) === 2
         };
         
         return NextResponse.json({ 
@@ -152,7 +152,7 @@ export async function POST(request: Request) {
     }
 
     let userData = {
-        ID: '',
+        id: '',
         name: '',
         email: '',
         avatar_url: '',
@@ -203,28 +203,28 @@ export async function POST(request: Request) {
     switch (validProvider) {
    
         case 'google':
-            userData.ID = fetchedUserData.id;
+            userData.id = fetchedUserData.id;
             userData.name = fetchedUserData.name;
             userData.email = fetchedUserData.email;
             userData.avatar_url = fetchedUserData.picture;
             break;
 
         case 'facebook':
-            userData.ID = fetchedUserData.id;
+            userData.id = fetchedUserData.id;
             userData.name = fetchedUserData.name;
             userData.email = fetchedUserData.email;
             userData.avatar_url = fetchedUserData.picture?.data?.url;
             break;
 
         case 'apple':
-            userData.ID = fetchedUserData.sub;
+            userData.id = fetchedUserData.sub;
             userData.name = `${fetchedUserData.given_name || ''} ${fetchedUserData.family_name || ''}`.trim();
             userData.email = fetchedUserData.email;
             // Apple doesn't provide avatar URL
             break;
 
         case 'github':
-            userData.ID = fetchedUserData.id?.toString();
+            userData.id = fetchedUserData.id?.toString();
             userData.name = fetchedUserData.name || fetchedUserData.login;
             userData.email = fetchedUserData.email;
             userData.avatar_url = fetchedUserData.avatar_url;
@@ -239,7 +239,7 @@ export async function POST(request: Request) {
     
     // Create or update user using the new user management system
     const user = await upsertUser(
-      userData.ID,
+      userData.id,
       validProvider,
       userData.name,
       userData.email,
@@ -257,14 +257,14 @@ export async function POST(request: Request) {
     
     // Delete existing sessions for this user
     const existingSessions = await db_query(db, 
-      "SELECT ID FROM usersession WHERE userid = ?", 
+      "SELECT id FROM usersession WHERE userid = ?", 
       [user.userid]
     );
     
     if (existingSessions && existingSessions.length > 0) {
-        const sessionIds = existingSessions.map(session => session.ID);
+        const sessionIds = existingSessions.map(session => session.id);
         const placeholders = sessionIds.map(() => '?').join(',');
-        await db_query(db, `DELETE FROM usersession WHERE ID IN (${placeholders})`, sessionIds);
+        await db_query(db, `DELETE FROM usersession WHERE id IN (${placeholders})`, sessionIds);
     }
 
     // Generate secure session token and ID
@@ -273,7 +273,7 @@ export async function POST(request: Request) {
 
     // Create new session with secure token
     await db_query(db, 
-      "INSERT INTO usersession (ID, SessionToken, userid, ExpirationDate) VALUES (?, ?, ?, ?)",
+      "INSERT INTO usersession (id, sessiontoken, userid, expirationdate) VALUES (?, ?, ?, ?)",
       [sessionId, sessionToken, user.userid, new Date(Date.now() + 30 * 24 * 60 * 60 * 1000).toISOString()]
     );
 
@@ -292,10 +292,10 @@ export async function POST(request: Request) {
     // Create a completely clean object to avoid any database result object issues
     const cleanUserData = {
       userid: String(user.userid),
-      userName: String(user.UserName),
-      avatarURL: String(user.AvatarURL || ''),
-      userLevel: Number(user.UserLevel),
-      isAdmin: Number(user.UserLevel) === 2
+      userName: String(user.username),
+      avatarURL: String(user.avatarurl || ''),
+      userLevel: Number(user.userlevel),
+      isAdmin: Number(user.userlevel) === 2
     };
     
     return NextResponse.json({ 
@@ -346,13 +346,13 @@ export async function GET() {
         const response = NextResponse.json({
           user: {
             userid: sessionData.user.userid,
-            UserName: sessionData.user.UserName,
-            AvatarURL: sessionData.user.AvatarURL,
-            Email: sessionData.user.Email,
-            UserLevel: sessionData.user.UserLevel,
-            IsAdmin: sessionData.user.UserLevel === 2,
-            Source: sessionData.user.Source,
-            LastLoginDate: sessionData.user.LastLoginDate
+            username: sessionData.user.username,
+            avatarurl: sessionData.user.avatarurl,
+            email: sessionData.user.email,
+            userlevel: sessionData.user.userlevel,
+            isadmin: sessionData.user.userlevel === 2,
+            source: sessionData.user.source,
+            lastlogindate: sessionData.user.lastlogindate
           }
         });
         
@@ -375,13 +375,13 @@ export async function GET() {
     return NextResponse.json({
       user: {
         userid: sessionData.user.userid,
-        UserName: sessionData.user.UserName,
-        AvatarURL: sessionData.user.AvatarURL,
-        Email: sessionData.user.Email,
-        UserLevel: sessionData.user.UserLevel,
-        IsAdmin: sessionData.user.UserLevel === 2,
-        Source: sessionData.user.Source,
-        LastLoginDate: sessionData.user.LastLoginDate
+        username: sessionData.user.username,
+        avatarurl: sessionData.user.avatarurl,
+        email: sessionData.user.email,
+        userlevel: sessionData.user.userlevel,
+        isadmin: sessionData.user.userlevel === 2,
+        source: sessionData.user.source,
+        lastlogindate: sessionData.user.lastlogindate
       }
     });
 
@@ -410,7 +410,7 @@ export async function DELETE(request: Request) {
 
     // Delete session from database using the actual session token
     await db_query(db, 
-      "DELETE FROM usersession WHERE SessionToken = ?", 
+      "DELETE FROM usersession WHERE sessiontoken = ?", 
       [sessionToken]
     );
 

package/dist/defaultapp/api/Auth/signup/route.ts

@@ -37,7 +37,7 @@ export async function POST(request: Request) {
     const { passwordAuth, verificationToken } = await createPasswordAuth(email, password);
 
     // Get site domain from environment or default
-    const siteDomain = process.env.SITE_DOMAIN || 'https://sitepaige.com';
+    const siteDomain = process.env.NODE_ENV === 'production' ? process.env.DOMAIN : process.env.LOCAL_DOMAIN;
     const verificationUrl = `${siteDomain}/api/Auth/verify-email?token=${verificationToken}`;
 
     // Send verification email

package/dist/defaultapp/api/Auth/verify-email/route.ts

@@ -53,14 +53,14 @@ export async function GET(request: Request) {
     
     // Delete existing sessions for this user
     const existingSessions = await db_query(db, 
-      "SELECT ID FROM usersession WHERE userid = ?", 
+      "SELECT id FROM usersession WHERE userid = ?", 
       [user.userid]
     );
     
     if (existingSessions && existingSessions.length > 0) {
-      const sessionIds = existingSessions.map(session => session.ID);
+      const sessionIds = existingSessions.map(session => session.id);
       const placeholders = sessionIds.map(() => '?').join(',');
-      await db_query(db, `DELETE FROM usersession WHERE ID IN (${placeholders})`, sessionIds);
+      await db_query(db, `DELETE FROM usersession WHERE id IN (${placeholders})`, sessionIds);
     }
 
     // Generate secure session token and ID
@@ -69,7 +69,7 @@ export async function GET(request: Request) {
 
     // Create new session with secure token
     await db_query(db, 
-      "INSERT INTO usersession (ID, SessionToken, userid, ExpirationDate) VALUES (?, ?, ?, ?)",
+      "INSERT INTO usersession (id, sessiontoken, userid, expirationdate) VALUES (?, ?, ?, ?)",
       [sessionId, sessionToken, user.userid, new Date(Date.now() + 30 * 24 * 60 * 60 * 1000).toISOString()]
     );
 
@@ -86,7 +86,7 @@ export async function GET(request: Request) {
     });
 
     // Redirect to home page or dashboard with success message
-    const siteDomain = process.env.SITE_DOMAIN || 'https://sitepaige.com';
+    const siteDomain = process.env.NODE_ENV === 'production' ? process.env.DOMAIN : process.env.LOCAL_DOMAIN;
     const redirectUrl = new URL('/', siteDomain);
     redirectUrl.searchParams.set('verified', 'true');
     
@@ -96,7 +96,7 @@ export async function GET(request: Request) {
     console.error('Email verification error:', error);
     
     // Redirect to home with error
-    const siteDomain = process.env.SITE_DOMAIN || 'https://sitepaige.com';
+    const siteDomain = process.env.NODE_ENV === 'production' ? process.env.DOMAIN : process.env.LOCAL_DOMAIN;
     const redirectUrl = new URL('/', siteDomain);
     redirectUrl.searchParams.set('error', 'verification_failed');