Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory :  /home/gositeme/.cursor-server/data/User/History/61d8867d/

Upload File : current_dir [ Writeable ] document_root [ Writeable ]

import { NextApiRequest, NextApiResponse } from 'next';
import { prisma } from '@/lib/prisma';
import { compare } from 'bcryptjs';

export default async function handler(req: NextApiRequest, res: NextApiResponse) {
  if (req.method !== 'POST') {
    return res.status(405).json({ message: 'Method not allowed' });
  }

  const { email, password } = req.body;

  if (!email || !password) {
    return res.status(400).json({ message: 'Email and password are required' });
  }

  try {
    console.log('Test login attempt for:', email);
    
    // Find user by email
    const user = await prisma.user.findUnique({
      where: { email },
      select: {
        id: true,
        email: true,
        password: true,
        role: true,
        name: true,
        isVerified: true,
      },
    });

    console.log('User found:', user ? { id: user.id, email: user.email, role: user.role } : 'No user found');

    if (!user) {
      return res.status(401).json({ 
        message: 'User not found',
        email: email,
        userExists: false
      });
    }

    // Verify password - handle both plain text and hashed passwords
    let isValid = false;
    
    // First try bcrypt comparison (for hashed passwords)
    try {
      console.log('Attempting bcrypt comparison...');
      isValid = await compare(password, user.password);
      console.log('Bcrypt comparison result:', isValid);
    } catch (error) {
      console.log('Bcrypt comparison failed, trying plain text...');
      // If bcrypt fails, try plain text comparison (for seed data)
      isValid = password === user.password;
      console.log('Plain text comparison result:', isValid);
    }
    
    // If bcrypt comparison failed, try plain text as fallback
    if (!isValid) {
      console.log('Trying plain text fallback...');
      isValid = password === user.password;
      console.log('Plain text fallback result:', isValid);
    }

    if (!isValid) {
      return res.status(401).json({ 
        message: 'Invalid password',
        email: email,
        userExists: true,
        passwordMatch: false
      });
    }

    console.log('Test login successful for user:', user.email);
    
    // Return user without password
    const { password: _, ...userWithoutPassword } = user;
    return res.status(200).json({
      message: 'Login test successful',
      user: userWithoutPassword,
      userExists: true,
      passwordMatch: true
    });

  } catch (error: any) {
    console.error('Test login error:', error);
    return res.status(500).json({
      message: 'Database connection failed',
      error: error.message,
      userExists: false,
      passwordMatch: false
    });
  }
}