feat: add auth context, route guards, password reset, and API client

- Add AuthProvider context and RequireAuth route guard - Create API client with all endpoint helpers - Add forgot-password route wired to backend reset endpoints - Remove dummy login button from login page - Wire dashboard to auth context for user data - Enhance profile save to send all fields - Wire profile submit-for-verification to backend API
2026-04-06 06:19:23 +02:00 · 2026-04-06 06:19:23 +02:00 · e5406a0061
commit e5406a0061
parent 19a0850c49
7 changed files with 589 additions and 94 deletions
--- a/src/app.tsx
+++ b/src/app.tsx
@ -2,6 +2,7 @@ import { MetaProvider, Title } from '@solidjs/meta';
 import { Router } from '@solidjs/router';
 import { FileRoutes } from '@solidjs/start/router';
 import { ErrorBoundary, Suspense } from 'solid-js';
 import { AuthProvider } from '~/lib/auth';
 import './app.css';
 export default function App() {
@ -10,6 +11,7 @@ export default function App() {
      root={(props) => (
        <MetaProvider>
          <Title>NXTGAUGE Frontend Solid</Title>
          <AuthProvider>
            <ErrorBoundary
              fallback={(err) => (
                <main style={{ padding: '24px', 'font-family': 'Inter, system-ui, sans-serif', color: '#111827', background: '#fff' }}>
@ -23,6 +25,7 @@ export default function App() {
            >
              <Suspense>{props.children}</Suspense>
            </ErrorBoundary>
          </AuthProvider>
        </MetaProvider>
      )}
    >
--- a/src/components/admin/DashboardDesignPreview.tsx
+++ b/src/components/admin/DashboardDesignPreview.tsx
@ -1686,9 +1686,21 @@ export default function DashboardDesignPreview(props: {
    }
  };
-  const submitProfileForApproval = () => {
+  const submitProfileForApproval = async () => {
    if (!hasLive() || !livePrefix()) return;
    try {
      const res = await fetch(`${GW}/api/${livePrefix()}/profile/submit`, {
        method: 'POST',
        credentials: 'include',
        headers: { 'Content-Type': 'application/json' },
      });
      if (res.ok) {
        setProfileApprovalState('SUBMITTED');
        setTimeout(() => setProfileApprovalState('IN_REVIEW'), 250);
      }
    } catch {
      setProfileApprovalState('SUBMITTED');
    }
  };
  const submitPortfolioForApproval = () => {
    setPortfolioApprovalState('SUBMITTED');
@ -3407,11 +3419,19 @@ export default function DashboardDesignPreview(props: {
                    headers: { 'Content-Type': 'application/json' },
                    body: JSON.stringify({
                      display_name: display || undefined,
                      full_name: display || undefined,
                      first_name: fn || undefined,
                      last_name: ln || undefined,
                      business_name: data['Business Name'] || undefined,
                      company_name: data['Company Name'] || undefined,
                      contact_person: data['Contact Person Name'] || undefined,
                      bio: data['Bio'] || undefined,
                      location: data['City'] || undefined,
                      area: data['Area'] || undefined,
                      state: data['State'] || undefined,
                      pin_code: data['PIN Code'] || undefined,
                      phone: data['Mobile Number'] || undefined,
                      email: data['Email Address'] || undefined,
                    }),
                  }).then((r) => {
                    setProfileSaving(false);
--- a/src/lib/api.ts
+++ b/src/lib/api.ts
@ -0,0 +1,180 @@
 const API = '/api/gateway';
 function getAuthHeaders(): Record<string, string> {
  const token = typeof window !== 'undefined'
    ? (sessionStorage.getItem('nxtgauge_access_token') || localStorage.getItem('nxtgauge_access_token') || '')
    : '';
  return {
    'Content-Type': 'application/json',
    Accept: 'application/json',
    ...(token ? { Authorization: `Bearer ${token}` } : {}),
  };
 }
 async function apiFetch(path: string, options?: RequestInit): Promise<any> {
  const res = await fetch(`${API}${path}`, {
    headers: getAuthHeaders(),
    credentials: 'include',
    ...options,
  });
  if (!res.ok) {
    const text = await res.text().catch(() => '');
    throw new Error(`API error ${res.status}: ${text}`);
  }
  return res.json();
 }
 export async function fetchProfile(rolePrefix: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/profile/me`);
 }
 export async function saveProfile(rolePrefix: string, payload: any): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/profile/me`, {
    method: 'PATCH',
    body: JSON.stringify(payload),
  });
 }
 export async function submitProfileForVerification(rolePrefix: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/profile/submit`, {
    method: 'POST',
  });
 }
 export async function fetchPortfolio(rolePrefix: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/portfolio`);
 }
 export async function createPortfolioItem(rolePrefix: string, payload: any): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/portfolio`, {
    method: 'POST',
    body: JSON.stringify(payload),
  });
 }
 export async function updatePortfolioItem(rolePrefix: string, id: string, payload: any): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/portfolio/${id}`, {
    method: 'PATCH',
    body: JSON.stringify(payload),
  });
 }
 export async function deletePortfolioItem(rolePrefix: string, id: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/portfolio/${id}`, {
    method: 'DELETE',
  });
 }
 export async function fetchServices(rolePrefix: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/services`);
 }
 export async function createService(rolePrefix: string, payload: any): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/services`, {
    method: 'POST',
    body: JSON.stringify(payload),
  });
 }
 export async function deleteService(rolePrefix: string, id: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/services/${id}`, {
    method: 'DELETE',
  });
 }
 export async function fetchWallet(rolePrefix: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/wallet`);
 }
 export async function fetchLedger(rolePrefix: string, page = 1, limit = 20): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/wallet/ledger?page=${page}&limit=${limit}`);
 }
 export async function fetchInvoices(rolePrefix: string, page = 1, limit = 20): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/wallet/invoices?page=${page}&limit=${limit}`);
 }
 export async function createPaymentOrder(amount: number, packageId?: string): Promise<any> {
  return apiFetch('/api/payments/create-order', {
    method: 'POST',
    body: JSON.stringify({ amount, package_id: packageId }),
  });
 }
 export async function verifyPayment(orderId: string, paymentId: string): Promise<any> {
  return apiFetch('/api/payments/verify', {
    method: 'POST',
    body: JSON.stringify({ order_id: orderId, payment_id: paymentId }),
  });
 }
 export async function fetchPaymentStatus(paymentId: string): Promise<any> {
  return apiFetch(`/api/payments/${paymentId}/status`);
 }
 export async function fetchJobs(rolePrefix: string, params?: Record<string, string>): Promise<any> {
  const qs = params ? '?' + new URLSearchParams(params).toString() : '';
  return apiFetch(`/api/${rolePrefix}/jobs${qs}`);
 }
 export async function applyToJob(rolePrefix: string, jobId: string, payload: any): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/jobs/${jobId}/apply`, {
    method: 'POST',
    body: JSON.stringify(payload),
  });
 }
 export async function fetchMyApplications(rolePrefix: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/applications`);
 }
 export async function fetchRequirements(rolePrefix: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/requirements`);
 }
 export async function createRequirement(rolePrefix: string, payload: any): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/requirements`, {
    method: 'POST',
    body: JSON.stringify(payload),
  });
 }
 export async function fetchMarketplace(rolePrefix: string, page = 1, limit = 20): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/marketplace?page=${page}&limit=${limit}`);
 }
 export async function createLeadRequest(rolePrefix: string, payload: any): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/leads/request`, {
    method: 'POST',
    body: JSON.stringify(payload),
  });
 }
 export async function fetchMyLeadRequests(rolePrefix: string): Promise<any> {
  return apiFetch(`/api/${rolePrefix}/leads/requests`);
 }
 export async function uploadDocument(rolePrefix: string, file: File, documentType: string): Promise<any> {
  const formData = new FormData();
  formData.append('file', file);
  formData.append('document_type', documentType);
  const token = typeof window !== 'undefined'
    ? (sessionStorage.getItem('nxtgauge_access_token') || localStorage.getItem('nxtgauge_access_token') || '')
    : '';
  const res = await fetch(`${API}/api/${rolePrefix}/profile/documents`, {
    method: 'POST',
    headers: {
      ...(token ? { Authorization: `Bearer ${token}` } : {}),
    },
    credentials: 'include',
    body: formData,
  });
  if (!res.ok) {
    const text = await res.text().catch(() => '');
    throw new Error(`Upload error ${res.status}: ${text}`);
  }
  return res.json();
 }
--- a/src/lib/auth.tsx
+++ b/src/lib/auth.tsx
@ -0,0 +1,116 @@
 import { createContext, createResource, createSignal, useContext, type ParentProps, type Accessor, type Setter } from 'solid-js';
 import { useNavigate } from '@solidjs/router';
 const API = '/api/gateway';
 type AuthUser = {
  id: string;
  email: string;
  full_name: string;
  active_role: string;
  email_verified: boolean;
 };
 type AuthState = {
  user: Accessor<AuthUser | null>;
  isAuthenticated: Accessor<boolean>;
  isLoading: Accessor<boolean>;
  logout: () => void;
  setUser: Setter<AuthUser | null>;
 };
 const AuthContext = createContext<AuthState>();
 function getToken(): string | null {
  if (typeof window === 'undefined') return null;
  return sessionStorage.getItem('nxtgauge_access_token')
    || localStorage.getItem('nxtgauge_access_token')
    || null;
 }
 function clearAuthStorage() {
  if (typeof window === 'undefined') return;
  sessionStorage.removeItem('nxtgauge_access_token');
  sessionStorage.removeItem('nxtgauge_frontend_access_token');
  localStorage.removeItem('nxtgauge_access_token');
  localStorage.removeItem('nxtgauge_auth_user');
  localStorage.removeItem('nxtgauge_user');
  localStorage.removeItem('nxtgauge_signup_profile_v1');
 }
 async function fetchSession(): Promise<AuthUser | null> {
  const token = getToken();
  if (!token) return null;
  try {
    const res = await fetch(`${API}/api/auth/session`, {
      headers: {
        Accept: 'application/json',
        Authorization: `Bearer ${token}`,
      },
      credentials: 'include',
    });
    if (!res.ok) return null;
    const data = await res.json();
    if (!data?.id && !data?.user_id) return null;
    return {
      id: data.id || data.user_id,
      email: data.email || '',
      full_name: data.full_name || data.name || '',
      active_role: data.active_role || data.role || 'JOB_SEEKER',
      email_verified: data.email_verified || false,
    };
  } catch {
    return null;
  }
 }
 export function AuthProvider(props: ParentProps) {
  const [user, setUser] = createSignal<AuthUser | null>(null);
  const [session] = createResource(fetchSession);
  const isLoading = () => session.loading;
  const isAuthenticated = () => !!user() || (!!session() && !session.error);
  if (session()) {
    setUser(session() as AuthUser | null);
  }
  const logout = () => {
    clearAuthStorage();
    setUser(null);
    if (typeof window !== 'undefined') {
      window.location.href = '/login';
    }
  };
  return (
    <AuthContext.Provider value={{ user, isAuthenticated, isLoading, logout, setUser }}>
      {props.children}
    </AuthContext.Provider>
  );
 }
 export function useAuth() {
  const ctx = useContext(AuthContext);
  if (!ctx) throw new Error('useAuth must be used within AuthProvider');
  return ctx;
 }
 export function RequireAuth(props: ParentProps<{ fallback?: string }>) {
  const navigate = useNavigate();
  const auth = useAuth();
  if (auth.isLoading()) {
    return <div class="flex min-h-screen items-center justify-center text-[#6B7280]">Loading...</div>;
  }
  if (!auth.isAuthenticated()) {
    const fallback = props.fallback || '/login';
    navigate(fallback, { replace: true });
    return null;
  }
  return <>{props.children}</>;
 }
 export { getToken, clearAuthStorage };
--- a/src/routes/dashboard.tsx
+++ b/src/routes/dashboard.tsx
@ -1,4 +1,6 @@
 import { Show, createEffect, createMemo, createResource, createSignal, onMount } from 'solid-js';
 import { useNavigate } from '@solidjs/router';
 import { useAuth, RequireAuth } from '~/lib/auth';
 import DashboardDesignPreview from '~/components/admin/DashboardDesignPreview';
 type RoleKey =
@ -212,6 +214,8 @@ function mergeSidebar(role: RoleKey, runtimeSidebar: string[]): string[] {
 }
 export default function RuntimeDashboardPage() {
  const navigate = useNavigate();
  const auth = useAuth();
  const [hydrated, setHydrated] = createSignal(false);
  const [role, setRole] = createSignal<RoleKey>('JOB_SEEKER');
  const [activeSidebar, setActiveSidebar] = createSignal('My Dashboard');
@ -221,20 +225,24 @@ export default function RuntimeDashboardPage() {
  onMount(() => {
    setHydrated(true);
-    setRole(getInitialRoleFromStorage());
+    const storedRole = getInitialRoleFromStorage();
    setRole(storedRole);
    setUserName(getNameFromStorage());
-    // Fetch fresh session data
+    if (auth.user()) {
-    fetchJson('/api/auth/session').then((data) => {
+      const u = auth.user()!;
-      if (!data) return;
+      if (u.full_name) setUserName(u.full_name);
-      const name = data.full_name
+      if (u.id) setUserId(u.id);
-        || data.name
+      if (u.active_role) setRole(normalizeRole(u.active_role));
-        || (data.first_name ? `${data.first_name} ${data.last_name ?? ''}`.trim() : '')
+    }
        || data.email?.split('@')[0]
        || '';
      if (name) setUserName(name);
      if (data.id || data.user_id) setUserId(String(data.id || data.user_id));
      if (data.active_role) setRole(normalizeRole(data.active_role));
  });
  createEffect(() => {
    const u = auth.user();
    if (u) {
      if (u.full_name && userName() === 'User') setUserName(u.full_name);
      if (u.id && !userId()) setUserId(u.id);
      if (u.active_role) setRole(normalizeRole(u.active_role));
    }
  });
  const [bundle] = createResource(
@ -272,6 +280,7 @@ export default function RuntimeDashboardPage() {
  });
  return (
    <RequireAuth>
      <main style={{ 'min-height': '100vh', background: '#f3f4f6' }}>
        <div>
@ -299,6 +308,7 @@ export default function RuntimeDashboardPage() {
          </Show>
        </div>
      </main>
    </RequireAuth>
  );
 }
--- a/src/routes/forgot-password.tsx
+++ b/src/routes/forgot-password.tsx
@ -0,0 +1,194 @@
 import { A, useNavigate, useSearchParams } from '@solidjs/router';
 import { createMemo, createSignal, Show } from 'solid-js';
 import PublicBackground from '~/components/PublicBackground';
 import PublicHeader from '~/components/PublicHeader';
 import { isValidEmail } from '~/lib/form-validation';
 function PasswordVisibilityIcon(props: { visible: boolean }) {
  if (props.visible) {
    return (
      <svg viewBox="0 0 24 24" aria-hidden="true">
        <path d="M3 3l18 18" />
        <path d="M10.58 10.58a2 2 0 0 0 2.83 2.83" />
        <path d="M9.88 5.09A11 11 0 0 1 12 4.9c5.5 0 10 4.1 10 7.1 0 1.2-.72 2.53-1.95 3.72" />
        <path d="M6.1 6.1C3.54 7.58 2 9.79 2 12c0 3 4.48 7.1 10 7.1 1.72 0 3.36-.4 4.84-1.12" />
      </svg>
    );
  }
  return (
    <svg viewBox="0 0 24 24" aria-hidden="true">
      <path d="M2 12s3.6-7 10-7 10 7 10 7-3.6 7-10 7-10-7-10-7z" />
      <circle cx="12" cy="12" r="3" />
    </svg>
  );
 }
 export default function ForgotPasswordRoute() {
  const navigate = useNavigate();
  const [search] = useSearchParams();
  const [email, setEmail] = createSignal('');
  const [token, setToken] = createSignal(search.token || '');
  const [newPassword, setNewPassword] = createSignal('');
  const [confirmPassword, setConfirmPassword] = createSignal('');
  const [showPassword, setShowPassword] = createSignal(false);
  const [showConfirm, setShowConfirm] = createSignal(false);
  const [error, setError] = createSignal('');
  const [success, setSuccess] = createSignal('');
  const [submitting, setSubmitting] = createSignal(false);
  const [step, setStep] = createSignal<'request' | 'reset'>(token() ? 'reset' : 'request');
  const passwordsMatch = createMemo(() => newPassword() === confirmPassword() && newPassword().length >= 8);
  const requestReset = async () => {
    setError('');
    setSuccess('');
    if (!isValidEmail(email())) {
      setError('Enter a valid email address.');
      return;
    }
    setSubmitting(true);
    try {
      const res = await fetch('/api/gateway/api/auth/forgot-password', {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({ email: email().trim().toLowerCase() }),
      });
      if (res.ok) {
        setSuccess('If an account exists with this email, a reset link has been sent.');
      } else {
        setError('Unable to process request. Please try again.');
      }
    } catch {
      setError('Network error. Please check your connection.');
    } finally {
      setSubmitting(false);
    }
  };
  const resetPassword = async () => {
    setError('');
    setSuccess('');
    if (!token()) {
      setError('Reset token is missing. Use the link from your email.');
      return;
    }
    if (newPassword().length < 8) {
      setError('Password must be at least 8 characters.');
      return;
    }
    if (!passwordsMatch()) {
      setError('Passwords do not match.');
      return;
    }
    setSubmitting(true);
    try {
      const res = await fetch('/api/gateway/api/auth/reset-password', {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({
          token: token(),
          new_password: newPassword(),
        }),
      });
      const data = await res.json().catch(() => ({}));
      if (res.ok) {
        setSuccess('Password reset successfully. You can now login.');
        setTimeout(() => navigate('/login', { replace: true }), 2000);
      } else {
        setError(String(data?.message || data?.error || 'Reset failed. Token may be expired.'));
      }
    } catch {
      setError('Network error. Please check your connection.');
    } finally {
      setSubmitting(false);
    }
  };
  return (
    <main class="auth-page">
      <PublicBackground />
      <PublicHeader />
      <div class="auth-layout">
        <section class="auth-visual card glass-dark">
          <img class="auth-visual-img" src="/images/auth-company-1.jpg" alt="Reset Password" />
          <div class="auth-visual-overlay" />
          <div class="auth-visual-content">
            <p class="eyebrow">Account Recovery</p>
            <h1 class="title light">Reset Your Password</h1>
            <p class="subtitle light">Securely reset your password with email verification.</p>
          </div>
        </section>
        <section class="auth-form card glass-light">
          <Show when={step() === 'request'} fallback={
            <>
              <h2 class="title">Set New Password</h2>
              <p class="subtitle">Enter your new password below.</p>
              <div class="field">
                <label class="label" for="new-password">NEW PASSWORD</label>
                <div class="auth-password-wrap">
                  <input id="new-password" type={showPassword() ? 'text' : 'password'} class="input" value={newPassword()} onInput={(e) => setNewPassword(e.currentTarget.value)} placeholder="Enter new password" />
                  <button class="auth-toggle-visibility" type="button" onClick={() => setShowPassword((p) => !p)} aria-label={showPassword() ? 'Hide password' : 'Show password'}>
                    <PasswordVisibilityIcon visible={showPassword()} />
                  </button>
                </div>
                <p class="validation-note" style={{ color: newPassword().length >= 8 ? '#fd6116' : '#6e7591' }}>
                  {newPassword().length >= 8 ? '✓ Meets minimum length' : '• Minimum 8 characters required'}
                </p>
              </div>
              <div class="field">
                <label class="label" for="confirm-password">CONFIRM PASSWORD</label>
                <div class="auth-password-wrap">
                  <input id="confirm-password" type={showConfirm() ? 'text' : 'password'} class="input" value={confirmPassword()} onInput={(e) => setConfirmPassword(e.currentTarget.value)} placeholder="Confirm new password" />
                  <button class="auth-toggle-visibility" type="button" onClick={() => setShowConfirm((p) => !p)} aria-label={showConfirm() ? 'Hide password' : 'Show password'}>
                    <PasswordVisibilityIcon visible={showConfirm()} />
                  </button>
                </div>
                <p class="validation-note" style={{ color: passwordsMatch() ? '#fd6116' : '#6e7591' }}>
                  {confirmPassword() && passwordsMatch() ? '✓ Passwords match' : '• Passwords do not match'}
                </p>
              </div>
              <button class="auth-submit-btn" type="button" onClick={() => void resetPassword()} disabled={submitting()}>
                {submitting() ? 'Resetting...' : 'Reset Password'}
              </button>
              <div class="auth-footer-row">
                <p class="note"><A href="/login">Back to Sign In</A></p>
              </div>
            </>
          }>
            <h2 class="title">Forgot Password</h2>
            <p class="subtitle">Enter your email to receive a password reset link.</p>
            <div class="field">
              <label class="label" for="reset-email">EMAIL ADDRESS</label>
              <input id="reset-email" type="email" class="input" value={email()} onInput={(e) => setEmail(e.currentTarget.value)} placeholder="Enter your registered email" />
              <p class="validation-note" style={{ color: email().trim() && isValidEmail(email()) ? '#fd6116' : '#6e7591' }}>
                {email().trim() && isValidEmail(email()) ? '✓ Valid email format' : '• Enter a valid email format'}
              </p>
            </div>
            <button class="auth-submit-btn" type="button" onClick={() => void requestReset()} disabled={submitting()}>
              {submitting() ? 'Sending...' : 'Send Reset Link'}
            </button>
            <div class="auth-footer-row">
              <p class="note"><A href="/login">Back to Sign In</A></p>
            </div>
          </Show>
          <Show when={error()}>
            <p class="error">{error()}</p>
          </Show>
          <Show when={success()}>
            <p class="error" style={{ color: '#16A34A' }}>{success()}</p>
          </Show>
        </section>
      </div>
    </main>
  );
 }
--- a/src/routes/login.tsx
+++ b/src/routes/login.tsx
@ -1,5 +1,6 @@
 import { A, useNavigate } from '@solidjs/router';
 import { createMemo, createSignal, For, Show } from 'solid-js';
 import { useAuth } from '~/lib/auth';
 import PublicBackground from '~/components/PublicBackground';
 import PublicHeader from '~/components/PublicHeader';
 import CaptchaCanvas from '~/components/CaptchaCanvas';
@ -33,6 +34,7 @@ function PasswordVisibilityIcon(props: { visible: boolean }) {
 export default function LoginRoute() {
  const navigate = useNavigate();
  const auth = useAuth();
  const [email, setEmail] = createSignal('');
  const [password, setPassword] = createSignal('');
  const [otp, setOtp] = createSignal(['', '', '', '', '', '']);
@ -91,10 +93,6 @@ export default function LoginRoute() {
  const login = async () => {
    setError('');
    if (email().trim().toLowerCase() === 'demo@nxtgauge.com' && password() === 'Demo@1234') {
      dummyLogin();
      return;
    }
    if (!isValidEmail(email())) {
      setError('Enter a valid email address.');
      return;
@ -139,6 +137,15 @@ export default function LoginRoute() {
        window.localStorage.setItem('nxtgauge_access_token', accessToken);
      }
      saveUser(data?.user || {});
      if (auth.setUser) {
        auth.setUser({
          id: data?.user?.id || '',
          email: data?.user?.email || email().trim().toLowerCase(),
          full_name: data?.user?.full_name || '',
          active_role: data?.user?.active_role || 'JOB_SEEKER',
          email_verified: data?.user?.email_verified || false,
        });
      }
      navigate('/dashboard', { replace: true });
    } finally {
      setSubmitting(false);
@ -189,38 +196,6 @@ export default function LoginRoute() {
    }
  };
  const dummyLogin = () => {
    const demoUser = {
      id: 'demo-user-001',
      email: 'demo@nxtgauge.com',
      full_name: 'Demo User',
      email_verified: true,
      active_role: 'JOB_SEEKER',
      roles: ['JOB_SEEKER'],
    };
    const payload = {
      firstName: 'Demo',
      lastName: 'User',
      fullName: 'Demo User',
      name: 'Demo User',
      displayName: 'Demo User',
      email: 'demo@nxtgauge.com',
      roleKey: 'job_seeker',
      role: 'job_seeker',
      user: demoUser,
    };
    if (typeof window !== 'undefined') {
      window.sessionStorage.setItem('nxtgauge_access_token', 'dummy-access-token');
      window.sessionStorage.setItem('nxtgauge_frontend_access_token', 'dummy-access-token');
      window.localStorage.setItem('nxtgauge_access_token', 'dummy-access-token');
      window.localStorage.setItem('nxtgauge_auth_user', JSON.stringify(payload));
      window.localStorage.setItem('nxtgauge_user', JSON.stringify(payload));
      window.localStorage.setItem('nxtgauge_signup_profile_v1', JSON.stringify(payload));
    }
    setRoleGuess('job_seeker');
    navigate('/dashboard', { replace: true });
  };
  return (
    <main class="auth-page">
      <PublicBackground />
@ -300,10 +275,6 @@ export default function LoginRoute() {
            {submitting() ? 'Signing In...' : 'Sign In'}
          </button>
          <button class="auth-submit-btn" type="button" onClick={dummyLogin} disabled={submitting()} style={{ 'margin-top': '8px', background: '#111827' }}>
            Dummy Login (Dashboard Test)
          </button>
          <Show when={showVerify()}>
            <button class="auth-submit-btn" type="button" onClick={() => void verifyThenLogin()} disabled={submitting()}>
              {submitting() ? 'Verifying...' : 'Verify Email and Login'}
@ -313,6 +284,7 @@ export default function LoginRoute() {
          <div class="auth-footer-row">
            <p class="footer-text">Secure login with email verification.</p>
            <p class="note">New user? <A href="/signup">Sign Up</A></p>
            <p class="note"><A href="/forgot-password">Forgot Password?</A></p>
          </div>
          <Show when={error()}>