Login methods, SMTP email verification, Google OAuth
| Method |
Status |
Details |
| Google OAuth |
Working |
GCP project “Ricoya” (Sean’s account), redirect via Supabase |
| Email + Password |
Working |
Signup sends verification email via Resend SMTP, DNS records on GoDaddy |
| Phone OTP |
Working |
Supabase phone auth, Honduras country code (+504) |
Combined Email/Phone into a single tabbed card with segmented control (orange active tab). Two sections total:
- Google sign-in button
- Email/Phone card with tab toggle
- Provider: Resend (API key configured in Supabase)
- Domain: ricoya.net
- DNS: DKIM TXT + SPF MX + SPF TXT records added on GoDaddy
- Flow: Signup → verification email sent → user clicks link → confirmed → can sign in
- Project: elopzpfftytxncfyutju
- Auth UID: UUID stored as
auth_uid in users table
- Token refresh: Fixed stale token issue —
apiClient.ts now force-refreshes session on 401
| File |
Purpose |
src/app/login/page.tsx |
Login page — all auth methods |
src/lib/apiClient.ts |
API client with token refresh logic |
src/lib/serverAuth.ts |
authenticateRequest() — verifies Supabase JWT |