jakevan/jvb.git

			@@ -31,23 +31,7 @@
			register_rest_route($this->namespace, '/auth/login', [
			'methods' => 'POST',
			'callback' => [$this, 'handleLogin'],
			'permission_callback' => [$this, 'checkRateLimit'],
			'args' => [
			'user_email' => [
			'required' => true,
			'type' => 'string',
			'sanitize_callback' => 'sanitize_email'
			],
			'user_password' => [
			'required' => true,
			'type' => 'string'
			],
			'remember_me' => [
			'required' => false,
			'type' => 'boolean',
			'default' => false
			]
			]
			'permission_callback' => [$this, 'checkRateLimit']
			]);

			// Logout endpoint
			@@ -125,7 +109,8 @@

			public function handleLogin(WP_REST_Request $request): WP_REST_Response
			{
			$data = $request->get_json_params();
			$data = $request->get_params();
			error_log('Data: '.print_r($data, true));
			// Verify Turnstile
			if (!$this->verifyTurnstile($data['cf-turnstile-response'] ?? '')) {
			return $this->error('Security verification failed', 'turnstile_failed', 403);
			@@ -154,7 +139,7 @@
			'user_login' => $username,
			'user_password' => $password,
			'remember' => $remember
			], false);
			], is_ssl());


			if (is_wp_error($user)) {
			@@ -172,7 +157,7 @@

			// Set auth cookie with remember me flag
			wp_set_current_user($user->ID);
			wp_set_auth_cookie($user->ID, $remember);
			wp_set_auth_cookie($user->ID, $remember, is_ssl());



			@@ -370,6 +355,9 @@
			wp_set_current_user($user->ID);
			wp_set_auth_cookie($user->ID, true);

			if (session_status() === PHP_SESSION_ACTIVE) {
			session_regenerate_id(true);
			}
			// Store session fingerprint
			$this->storeSessionFingerprint($user->ID, $request);

			@@ -581,7 +569,7 @@
			];
			}

			protected function getRedirect(WP_User $user, string $url, string $context = 'login'):string
			protected function getRedirect(WP_User $user, ?string $url=null, string $context = 'login'):string
			{
			if (!empty($url)) {
			$url = sanitize_url($url);