jakevan/jvb.git

			@@ -1,9 +1,11 @@
			<?php
			namespace JVBase\rest\routes;

			use JVBase\managers\Cache;
			use JVBase\registrar\Registrar;
			use JVBase\rest\Rest;
			use JVBase\rest\Route;
			use JVBase\utility\Features;
			use JVBase\base\Site;
			use WP_REST_Request;
			use WP_REST_Response;
			use WP_Error;
			@@ -30,7 +32,7 @@

			parent::__construct();

			$this->hasMagicLink = Features::forSite()->has('magicLink');
			$this->hasMagicLink = Site::has('magicLink');
			}

			public function registerRoutes(): void
			@@ -134,18 +136,23 @@
			*/
			public function handleLogin(WP_REST_Request $request): WP_REST_Response
			{
			error_log('Handling login...');
			$email = sanitize_email($request->get_param('user_email'));
			$password = $request->get_param('user_password');
			$remember = (bool) $request->get_param('remember_me');
			$redirect_to = $request->get_param('redirect_to');

			// Verify Turnstile

			if (!$this->verifyTurnstile($request->get_param('cf-turnstile-response') ?? '')) {
			error_log('[handleLogin]Turnstile failed');
			return $this->error(
			'Security verification failed. Please try again.',
			'turnstile_failed',
			403
			);
			} else {
			error_log('[handleLogin]Turnstile succeeded');
			}

			// Attempt authentication
			@@ -261,7 +268,7 @@
			]);

			// Process referral code if provided
			if (!empty($referral_code) && Features::forSite()->has('referrals')) {
			if (!empty($referral_code) && Site::has('referrals')) {
			$this->processReferralCode($user_id, $referral_code);
			}

			@@ -630,17 +637,17 @@
			}

			// Check if role is valid and can register
			$role_config = JVB_USER[$user_select] ?? null;
			$registrar = Registrar::getInstance($user_select);

			if (!$role_config) {
			if (!$registrar) {
			return new WP_Error('invalid_role', 'Invalid role selected.');
			}

			if (!($role_config['can_register'] ?? false)) {
			if (!($registrar->hasFeature('can_register') ?? false)) {
			return new WP_Error('role_not_allowed', 'This role cannot be selected during registration.');
			}

			return BASE . $user_select;
			return $registrar->getBased();
			}

			/**
			@@ -648,7 +655,7 @@
			*/
			protected function processReferralCode(int $user_id, string $referral_code): void
			{
			if (!Features::forSite()->has('referrals')) {
			if (!Site::has('referrals')) {
			return;
			}

			@@ -710,41 +717,43 @@
			}
			}

			public static function auth():array
			{
			return (new self)->buildAuth();
			}

			protected function buildAuth(?int $user = null): array
			{
			if (is_user_logged_in()) {
			$user = ($user) ?: get_current_user_id();
			$userId = $user ?? (is_user_logged_in() ? get_current_user_id() : 0);

			if ($userId) {
			return [
			'authenticated' => true,
			'user' => $user,
			'nonces' => $this->getUserNonces($user)
			'user' => $userId,
			'nonces' => $this->getUserNonces($userId),
			];
			}

			return [
			'authenticated' => false,
			'user' => false,
			'nonces' => [
			'wp_rest' => wp_create_nonce('wp_rest')
			]
			'user' => false,
			'nonces' => ['wp_rest' => wp_create_nonce('wp_rest')],
			];
			}
			protected function getUserNonces(int $userID):array {
			$nonces = [
			'wp_rest' => wp_create_nonce('wp_rest'),
			];
			if (Features::forSite()->has('dashboard')) {
			if (Site::has('dashboard')) {
			$nonces['dash'] = wp_create_nonce('dash-'.$userID);
			}
			if (Features::forSite()->has('favourites')) {
			if (Site::has('favourites')) {
			$nonces['favourites'] = wp_create_nonce('favourites-'.$userID);
			}
			if (Features::anyContentHas('karma') \|\|
			Features::anyTaxonomyHas('karma') \|\|
			Features::anyUserHas('karma')) {
			if (!empty(Registrar::withFeature('karma'))) {
			$nonces['votes'] = wp_create_nonce('votes-'.$userID);
			}
			if (Features::forSite()->has('notifications')) {
			if (Site::has('notifications')) {
			$nonces['notifications'] = wp_create_nonce('notifications-'.$userID);
			}
			return $nonces;