From 235ce5716edc2f7cbe80fdccf26eac7269587839 Mon Sep 17 00:00:00 2001
From: Jake Vanderwerf <get@jakevanderwerf.ca>
Date: Mon, 08 Jun 2026 04:38:18 +0000
Subject: [PATCH] =FavouritesManager.php and FavouritesRoutes.php fixes. Moving all logic to FavouritesManager.php. Still some left to do

---
 inc/rest/routes/MagicLinkRoutes.php |   73 ++++++++++--------------------------
 1 files changed, 20 insertions(+), 53 deletions(-)

diff --git a/inc/rest/routes/MagicLinkRoutes.php b/inc/rest/routes/MagicLinkRoutes.php
index fc12edc..efc6571 100644
--- a/inc/rest/routes/MagicLinkRoutes.php
+++ b/inc/rest/routes/MagicLinkRoutes.php
@@ -12,17 +12,16 @@
 }
 
 /**
+ * @deprecated all bundled in with LoginRoutes.php
  * Magic Link REST Routes
  *
  * Handles API endpoints for passwordless authentication
  */
 class MagicLinkRoutes extends RestRouteManager
 {
-	protected MagicLinkManager $magic_link;
 
 	public function __construct()
 	{
-		$this->magic_link = new MagicLinkManager();
 		parent::__construct();
 	}
 
@@ -104,13 +103,15 @@
 	 */
 	public function sendMagicLink(WP_REST_Request $request): WP_REST_Response
 	{
-		$email = sanitize_email($request->get_param('email')??$request->get_param('user_email')??'');
-		$type = sanitize_text_field($request->get_param('type'));
-		$context = $request->get_param('context') ?? [];
+		$data = $request->get_json_params();
 
-		error_log('SendMagicLink request: '.print_r($email, true));
-		error_log('Type: '.print_r($type, true));
-		error_log('Context: '.print_r($context, true));
+		// Verify Turnstile
+		if (!$this->verifyTurnstile($data['cf-turnstile-response'] ?? '')) {
+			return $this->error('Security verification failed', 'turnstile_failed', 403);
+		}
+		$email = sanitize_email($request->get_param('email')??$request->get_param('user_email')??'');
+		$type = sanitize_text_field($request->get_param('type')) ?? MagicLinkManager::TYPE_LOGIN;
+		$context = $request->get_param('context') ?? [];
 
 		// Validate email
 		if (!is_email($email)) {
@@ -122,17 +123,20 @@
 
 		// Check if email exists
 		$exists = email_exists($email);
-		if (!$exists) {
-
+		if ($type === MagicLinkManager::TYPE_LOGIN && !$exists) {
 			return new WP_REST_Response([
-				'success' => false,
-				'message' => 'User account not found'
-			], 400);
+				'success' => true,
+				'message' => 'Invalid email address'
+			]);
+		}
+
+		if ($type === MagicLinkManager::TYPE_SIGNUP && $exists) {
+			// Redirect to login instead
+			$type = MagicLinkManager::TYPE_LOGIN;
 		}
 
 		// Send the magic link
-		$result = $this->magic_link->sendMagicLink($email, $type, $context);
-		error_log('Result: '.print_r($result, true));
+		$result = JVB()->magicLink()?->sendMagicLink($email, $type, $context);
 
 		if (is_wp_error($result)) {
 			return new WP_REST_Response([
@@ -174,7 +178,7 @@
 		$email = sanitize_email($request->get_param('email'));
 
 		// This returns array|WP_Error - check for error first
-		$token_data = $this->magic_link->verifyToken($token, $email);
+		$token_data = JVB()->magicLink()?->verifyToken($token, $email);
 
 		if (is_wp_error($token_data)) {
 			return new WP_REST_Response([
@@ -200,42 +204,5 @@
 		], 200);
 	}
 
-	protected function processReferralSignup(array $token_data): void
-	{
-		// Create user account
-		$user_id = wp_create_user(
-			$token_data['email'],
-			wp_generate_password(20, true, true),
-			$token_data['email']
-		);
 
-		if (is_wp_error($user_id)) {
-			wp_die('Failed to create account: ' . $user_id->get_error_message());
-		}
-
-		// Update user info
-		if (!empty($token_data['name'])) {
-			wp_update_user([
-				'ID' => $user_id,
-				'display_name' => $token_data['name'],
-				'first_name' => $token_data['name']
-			]);
-		}
-
-		// Store referral code in user meta (temporary)
-		// ReferralManager::processReferral will pick this up
-		update_user_meta($user_id, BASE . 'pending_referral_code', $token_data['referral_code']);
-
-		// Trigger registration actions (this calls processReferral)
-		do_action('user_register', $user_id);
-
-		// Log the user in
-		wp_set_current_user($user_id);
-		wp_set_auth_cookie($user_id, true);
-		do_action('wp_login', get_user_by('ID', $user_id)->user_login, get_user_by('ID', $user_id));
-
-		// Redirect with referral welcome message
-		wp_safe_redirect(home_url('/dash?referral_welcome=1'));
-		exit;
-	}
 }

--
Gitblit v1.10.0