From e3aa28a8d9d4a890d1fa54ef03dab2e4c99abfb5 Mon Sep 17 00:00:00 2001
From: tigattack <10629864+tigattack@users.noreply.github.com>
Date: Thu, 25 Sep 2025 08:57:58 +0100
Subject: [PATCH] fix: login after signup
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Also resolves entire user object being return to client, including password_hash... ⚠️
---
 backend/src/routes/authRoutes.js               | 14 +++++++++++++-
 .../src/components/FirstTimeAdminSetup.jsx     | 18 +++++++++++++-----
 2 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/backend/src/routes/authRoutes.js b/backend/src/routes/authRoutes.js
index d61934b..bcffc02 100644
--- a/backend/src/routes/authRoutes.js
+++ b/backend/src/routes/authRoutes.js
@@ -118,9 +118,21 @@ router.post(
 			// Create default dashboard preferences for the new admin user
 			await createDefaultDashboardPreferences(user.id, "admin");
 
+			// Generate token for immediate login
+			const token = generateToken(user.id);
+
 			res.status(201).json({
 				message: "Admin user created successfully",
-				user: user,
+				token,
+				user: {
+					id: user.id,
+					username: user.username,
+					email: user.email,
+					role: user.role,
+					first_name: user.first_name,
+					last_name: user.last_name,
+					is_active: user.is_active,
+				},
 			});
 		} catch (error) {
 			console.error("Error creating admin user:", error);
diff --git a/frontend/src/components/FirstTimeAdminSetup.jsx b/frontend/src/components/FirstTimeAdminSetup.jsx
index 38a8877..5d34624 100644
--- a/frontend/src/components/FirstTimeAdminSetup.jsx
+++ b/frontend/src/components/FirstTimeAdminSetup.jsx
@@ -3,7 +3,7 @@ import { useId, useState } from "react";
 import { useAuth } from "../contexts/AuthContext";
 
 const FirstTimeAdminSetup = () => {
-	const { login } = useAuth();
+	const { login, setAuthState } = useAuth();
 	const firstNameId = useId();
 	const lastNameId = useId();
 	const usernameId = useId();
@@ -95,10 +95,18 @@ const FirstTimeAdminSetup = () => {
 
 			if (response.ok) {
 				setSuccess(true);
-				// Auto-login the user after successful setup
-				setTimeout(() => {
-					login(formData.username.trim(), formData.password);
-				}, 2000);
+
+				// If the response includes a token, use it to automatically log in
+				if (data.token && data.user) {
+					// Auto-login using the token from the setup response
+					setAuthState(data.token, data.user);
+					setTimeout(() => {}, 2000);
+				} else {
+					// Fallback to manual login if no token provided
+					setTimeout(() => {
+						login(formData.username.trim(), formData.password);
+					}, 2000);
+				}
 			} else {
 				setError(data.error || "Failed to create admin user");
 			}