Commit 198833ff authored by Mahmoud Aglan's avatar Mahmoud Aglan

fix: Google sign-in now creates proper profile with name and avatar

After OAuth callback, engine.js calls profile.php?action=ensure which
creates or updates the profile using Google's user_metadata (full_name,
avatar_url). Existing profiles with default "Player" name or missing
avatars get updated on next login.

Also backfilled avatar_url and display_name for existing Google users.
Co-Authored-By: 's avatarClaude Opus 4.6 <noreply@anthropic.com>
parent 75605741
......@@ -150,6 +150,51 @@ if ($method === 'POST') {
$input = getInput();
$action = $input['action'] ?? '';
if ($action === 'ensure') {
// Create or update profile from auth user_metadata (called after OAuth login)
$sdb = supabaseService();
$user = verifyToken($token);
$meta = $user['user_metadata'] ?? [];
$name = $meta['full_name'] ?? $meta['name'] ?? $meta['display_name'] ?? $meta['username'] ?? explode('@', $user['email'] ?? '')[0] ?? 'Player';
$avatar = $meta['avatar_url'] ?? $meta['picture'] ?? null;
$existing = $sdb->get('profiles', ['id' => 'eq.' . $userId, 'select' => 'id,display_name,avatar_url', 'limit' => 1]);
if (is_array($existing) && !isset($existing['error']) && !empty($existing)) {
// Profile exists — update if fields are empty/default
$updates = [];
$current = $existing[0];
if (!$current['display_name'] || $current['display_name'] === 'Player' || str_ends_with($current['display_name'], '_' . substr($userId, 0, 4))) {
$updates['display_name'] = $name;
$updates['username'] = $meta['username'] ?? $name;
}
if (!$current['avatar_url'] && $avatar) {
$updates['avatar_url'] = $avatar;
}
if (!empty($updates)) {
$sdb->update('profiles', $updates, ['id' => 'eq.' . $userId]);
}
} else {
// Create new profile
$sdb->insert('profiles', [
'id' => $userId,
'display_name' => $name,
'username' => $meta['username'] ?? $name,
'avatar_url' => $avatar,
'coins' => 0,
'gems' => 0,
'xp' => 0,
'level' => 1,
'daily_streak' => 0,
]);
}
// Fetch and return the full profile
$db = supabase($token);
$profiles = $db->get('profiles', ['id' => 'eq.' . $userId, 'select' => '*', 'limit' => 1]);
$profile = is_array($profiles) && !empty($profiles) && !isset($profiles['error']) ? $profiles[0] : null;
jsonResponse($profile ?? ['id' => $userId, 'display_name' => $name]);
}
if ($action === 'get-orgs') {
$db = supabaseService();
$orgs = $db->get('organizations', ['select' => 'id,name,slug,logo_url,country_code', 'order' => 'name.asc']);
......
......@@ -22,6 +22,14 @@ async function boot() {
store.set('auth.refreshToken', refreshToken);
store.set('auth.isGuest', false);
store.set('auth.guestId', null);
// Ensure profile exists with Google data (name, avatar)
fetch('/api/profile.php', {
method: 'POST',
headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${accessToken}` },
body: JSON.stringify({ action: 'ensure' })
}).then(r => r.json()).then(p => {
if (p && !p.error) store.set('player', { ...store.get('player'), ...p });
}).catch(() => {});
}
history.replaceState(null, '', '/');
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment