Fix login redirect and server error handling for admin users

Introduces a GET route for /api/login to redirect to /api/auto-login-admin, and enhances error handling and logging within the local authentication module, particularly for admin user retrieval. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 42d8028a-fa71-4ec2-938c-e43eedf7df01 Replit-Commit-Checkpoint-Type: full_checkpoint Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/6d543d2c-20b9-4ea6-93fe-70fe9b1d9f80/42d8028a-fa71-4ec2-938c-e43eedf7df01/EAVbbe1
2025-10-16 16:50:17 +00:00 · 2025-10-16 16:50:17 +00:00 · b5008a9dc8
commit b5008a9dc8
parent 51a2eec68b
3 changed files with 163 additions and 9 deletions
--- a/.replit
+++ b/.replit
@ -19,10 +19,6 @@ externalPort = 80
 localPort = 33035
 externalPort = 3001
 [[ports]]
 localPort = 36465
 externalPort = 3003
 [[ports]]
 localPort = 41343
 externalPort = 3000
--- a/attached_assets/Pasted-git-pull-origin-main-remote-Enumerating-objects-19-done-remote-Counting-objects-100-19-19--1760633252233_1760633252233.txt
+++ b/attached_assets/Pasted-git-pull-origin-main-remote-Enumerating-objects-19-done-remote-Counting-objects-100-19-19--1760633252233_1760633252233.txt
@ -0,0 +1,140 @@
 git pull origin main
 remote: Enumerating objects: 19, done.
 remote: Counting objects: 100% (19/19), done.
 remote: Compressing objects: 100% (14/14), done.
 remote: Total 14 (delta 11), reused 0 (delta 0), pack-reused 0 (from 0)
 Unpacking objects: 100% (14/14), 7.51 KiB | 640.00 KiB/s, done.
 From https://git.alfacom.it/marco/VigilanzaTurni
 * branch            main       -> FETCH_HEAD
   8b07e96..51a2eec  main       -> origin/main
 Updating 8b07e96..51a2eec
 Fast-forward
 .replit                                                                    |   4 +
 ...ct-16-11-58-04-EDT-2025-Pull-ultime-mod-1760632114854_1760632114855.txt | 185 ++++++++++++++++++++++++++++++++++
 ...ct-16-11-58-04-EDT-2025-Pull-ultime-mod-1760632132808_1760632132808.txt | 185 ++++++++++++++++++++++++++++++++++
 ...ni-git-pull-origin-main-From-https-git--1760632410513_1760632410513.txt | 169 +++++++++++++++++++++++++++++++
 server/localAuth.ts                                                        | 159 +++++++++++++++++++++++++++++
 server/routes.ts                                                           |  38 +++++--
 6 files changed, 732 insertions(+), 8 deletions(-)
 create mode 100644 attached_assets/Pasted-bash-deploy-deploy-sh-Deployment-VigilanzaTurni-Thu-Oct-16-11-58-04-EDT-2025-Pull-ultime-mod-1760632114854_1760632114855.txt
 create mode 100644 attached_assets/Pasted-bash-deploy-deploy-sh-Deployment-VigilanzaTurni-Thu-Oct-16-11-58-04-EDT-2025-Pull-ultime-mod-1760632132808_1760632132808.txt
 create mode 100644 attached_assets/Pasted-cd-var-www-vigilanza-turni-root-localhost-vigilanza-turni-git-pull-origin-main-From-https-git--1760632410513_1760632410513.txt
 create mode 100644 server/localAuth.ts
 [root@localhost vigilanza-turni]# npm ci --include=dev
 npm warn deprecated @esbuild-kit/esm-loader@2.6.5: Merged into tsx: https://tsx.is
 npm warn deprecated @esbuild-kit/core-utils@3.3.2: Merged into tsx: https://tsx.is
 added 496 packages, and audited 497 packages in 13s
 67 packages are looking for funding
  run `npm fund` for details
 8 vulnerabilities (3 low, 5 moderate)
 To address issues that do not require attention, run:
  npm audit fix
 To address all issues (including breaking changes), run:
  npm audit fix --force
 Run `npm audit` for details.
 [root@localhost vigilanza-turni]# npm run build
 > rest-express@1.0.0 build
 > vite build && esbuild server/index.ts --platform=node --packages=external --bundle --format=esm --outdir=dist
 vite v5.4.20 building for production...
 transforming (3) src/main.tsxBrowserslist: browsers data (caniuse-lite) is 12 months old. Please run:
  npx update-browserslist-db@latest
  Why you should do it regularly: https://github.com/browserslist/update-db#readme
 transforming (4) src/App.tsx
 A PostCSS plugin did not pass the `from` option to `postcss.parse`. This may cause imported assets to be incorrectly
 transformed. If you've recently added a PostCSS plugin that raised this warning, please contact the package author to fix the issue.
 ✓ 2673 modules transformed.
 ../dist/public/index.html                   1.49 kB │ gzip:   0.63 kB
 ../dist/public/assets/index-DdJrKUWT.css   75.43 kB │ gzip:  12.17 kB
 ../dist/public/assets/index-C9iY8fDP.js   590.69 kB │ gzip: 173.23 kB
 (!) Some chunks are larger than 500 kB after minification. Consider:
 - Using dynamic import() to code-split the application
 - Use build.rollupOptions.output.manualChunks to improve chunking: https://rollupjs.org/configuration-options/#output-manualchunks
 - Adjust chunk size limit for this warning via build.chunkSizeWarningLimit.
 ✓ built in 8.84s
  dist/index.js  61.2kb
 ⚡ Done in 15ms
 [root@localhost vigilanza-turni]# pm2 restart vigilanza-turni
 Use --update-env to update environment variables
 [PM2] Applying action restartProcessId on app [vigilanza-turni](ids: [ 0 ])
 [PM2] [vigilanza-turni](0) ✓
 ┌────┬────────────────────┬──────────┬──────┬───────────┬──────────┬──────────┐
 │ id │ name               │ mode     │ ↺    │ status    │ cpu      │ memory   │
 ├────┼────────────────────┼──────────┼──────┼───────────┼──────────┼──────────┤
 │ 0  │ vigilanza-turni    │ fork     │ 3    │ online    │ 0%       │ 9.8mb    │
 └────┴────────────────────┴──────────┴──────┴───────────┴──────────┴──────────┘
 [root@localhost vigilanza-turni]# pm2 logs vigilanza-turni --lines 30 --nostream
 [TAILING] Tailing last 30 lines for [vigilanza-turni] process (change the value with --lines option)
 /root/.pm2/logs/vigilanza-turni-error.log last 30 lines:
 0|vigilanz |       at TLSSocket.onConnectSecure (node:_tls_wrap:1687:27)
 0|vigilanz |       at TLSSocket.emit (node:events:524:28)
 0|vigilanz |       at TLSSocket._finishInit (node:_tls_wrap:1076:8)
 0|vigilanz |       at ssl.onhandshakedone (node:_tls_wrap:862:12) {
 0|vigilanz |     code: 'ERR_TLS_CERT_ALTNAME_INVALID',
 0|vigilanz |     reason: "Host: localhost. is not in the cert's altnames: DNS:vt.alfacom.it",
 0|vigilanz |     host: 'localhost',
 0|vigilanz |     cert: {
 0|vigilanz |       subject: [Object: null prototype],
 0|vigilanz |       issuer: [Object: null prototype],
 0|vigilanz |       subjectaltname: 'DNS:vt.alfacom.it',
 0|vigilanz |       infoAccess: [Object: null prototype],
 0|vigilanz |       ca: false,
 0|vigilanz |       bits: 256,
 0|vigilanz |       pubkey: <Buffer 04 1f 47 37 77 2f 24 97 69 bf 9b 69 2c 6f f1 94 ea 66 2a 19 e8 89 2c 5b 59 ca 44 8f 3f 04 9f c9 ff f3 47 fa 2b 72 43 d9 66 11 90 31 04 31 fb 82 22 4c ... 15 more bytes>,
 0|vigilanz |       asn1Curve: 'prime256v1',
 0|vigilanz |       nistCurve: 'P-256',
 0|vigilanz |       valid_from: 'Oct 16 07:57:48 2025 GMT',
 0|vigilanz |       valid_to: 'Jan 14 07:57:47 2026 GMT',
 0|vigilanz |       fingerprint: 'D0:77:49:94:D8:06:A7:C5:EC:21:74:C6:B3:F5:42:48:96:77:46:28',
 0|vigilanz |       fingerprint256: '8B:D9:F6:31:F4:0A:65:53:B7:69:ED:4C:8C:B9:D5:92:91:81:56:B2:33:B5:0E:F1:8A:E3:FC:BA:EB:12:87:D0',
 0|vigilanz |       fingerprint512: '9A:1A:04:0D:E2:CE:78:E3:52:9F:6E:1C:25:95:95:FF:C9:7C:62:C6:D6:98:CA:E8:59:5C:01:0A:5F:A5:C2:43:50:77:10:2E:07:CB:7B:F3:C9:DE:39:37:A5:54:86:FD:C7:0F:02:DF:F6:E7:C8:BB:BA:BE:FB:79:AE:77:76:59',
 0|vigilanz |       ext_key_usage: [Array],
 0|vigilanz |       serialNumber: '068FB11FEDA957005036401D5EBC8CB8BD43',
 0|vigilanz |       raw: <Buffer 30 82 03 87 30 82 03 0c a0 03 02 01 02 02 12 06 8f b1 1f ed a9 57 00 50 36 40 1d 5e bc 8c b8 bd 43 30 0a 06 08 2a 86 48 ce 3d 04 03 03 30 32 31 0b 30 ... 857 more bytes>,
 0|vigilanz |       issuerCertificate: [Object]
 0|vigilanz |     }
 0|vigilanz |   },
 0|vigilanz |   [Symbol(kMessage)]: "Hostname/IP does not match certificate's altnames: Host: localhost. is not in the cert's altnames: DNS:vt.alfacom.it"
 0|vigilanz | }
 /root/.pm2/logs/vigilanza-turni-out.log last 30 lines:
 0|vigilanz | > NODE_ENV=production node dist/index.js
 0|vigilanz |
 0|vigilanz | 12:31:17 PM [express] serving on port 5000
 0|vigilanz |
 0|vigilanz | > rest-express@1.0.0 start
 0|vigilanz | > NODE_ENV=production node dist/index.js
 0|vigilanz |
 0|vigilanz | 12:35:39 PM [express] serving on port 5000
 0|vigilanz |
 0|vigilanz | > rest-express@1.0.0 start
 0|vigilanz | > NODE_ENV=production node dist/index.js
 0|vigilanz |
 0|vigilanz | 12:37:02 PM [express] serving on port 5000
 0|vigilanz | 12:37:32 PM [express] GET /api/auth/user 401 in 7ms :: {"message":"Unauthorized"}
 0|vigilanz | 12:37:33 PM [express] GET /api/login 302 in 59ms
 0|vigilanz | 12:37:38 PM [express] GET /api/login 302 in 11ms
 0|vigilanz | 12:37:43 PM [express] GET /api/auth/user 401 in 7ms :: {"message":"Unauthorized"}
 0|vigilanz | 12:37:45 PM [express] GET /api/login 302 in 9ms
 0|vigilanz | 12:38:13 PM [express] GET /api/login 302 in 35ms
 0|vigilanz | 12:38:48 PM [express] GET /api/login 302 in 31ms
 0|vigilanz |
 0|vigilanz | > rest-express@1.0.0 start
 0|vigilanz | > NODE_ENV=production node dist/index.js
 0|vigilanz |
 0|vigilanz |  Usando Local Auth (vt.alfacom.it)
 0|vigilanz | ✅ [LocalAuth] Sistema autenticazione locale attivato
 0|vigilanz |  Email admin: admin@vt.alfacom.it
 0|vigilanz |  Password admin: admin123
 0|vigilanz |  Auto-login: GET /api/auto-login-admin
 0|vigilanz | 12:46:18 PM [express] serving on port 5000
--- a/server/localAuth.ts
+++ b/server/localAuth.ts
@ -104,7 +104,13 @@ export async function setupLocalAuth(app: Express) {
    }
  });
-  // Route login locale
+  // Route login GET (redirect auto-login per compatibilità)
  app.get("/api/login", (req, res) => {
    // Redirect a auto-login admin per demo
    res.redirect("/api/auto-login-admin");
  });
  // Route login locale POST
  app.post("/api/local-login", passport.authenticate("local"), (req, res) => {
    res.json({ 
      success: true, 
@ -120,21 +126,33 @@ export async function setupLocalAuth(app: Express) {
    }
    try {
      console.log("🔍 [LocalAuth] Recupero lista utenti...");
      const users = await storage.getAllUsers();
      console.log(`✅ [LocalAuth] Trovati ${users.length} utenti`);
      const admin = users.find((u: any) => u.email === DEFAULT_ADMIN_EMAIL);
      if (admin) {
        console.log(`✅ [LocalAuth] Admin trovato: ${admin.email}`);
        req.login({ id: admin.id, email: admin.email }, (err) => {
          if (err) {
-            return res.status(500).json({ error: "Errore auto-login" });
+            console.error("❌ [LocalAuth] Errore req.login:", err);
            return res.status(500).json({ error: "Errore auto-login", details: err.message });
          }
          console.log("✅ [LocalAuth] Login effettuato, redirect a /");
          res.redirect("/");
        });
      } else {
-        res.status(404).json({ error: "Admin non trovato" });
+        console.error(`❌ [LocalAuth] Admin non trovato (cercato: ${DEFAULT_ADMIN_EMAIL})`);
        res.status(404).json({ error: "Admin non trovato", users: users.map((u: any) => u.email) });
      }
-    } catch (error) {
+    } catch (error: any) {
-      res.status(500).json({ error: "Errore server" });
+      console.error("❌ [LocalAuth] Errore in auto-login-admin:", error);
      res.status(500).json({ 
        error: "Errore server", 
        message: error.message,
        stack: process.env.NODE_ENV === 'development' ? error.stack : undefined
      });
    }
  });