Admin Dashboard Isues

[Jonneal3]

Admin dashboard will not create a new user when logging in for the first time.

It will send OTP to the sesto email that is in the seed.

But, it will not only not add my new email as the owner--- when i simply add an email to my supabase, it will not log the user in.

There is a serious issue in the user flow -After entering correct OTP, it just loops user back around to login page in an infinite user flow loop..

Any fixes here? Id love to use this store but Its unusable right now @sesto-dev

Also, just want to make sure that this github is a true multi-vendor market? As in, multiple owners can be added with multiple products/??

Ive been trying to make updates and login for 2 days just to dee what the admin dashboard looks like - some help would be greatly appreciated.

[sesto-dev]

You cannot create an admin user from the UI and its by design. If it was allowed then everybody would be able to create an account and view / modify everything about your store. I have provided the seed script as an example, you should populate it with you own data, reset your database and run the seed script again.

No the current setup is not designed to handle multiple vendor but it should be relatively straight-forward to do it.

[Jonneal3]

@sesto-dev Got it thanks. I mean, even when I re-seed the DB with my email, and go to login - it doesn't log in and goes in a loop.

There is something wrong with the "verify" route or the "user-auth-form" - It perpetually loops to login screen even if you have the owner in there and will not go to the product route or no matter what i've done so far.

Even in your live vercel hosted version this is the case - but i guess as this isn't intended to be multi-vendor thats why.

Its an awesome project and I'd like to find out why it perpetually loops has been my main problem so far.

I have no idea why because when I log all of email "verify" file, it seems to receive the OTP an process it, but maybe the issue is middleware file, routing or cookies - though I have attempted a few fixes to no avail.

But also, if it is not meant to be an multi-vendor dash, wont I have to change the relationships to the owner in that case? As in, products and things like that should only show if that owner is logged in... That sounds like a lot of work (unless I could just make the changes to the prisma.schema file is what you'd recommend for simplicity??)

[sesto-dev]

I just logged in with my deployed version through 2 different admin accounts / emails and everything worked fine.

Even in your live vercel hosted version

Only the emails who I've provided as admins in my own seed version will ever be able to login through the Vercel hosted version of (my) admin dashboard.

wont I have to change the relationships to the owner in that case?

Yes you would need to add a new layer of ownership to products / orders. It's not a difficult or a challenging task since the fundamental logic is already there but it would take a lot of time to do it manually. I would suggest you use Cursor IDE and let AI do it for you.

[Jonneal3]

:) yes im using cursor lol! I will do that...

thats weird then -- mind if I send you a loom video of the error on my end??? based upon the owner email, when i go to OTP etc, it just perpetually loops. Such a pain because i really want to use this git...

[sesto-dev]

Yes of course you can send it to me.

[Jonneal3]

ok cool give me about 1 hour

[Jonneal3]

@sesto-dev https://www.loom.com/share/0be8fcb5a9aa4a039377c822bebb9686?sid=9358c7dd-e1d0-4f51-bfce-214e6a07a319

Im using cursor Mac m3

[Jonneal3]

@sesto-dev DUDE! So sorry for WASTING your time. I had the JWT secret key in the STOREFRONT but forgot to add to the Admin. What a DUH moment for me. Not filling out full .envs while testing has gotten me many times. Thanks for the help! Works now! Looks great!

[sesto-dev]

I'm glad your issue is resolved 👍 In one of my other projects I am using the joi package that checks for required .env variables when the server is booting up and screams at you if you've missed any, I guess it would help if I implement it here too. It silently failing authentication if the JWT Secret is not provided is not a good design.