From 9d292f80dae048a39766faa78c079bf50a64767e Mon Sep 17 00:00:00 2001
From: Vadym Samoilenko <vadymsamoilenko@oliver.agency>
Date: Thu, 26 Mar 2026 13:18:17 +0000
Subject: [PATCH] tmp: debug login to diagnose 401

---
 src/routers/auth.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/routers/auth.py b/src/routers/auth.py
index 73495cc..6cd3e47 100644
--- a/src/routers/auth.py
+++ b/src/routers/auth.py
@@ -20,6 +20,12 @@ router = APIRouter(prefix="/api/auth", tags=["auth"])
 async def login(body: LoginRequest, db: AsyncSession = Depends(get_db)):
     result = await db.execute(select(User).where(User.email == body.email))
     user = result.scalar_one_or_none()
+    import logging
+    log = logging.getLogger("auth.login")
+    log.warning("LOGIN email=%r found=%s pw_len=%d pw_bytes=%s match=%s",
+        body.email, user is not None, len(body.password),
+        body.password.encode().hex(),
+        verify_password(body.password, user.password_hash) if user else "no_user")
     if not user or not user.is_active or not verify_password(body.password, user.password_hash):
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid credentials")
     return TokenResponse(