From 6031f9893d0bae36cd655420f42854440f4c8f0f Mon Sep 17 00:00:00 2001
From: michael <michael@modernfreedom.com>
Date: Wed, 8 Oct 2025 22:56:08 -0500
Subject: [PATCH] added logging to troubleshoot refresh token issue

---
 .../__pycache__/routes_auth.cpython-313.pyc   | Bin 6197 -> 7330 bytes
 backend/app/api/v1/routes_auth.py             |  16 ++++++++++++++--
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/backend/app/api/v1/__pycache__/routes_auth.cpython-313.pyc b/backend/app/api/v1/__pycache__/routes_auth.cpython-313.pyc
index de9cf883d6c5038f4dfb61027da185571fee5fc7..759016619f996c6e1502c19bd9d649ea4b409152 100644
GIT binary patch
delta 2181
zcmZ`)TWs4@7(R~UI&l&wO_QZvn)Fbnt!3+NZMP<&m#od!c3QjI^KJo^HgUSDtvxx(
zE|pLwp5Oto$`hLqXb2=U36O@yWe6lXX%gEWCRd4Q6(TWSK)hva4+wbRIEkBNtbXwM
z&wsw}`@i#_WBIGjk9_nKi-iK{vF!c*%-60jXvM5sCgexvfmoPO^XkLu!elW5fWv#S
zVoZZ>ofbosZz(~dF9J}(-NZu>Hfk#2LQQohKgJ!+tez!&Iv(>@5^KuhVXOR_#bK^c
zCFO?}m&>3*s=cUdO`B`1(SII*ncgZ_l#1ECiK*sq<x|g^SVDeaagUj`!U9oY%EA%V
zLL9N#lzLQti|s>}E^eRGF*dD3<&mkASM+tbl_TUXy<0v{+v>IuYG!Rkp|De<vrV0V
zs~N%eVFJmK%r;q}o3^5Nvb808gGT2F*6zauL)iUH#>ioeNA*QwoRO^yd*%17jW310
z8jNYyqVia=x<jQp9sZN(V9=H;R(8q{tu9kpr$t2$JKNA@WVcnkT|N?BsPYx9f42AG
z-CAYNz!4lN2WuQUrd^dwHTduyzyJ<m6Zi`t+^GRcFtY@JKvl?Y4|i*;9HkvP)1&3e
zBMn$LN1@}_YbXfVMiv})3#JM^4`*V0@)Wtfx%#GTbvIJ1HyqHalpUz#;#slCZ;*;%
zG0=}Uff%+Qk72EFLfVN)N%SRx{PinuLnd^P39+MaBy@l~<cGtexG>K{{=$4b5%<Gn
zM*;WVjZIvLVI~<roDfq`;$spYKLZou0x!UM0Y(bs__B+sS`owqjEPAhDnYe$*A}IN
zi3GoNHZd>EAw?MFBVv><YPYwyC(%b*ZFsii_*kKO5gvu{WF*4J<FVx8;>A5Maq%qQ
zpVg~FmMqy#s{7Ah|NoXwNMfP1x*3(>hw`tshPI^op+2uwT%4ES*a(bC;!@EkV*G6z
zP9@cA^E`&uma<9I7YQa+A!#onCEK^~7P=7OQENm2Mw61-q0(mja9QVvk`B?9O~<5}
z2tPa1A6f8I%dRou+|1&9R6}YGrF{t7>dlg+!^+}wd_vlfl3D$%C@#uEt=J|_sdK~h
zv@o;8Pfur!iK295Axk00OEZaS{z60=Ql-rDFSS#tEXGTx(KK#GFIe$NM^K`0=L#=Y
z#k`CB{sAt5ycswfuTHK^t~++EId<K!rX78kj^y-4#oY0w{^qOc&S9lvM4>_%{lVW%
z^*Mt@p$9XDp&aeb)qB_Ld)DfEHtO~~Ch(Y*$^+a;<*6Zzpj4nOm@y3J?A~jyr|oTT
zl7&=gb?(Q7I|~YPGJWur5<0EW;f&#xM<)9_fwuye&!tV?4_niw-8plu;_%<z|3l#0
z!0NelU_$XvD)yrp^OXF#z13Eb>bvc_ZB*z3sL01Z*|C(7R%}D7u2qy9&lnEptlo`=
z)(wYyqt<z~VWr_}(@N80Qg1^p^+xK?e&Fc;>***4%+4o(EEyj7KCv47?)>`T<l5k*
zGH_Hm$|&qHh2a$Xc*bzzXM@^+%jRpR);(Qop02c~TWRc3=-!NBUoKVI5$B%I*qgPV
z9=|cF)b*m~lzQ_|-iS*58y`eR@J7%x9>DIvVfPpY?gp^Y0sY;VM=&(G*N>r<djo2G
zAEU<m@cX7<%Xl~bpqoIG2YonNUM4#h#W^vVh?M^Lx8@yV7%_{KKe_dd^9+W~%FyM(
xM0vpVLHi_zQ5zOV9#?}$^tL>q2KgFb^gJci@CgodzPzrGjmpOQ7QKL!{sW|A>&gHC

delta 929
zcmZ9KUr19?9LIm>o_lw<yFbpm&0V)SS4uk5nrX^hvuL3dVYI`AVEABq=ccm7HjRV`
zda8#gIWG}JQI9=^^cq266cvRJjUnY*)YFDO^w2}+dcA0#hkL*0_x*f-=MU#u{8h}g
z<#bBG#!Ao6T*Ld)^~J$`z;x3w>Qr&JZm=<<0L|fOgm47MISqv&V>cWC6`w?gF7R~J
z<(GMLPK1%`08>WRN-RcJXB5$73W6#eSVbaMgH$=%z)@^d1=`OCT^7}HfILhjgUmFW
zyCL2fsFrhR2o*$COw07N&`#%YSB%(qQJ;yb0&&Dq!J6?OsMu7LZlx={CxuiSab^Oh
zpAMO7@4wFt?^R8e3D67fkb}5JuCSYM1F%BQ9dchngh`W1cj~JRH1!Dp#J%s^92X;y
z=`uOhstW8-<}I)?4O&70BFAwjSYcxO5M+8yScIuos^Q)c@fau1LK3$_77gPpiuxu>
zNA&y~Iow_2D>trbHL;{+OIkU%ET1ndO)cbSB9-F2R*3AFxV(6ke)gpLOD9-t*=HiV
z83Qd1F)!+`iPOd6d|oTp@T^v$pS(pbD$%^}vQXAv8h!5za~~1?<qMtqZdW#3!3`z+
zO&R>E3|2k84FNYvb-*^ME)5IPh8%u)b6xJcBUbJ5{lwkGgQazQ_-S<Aew03Gi9WBk
zAkN)RfBS>C8VT?w|7?#TaQL=>XW9Qc_w4J8nftdKW1G3181F!@&sxWl@YaIH68u{+
zHNYloBZwJm38d>}$9M$4i(pn+7LP9!XN!xK>D@=qdH}n7fYl$$86-?H^=P#-kV9ya
z-V3&&Ir<{__*e=dsp|CBu`V`UEp<T`bqm<qwnbfTVc_C*Zl`*YE`_@JJnQriI>5dv

diff --git a/backend/app/api/v1/routes_auth.py b/backend/app/api/v1/routes_auth.py
index a60b4a2..ce02087 100644
--- a/backend/app/api/v1/routes_auth.py
+++ b/backend/app/api/v1/routes_auth.py
@@ -87,21 +87,29 @@ async def refresh_token(
     db: AsyncIOMotorDatabase = Depends(get_database),
 ):
     refresh_token = request.cookies.get("refresh_token")
+    print(f"🔍 REFRESH DEBUG: Cookie exists: {bool(refresh_token)}")
+
     if not refresh_token:
+        print("🚨 REFRESH ERROR: No refresh token in cookies")
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="Refresh token not found",
         )
 
     try:
+        print(f"🔍 REFRESH DEBUG: Attempting to decode token...")
         payload = decode_token(refresh_token)
+        print(f"🔍 REFRESH DEBUG: Token decoded successfully, type={payload.get('type')}")
+
         if payload.get("type") != "refresh":
+            print(f"🚨 REFRESH ERROR: Wrong token type: {payload.get('type')}")
             raise HTTPException(
                 status_code=status.HTTP_401_UNAUTHORIZED,
                 detail="Invalid token type",
             )
 
         user_id = payload.get("sub")
+        print(f"🔍 REFRESH DEBUG: User ID from token: {user_id}")
         if not user_id:
             raise HTTPException(
                 status_code=status.HTTP_401_UNAUTHORIZED,
@@ -138,16 +146,20 @@ async def refresh_token(
             max_age=settings.jwt_refresh_ttl_days * 24 * 60 * 60,
         )
 
+        print(f"🔍 REFRESH DEBUG: Refresh successful for user {user_id}")
         return RefreshResponse(
             access_token=new_access_token,
             user_id=user_id,
             role=user.role.value
         )
 
-    except Exception:
+    except Exception as e:
+        print(f"🚨 REFRESH ERROR: Exception during refresh: {type(e).__name__}: {e}")
+        import traceback
+        print(f"Traceback:\n{traceback.format_exc()}")
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Invalid refresh token",
+            detail=f"Invalid refresh token: {str(e)}",
         )