Issue: When entering wrong email/password, system says "verify your email" instead of "invalid credentials"
Root Cause: I was checking authError.status === 400 which catches ALL auth errors, not just email verification.
Fix Applied: ✅
- Now checks for specific error code:
email_not_confirmed - Only shows verification message for actual verification errors
- Wrong credentials → "Invalid email or password"
- Unverified email → "Please verify your email address"
Possible Causes:
Check your Supabase settings:
- Go to Supabase Dashboard
- Select your project:
neigvurbwjxznvxpjaky - Go to Authentication → Providers → Email
- Check these settings:
- ✅ Enable email confirmations should be ON
- ✅ Confirm email should be checked
⚠️ Enable email autoconfirm should be OFF (for production)
Fix:
Authentication → Providers → Email →
☑️ Enable email confirmations
☑️ Confirm email
☐ Enable email autoconfirm (leave unchecked for real verification)
Supabase needs to know where to redirect users after verification.
- Go to Authentication → Email Templates
- Find Confirm signup template
- Make sure it has the correct redirect URL:
{{ .ConfirmationURL }} - The default template should work, but verify it exists
Supabase free tier has limited email sending. Check:
- Authentication → Settings → SMTP Settings
- If using Supabase's default SMTP:
⚠️ Rate limited to 4 emails per hour⚠️ May go to spam⚠️ Not reliable for production
Solution for Production: Configure your own SMTP (Gmail, SendGrid, etc.):
SMTP Host: smtp.gmail.com
Port: 587
Sender Email: your-email@gmail.com
Sender Name: CleanMap
Check your spam folder! Supabase default emails often end up there.
Fix:
- Use custom SMTP with proper domain
- Add SPF, DKIM records
- Or use
autoconfirmfor development (not production!)
- Go to Supabase Dashboard
- Logs → Auth Logs
- Try to sign up a new user
- Look for email sending logs
What to look for:
- ✅ "Email sent to user@example.com" → Email system working, check spam
- ❌ No email logs → Email confirmations disabled
- ❌ "SMTP error" → SMTP not configured
When you try to login with unverified email, check the terminal for:
Error code: invalid_credentials ← Wrong credentials
Error code: email_not_confirmed ← Actually needs verificationNow it will show the correct error code!
- Open browser console (F12)
- Go to http://localhost:3001/auth/sign-up
- Sign up with a new email
- Check console for errors
- Check Supabase Auth logs
If you just want to test without email verification:
- Go to Supabase Dashboard
- Authentication → Providers → Email
- ☑️ Enable email autoconfirm
- Save
Warning: This auto-confirms all emails without verification. DO NOT USE IN PRODUCTION!
- ✅ Enable email confirmations
- ✅ Configure custom SMTP (not Supabase default)
- ✅ Add proper email templates
- ✅ Set up SPF/DKIM records
- ✅ Test with real email addresses
Email: test@example.com
Password: wrongpassword123
Expected: "Invalid email or password" ✅
NOT: "Please verify your email" ❌
1. Sign up new user
2. DON'T verify email
3. Try to login
Expected: "Please verify your email address" ✅
AND: "Resend Verification Email" button ✅
✅ Dev server: http://localhost:3001 (Note: Running on port 3001 because 3000 was in use)
- Test wrong credentials - Should say "Invalid email or password"
- Check Supabase email settings - Enable confirmations
- Check spam folder - Verification emails might be there
- Consider autoconfirm for dev - Only for development/testing!