panphora
DEBUG_GUIDE.md

Authentication & Cookie Debugging Guide

This guide will help you debug authentication and cookie issues with your Hyperclay-compatible self-updating page.

Quick Debug Setup

1. Enable Debug Logging

Set the DEBUG environment variable to true in your Val.town settings:

DEBUG=true

This will enable detailed server-side logging for all authentication flows.

2. Check Your Environment Variables

Verify these are set correctly:

ADMIN_EMAIL=your-actual-email@domain.com
DEBUG=true
APP_NAMESPACE=default (optional)

Step-by-Step Debugging Process

Step 1: Verify Environment Setup

  1. Check that ADMIN_EMAIL is set to your exact email address
  2. Enable DEBUG=true
  3. Save your val to apply the changes

Step 2: Test Authentication Flow

  1. Visit /auth/edit
  2. Enter your email (must match ADMIN_EMAIL exactly)
  3. Check Val.town logs for debug messages:
    • Look for "Auth email submission" log
    • Verify email matches admin email
    • Check for "Generated magic link token" log

Step 3: Check Email Delivery

  1. Check your email inbox (including spam folder)
  2. Look for email with subject "Sign in to your Hyperclay app"
  3. If no email received, check Val.town logs for email sending errors
  1. Click the magic link in your email
  2. Check Val.town logs for:
    • "Magic link verification attempt"
    • "Magic link token verification result"
    • "Creating session and redirecting"
  3. You should be redirected to the main page

Step 5: Verify Session Creation

After clicking the magic link, check:

  1. Browser cookies: Open DevTools → Application → Cookies
    • Look for session cookie (HttpOnly, so won't be visible in JS)
    • Look for isAdminOfCurrentResource=true cookie
    • Look for currentResource=app cookie

Step 6: Test Main Page Admin Status

  1. Visit the main page (/)
  2. Check Val.town logs for:
    • "Checking admin status"
    • "Session ID from cookie"
    • "Admin check result"
    • "Setting Hyperclay admin cookies" (if admin)

Step 7: Test Edit Functionality

  1. Try to edit content on the page
  2. Save changes (Ctrl+S)
  3. Check Val.town logs for:
    • "Save endpoint accessed"
    • "Admin status for save endpoint"
    • "Save request details"
    • "HTML saved successfully"

Common Issues & Solutions

Possible Causes:

  1. Session not created: Magic link didn't work properly
  2. Session expired: Check session expiry in logs
  3. Email mismatch: Your email doesn't match ADMIN_EMAIL
  4. Cookie header issues: Browser not sending session cookie

Debug Steps:

  1. Check logs for "User admin status for main page" - should show isUserAdmin: true
  2. Verify session cookie exists in browser
  3. Check "Admin check result" log for email comparison
  4. Try clearing all cookies and re-authenticating

Possible Causes:

  1. Token expired: Links expire after 15 minutes
  2. Token already used: Magic links are one-time use
  3. Email mismatch: Token was generated for different email

Debug Steps:

  1. Check "Magic link token verification result" log
  2. Look for "Auth token expired" or "Auth token invalid" messages
  3. Generate a new magic link if token expired

Issue: Can't save edits

Possible Causes:

  1. Not authenticated: Session invalid or expired
  2. Wrong cookies: Hyperclay cookies not set properly
  3. Network issues: Save requests not reaching server

Debug Steps:

  1. Check "Admin status for save endpoint" log
  2. Verify both session and Hyperclay cookies are present
  3. Check browser Network tab for failed requests to /save/app

Issue: Authentication works but edit mode not visible

Possible Causes:

  1. Hyperclay cookies missing: isAdminOfCurrentResource not set
  2. Hyperclay.js not loading: Check browser console for errors
  3. Cookie domain/path issues: Cookies not accessible to Hyperclay

Debug Steps:

  1. Check browser cookies for isAdminOfCurrentResource=true
  2. Open browser console and check for JavaScript errors
  3. Verify Hyperclay.js is loading from CDN

Browser Debugging Tools

Check Cookies

  1. Open DevTools (F12)
  2. Go to Application → Cookies → [your-domain]
  3. Look for:
    • session (HttpOnly - won't show value)
    • isAdminOfCurrentResource=true
    • currentResource=app

Check Network Requests

  1. Open DevTools → Network tab
  2. Try to save content (Ctrl+S)
  3. Look for POST request to /save/app
  4. Check request headers include cookies
  5. Verify response is 200 OK with {"msg":"Saved"}

Check Console Errors

  1. Open DevTools → Console
  2. Look for JavaScript errors
  3. Check if Hyperclay.js loaded successfully

Manual Testing Commands

Test Session Validation

Visit these URLs to test different states:

  • /auth/edit - Should show email form
  • /auth/view - Should clear session and redirect
  • /versions - Should show version history (admin only)
  • /save/app - Should return 401 if not authenticated

Use browser DevTools to:

  1. Delete all cookies
  2. Re-authenticate
  3. Verify cookies are set correctly
  4. Test edit functionality

Debug Log Examples

Successful Authentication Flow

[DEBUG] Auth email submission {"userEmail":"admin@example.com","adminEmail":"admin@example.com"}
[DEBUG] Generated magic link token {"token":"12345678...","userEmail":"admin@example.com"}
[DEBUG] Magic link sent {"userEmail":"admin@example.com","origin":"https://yourval.web.val.run"}
[DEBUG] Magic link verification attempt {"token":"12345678..."}
[DEBUG] Magic link token verification result {"email":"admin@example.com","adminEmail":"admin@example.com"}
[DEBUG] Creating session and redirecting {"sessionId":"87654321...","email":"admin@example.com","expires":"2024-02-15T10:30:00.000Z"}

Successful Main Page Load (Admin)

[DEBUG] Incoming request {"method":"GET","path":"/","hasAuth":true,"userAgent":"Mozilla/5.0..."}
[DEBUG] Serving main HTML document
[DEBUG] Checking admin status {"hasCookieHeader":true,"cookieHeader":"session=87654321..."}
[DEBUG] Session ID from cookie {"sessionId":"87654321..."}
[DEBUG] Verifying session {"sessionId":"87654321..."}
[DEBUG] Session data retrieved {"hasData":true,"email":"admin@example.com","expiry":"2024-02-15T10:30:00.000Z"}
[DEBUG] Admin check result {"email":"admin@example.com","adminEmail":"admin@example.com","isAdmin":true}
[DEBUG] User admin status for main page {"isUserAdmin":true}
[DEBUG] Setting Hyperclay admin cookies {"cookies":["currentResource=app; Path=/; Expires=...","isAdminOfCurrentResource=true; Path=/; Expires=..."],"expires":"2024-02-15T10:30:00.000Z"}

Failed Authentication (Wrong Email)

[DEBUG] Auth email submission {"userEmail":"wrong@example.com","adminEmail":"admin@example.com"}
[DEBUG] Invalid email for auth {"userEmail":"wrong@example.com","adminEmail":"admin@example.com"}

Advanced Debugging

Check Blob Storage

If you suspect storage issues, you can manually check what's stored:

  1. Look for keys like default_session_* and default_auth_token_*
  2. Check expiry timestamps in stored data
  3. Verify session data contains correct email

Test Different Browsers

Try authentication in:

  1. Incognito/private mode
  2. Different browsers
  3. Different devices

This helps identify browser-specific cookie issues.

Getting Help

If you're still having issues after following this guide:

  1. Share debug logs: Copy relevant debug log entries
  2. Describe the exact steps: What you did and what happened
  3. Check environment: Verify all environment variables are set correctly
  4. Browser details: Include browser type and version
  5. Network info: Any proxy, VPN, or network restrictions

The debug logs will show exactly where the authentication flow is failing, making it much easier to identify and fix the issue.