fix: pass email and phone to verify page on login so SMS auto-sends

The login page redirected to /auth/verify without email/phone params,
so the verify page never auto-sent the SMS verification code. Now the
login API returns the phone from user_profiles and the login page passes
both email and phone as URL params to the verify page.

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>

Author: ralyodio

src/app/api/auth/login/route.ts

@@ -16,11 +16,11 @@ export async function POST(req: NextRequest) {
       return NextResponse.json({ error: error.message }, { status: 401 });
     }
 
-    // Fetch profile for verification status
+    // Fetch profile for verification status and phone number
     const admin = getSupabaseAdmin();
     const { data: profile } = await admin
       .from("user_profiles")
-      .select("email_verified, phone_verified")
+      .select("email_verified, phone_verified, phone")
       .eq("id", data.user.id)
       .single();
 
@@ -31,6 +31,7 @@ export async function POST(req: NextRequest) {
         email: profile?.email_verified ?? false,
         phone: profile?.phone_verified ?? false,
       },
+      phone: profile?.phone ?? null,
     });
   } catch (err) {
     console.error("Login error:", err);

src/app/auth/login/page.tsx

@@ -42,7 +42,10 @@ export default function LoginPage() {
 
       const verified = data.verified || {};
       if (!verified.email || !verified.phone) {
-        window.location.href = `/auth/verify?next=${encodeURIComponent(nextPath)}`;
+        const params = new URLSearchParams({ next: nextPath });
+        if (data.user?.email) params.set("email", data.user.email);
+        if (data.phone) params.set("phone", data.phone);
+        window.location.href = `/auth/verify?${params.toString()}`;
       } else {
         window.location.href = nextPath;
       }