Auth Integration & Email Verification Overhaul
Platform authentication is now the single source of truth for email verification. The auth gate, OTP verification, and all role layouts are now driven by authentication state, removing the dependency on profile-level verification flags.
Platform authentication as the primary source for email verification state, replacing the previous profile-based verification flag.
Platform-aware auth redirect URL handling.
Server-side OTP verification — authentication required, limited to contact and KYC flows only.
Database sync: new accounts automatically create and update the linked user profile.
Authentication state now explicitly tracks verification status for email and phone.
New error states for unconfirmed email and verification service unavailability.
Merchant logout actions in desktop and mobile settings.
Signup now routes to the email verification screen instead of the OTP verification screen.
Authentication gate now uses platform auth verification only — no longer depends on the profile-level verification flag.
Email verification screen is now a public route accessible without an active session.
OTP verification endpoint hardened: authentication-protected, contact/KYC-only, no longer writes auth-level verification flags.
OTP verification records hardened with authenticated access policies.
Logout navigation centralised — logout routes directly to the login page.
Removed hardcoded fallback credentials from the database client configuration.
Fixed a session error on public verification pages.
Fixed logout bouncing back into role dashboards due to nested layout redirects.
Backfilled user profile records for all existing accounts.
Resolved verification state mismatches between authentication and user profile records.
Removed email OTP dependence from the primary auth flow.
Removed profile-based auth gating from the root layout.