Use auth.admin.listUsers with email filter and pagination fallback

cgen-21d59ae1f2c24144828cf2b095efc953

server/index.ts

@@ -125,18 +125,30 @@ export function createServer() {
     try {
       const targetEmail = String(email).trim().toLowerCase();
 
-      // Query auth.users directly with the service role
-      const { data: user, error } = await (adminSupabase as any)
-        .from("auth.users")
-        .select("id, email, email_confirmed_at, confirmed_at")
-        .eq("email", targetEmail)
-        .maybeSingle();
+      // Prefer GoTrue Admin listUsers; fall back to pagination if email filter unsupported
+      const admin = (adminSupabase as any)?.auth?.admin;
+      if (!admin) {
+        return res.status(500).json({ error: "Auth admin unavailable" });
+      }
 
-      if (error) {
-        console.error("[API] auth.users query error:", error);
-        return res
-          .status((error as any)?.status ?? 500)
-          .json({ error: (error as any)?.message || "Query failed" });
+      let user: any = null;
+      let listResp: any = null;
+      try {
+        listResp = await admin.listUsers({ page: 1, perPage: 200, email: targetEmail } as any);
+      } catch (e) {
+        listResp = null;
+      }
+
+      const initialUsers: any[] = (listResp?.data?.users as any[]) || [];
+      user = initialUsers.find((u: any) => String(u?.email || '').toLowerCase() === targetEmail) || null;
+
+      if (!user) {
+        // Pagination fallback (limited scan)
+        for (let page = 1; page <= 5 && !user; page++) {
+          const resp = await admin.listUsers({ page, perPage: 200 } as any).catch(() => null);
+          const users = (resp?.data?.users as any[]) || [];
+          user = users.find((u: any) => String(u?.email || '').toLowerCase() === targetEmail) || null;
+        }
       }
 
       if (!user) {