From 72430462f69bc29a8252a5778ad44ea0e339b927 Mon Sep 17 00:00:00 2001
From: donpat1to <patrick@inca-vikingo.de>
Date: Sat, 1 Nov 2025 15:17:09 +0100
Subject: [PATCH] fixed ipSecurityCheck

---
 backend/src/middleware/auth.ts        |  8 +-------
 frontend/src/contexts/AuthContext.tsx | 18 ++++++++++++++----
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/backend/src/middleware/auth.ts b/backend/src/middleware/auth.ts
index 082ba45..2fc076d 100644
--- a/backend/src/middleware/auth.ts
+++ b/backend/src/middleware/auth.ts
@@ -84,11 +84,5 @@ export const ipSecurityCheck = (req: AuthRequest, res: Response, next: NextFunct
     console.log(`🔐 Auth attempt from IP: ${clientIP}, Path: ${req.path}`);
   }
   
-  // Block known malicious IPs (you can expand this)
-  const blockedIPs = process.env.BLOCKED_IPS?.split(',') || [];
-  if (blockedIPs.includes(clientIP)) {
-    console.warn(`🚨 Blocked request from banned IP: ${clientIP}`);
-    res.status(403).json({ error: 'Access denied' });
-    return;
-  }
+  next();
 }
\ No newline at end of file
diff --git a/frontend/src/contexts/AuthContext.tsx b/frontend/src/contexts/AuthContext.tsx
index 163cc4b..cb1e727 100644
--- a/frontend/src/contexts/AuthContext.tsx
+++ b/frontend/src/contexts/AuthContext.tsx
@@ -49,12 +49,21 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
   const checkSetupStatus = async (): Promise<void> => {
     try {
       console.log('🔍 Checking setup status...');
-      const response = await fetch(`${API_BASE_URL}/setup/status`);
+      const startTime = Date.now();
+      
+      const response = await fetch(`${API_BASE_URL}/setup/status`, {
+        signal: AbortSignal.timeout(5000) // 5 second timeout
+      });
+      
+      console.log(`✅ Setup status response received in ${Date.now() - startTime}ms`);
+      
       if (!response.ok) {
+        console.error('❌ Setup status response not OK:', response.status, response.statusText);
         throw new Error('Setup status check failed');
       }
+      
       const data = await response.json();
-      console.log('✅ Setup status response:', data);
+      console.log('✅ Setup status response data:', data);
       setNeedsSetup(data.needsSetup === true);
     } catch (error) {
       console.error('❌ Error checking setup status:', error);
@@ -95,7 +104,6 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
     }
   };
 
-  // Add the updateUser function
   const updateUser = (userData: Employee) => {
     console.log('🔄 Updating user in auth context:', userData);
     setUser(userData);
@@ -161,6 +169,8 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
     initializeAuth();
   }, []);
 
+  const calculatedNeedsSetup = needsSetup === null ? true : needsSetup;
+
   const value: AuthContextType = {
     user,
     login,
@@ -168,7 +178,7 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
     hasRole,
     loading,
     refreshUser,
-    needsSetup: needsSetup === null ? true : needsSetup,
+    needsSetup: calculatedNeedsSetup,
     checkSetupStatus,
     updateUser,
   };