Added animations and an official onboarding process for new users.

backend/routes/auth.py

@@ -5,10 +5,11 @@
 Restricts sign-in to @bu.edu email accounts only.
 """
 
+import hashlib
 import json
 import base64
-import hashlib
 import secrets
+import traceback
 from urllib.parse import urlencode
 
 from fastapi import APIRouter, HTTPException, Query
@@ -47,25 +48,29 @@ def _google_client_config() -> dict:
     }
 
 
+def _generate_pkce_pair():
+    code_verifier = base64.urlsafe_b64encode(secrets.token_bytes(32)).rstrip(b"=").decode()
+    code_challenge = base64.urlsafe_b64encode(
+        hashlib.sha256(code_verifier.encode()).digest()
+    ).rstrip(b"=").decode()
+    return code_verifier, code_challenge
+
+
 def _encode_state(data: dict) -> str:
-    payload = json.dumps(data)
-    return base64.urlsafe_b64encode(payload.encode()).decode()
+    return base64.urlsafe_b64encode(json.dumps(data).encode()).decode()
 
 
 def _decode_state(state: str) -> dict:
     try:
-        payload = base64.urlsafe_b64decode(state.encode()).decode()
-        return json.loads(payload)
+        return json.loads(base64.urlsafe_b64decode(state.encode()).decode())
     except Exception:
         return {}
 
 
-def _generate_pkce_pair():
-    code_verifier = base64.urlsafe_b64encode(secrets.token_bytes(32)).rstrip(b'=').decode()
-    code_challenge = base64.urlsafe_b64encode(
-        hashlib.sha256(code_verifier.encode()).digest()
-    ).rstrip(b'=').decode()
-    return code_verifier, code_challenge
+def _email_log_value(email: str) -> str:
+    if "@" in email:
+        return email.split("@")[-1]
+    return "unknown"
 
 
 @router.get("/google")
@@ -80,7 +85,7 @@ def google_login():
     auth_url, _ = flow.authorization_url(
         prompt="consent",
         access_type="offline",
-        state=_encode_state({"action": "signin", "cv": code_verifier}),
+        state=_encode_state({"cv": code_verifier}),
         code_challenge=code_challenge,
         code_challenge_method="S256",
     )
@@ -89,83 +94,102 @@ def google_login():
 
 @router.get("/google/callback")
 def google_callback(code: str = Query(...), state: str = Query(None)):
-    """Exchange auth code for tokens, validate @bu.edu, upsert user."""
+    """Exchange auth code for tokens, validate .edu email, upsert user."""
     if not GOOGLE_AVAILABLE:
-        return RedirectResponse(f"{FRONTEND_URL}/signin?error=google_not_configured")
+        return RedirectResponse(f"{FRONTEND_URL}/?error=google_not_configured")
 
-    state_data = _decode_state(state) if state else {}
-    code_verifier = state_data.get("cv")
-
-    flow = Flow.from_client_config(_google_client_config(), scopes=AUTH_SCOPES)
-    flow.redirect_uri = GOOGLE_AUTH_REDIRECT_URI
-    flow.fetch_token(code=code, code_verifier=code_verifier)
-    creds = flow.credentials
-
-    # Fetch user info from Google
-    service = build("oauth2", "v2", credentials=creds)
-    user_info = service.userinfo().get().execute()
-
-    email = user_info.get("email", "")
-    google_id = user_info.get("id", "")
-    name = user_info.get("name", "")
-    avatar_url = user_info.get("picture", "")
-
-    # Restrict to @bu.edu accounts
-    if not email.endswith("@bu.edu"):
-        return RedirectResponse(
-            f"{FRONTEND_URL}/signin?error=invalid_domain"
-        )
-
-    # Determine user_id: check if this Google ID already exists
-    existing = table("users").select("id", filters={"google_id": f"eq.{google_id}"})
-    if existing:
-        user_id = existing[0]["id"]
-        # Update name/avatar in case they changed
-        table("users").update(
-            {"name": name, "avatar_url": avatar_url, "email": email},
-            filters={"id": f"eq.{user_id}"},
-        )
-    else:
-        # Check if a user with this email exists (migration from old system)
-        email_match = table("users").select("id", filters={"email": f"eq.{email}"})
-        if email_match:
-            user_id = email_match[0]["id"]
+    try:
+        print("[auth] step 1: fetching token")
+        code_verifier = _decode_state(state).get("cv") if state else None
+        print(f"[auth] code_verifier present: {bool(code_verifier)}")
+        flow = Flow.from_client_config(_google_client_config(), scopes=AUTH_SCOPES)
+        flow.redirect_uri = GOOGLE_AUTH_REDIRECT_URI
+        flow.fetch_token(code=code, code_verifier=code_verifier)
+        creds = flow.credentials
+        print("[auth] step 2: token fetched OK")
+
+        # Fetch user info from Google
+        service = build("oauth2", "v2", credentials=creds)
+        user_info = service.userinfo().get().execute()
+
+        email = user_info.get("email", "")
+        email_log_value = _email_log_value(email)
+        print(f"[auth] step 3: user_info email_domain={email_log_value}")
+        google_id = user_info.get("id", "")
+        name = user_info.get("name", "")
+        avatar_url = user_info.get("picture", "")
+
+        # Restrict to .edu accounts
+        if not email.endswith(".edu"):
+            print(f"[auth] rejected: not .edu (email_domain={email_log_value})")
+            return RedirectResponse(f"{FRONTEND_URL}/?error=invalid_domain")
+
+        is_new_user = False
+
+        # Determine user_id: check if this Google ID already exists
+        print("[auth] step 4: checking DB")
+        computed_id = f"user_{google_id}"
+        existing = table("users").select("id", filters={"google_id": f"eq.{google_id}"})
+        if existing:
+            user_id = existing[0]["id"]
+            print(f"[auth] existing user (google_id match): {user_id}")
             table("users").update(
-                {
-                    "google_id": google_id,
-                    "name": name,
-                    "avatar_url": avatar_url,
-                    "auth_provider": "google",
-                },
+                {"name": name, "avatar_url": avatar_url, "email": email},
                 filters={"id": f"eq.{user_id}"},
             )
         else:
-            # Create new user
-            user_id = f"user_{google_id}"
-            table("users").insert({
-                "id": user_id,
-                "name": name,
-                "email": email,
-                "google_id": google_id,
-                "avatar_url": avatar_url,
-                "auth_provider": "google",
-            })
-
-    # Store OAuth tokens (calendar access included)
-    table("oauth_tokens").upsert(
-        {
-            "user_id": user_id,
-            "access_token": creds.token,
-            "refresh_token": creds.refresh_token or "",
-            "expires_at": creds.expiry.isoformat() if creds.expiry else "",
-        },
-        on_conflict="user_id",
-    )
+            email_match = table("users").select("id", filters={"email": f"eq.{email}"})
+            if email_match:
+                user_id = email_match[0]["id"]
+                print(f"[auth] existing user (email match): {user_id}")
+                table("users").update(
+                    {"google_id": google_id, "name": name, "avatar_url": avatar_url, "auth_provider": "google"},
+                    filters={"id": f"eq.{user_id}"},
+                )
+            else:
+                id_match = table("users").select("id", filters={"id": f"eq.{computed_id}"})
+                if id_match:
+                    # Partially created in a previous failed auth — treat as existing
+                    user_id = id_match[0]["id"]
+                    print(f"[auth] existing user (id match, partial prev insert): {user_id}")
+                    table("users").update(
+                        {"google_id": google_id, "name": name, "avatar_url": avatar_url, "email": email, "auth_provider": "google"},
+                        filters={"id": f"eq.{user_id}"},
+                    )
+                else:
+                    is_new_user = True
+                    user_id = computed_id
+                    print(f"[auth] creating new user: {user_id}")
+                    table("users").insert({
+                        "id": user_id,
+                        "name": name,
+                        "email": email,
+                        "google_id": google_id,
+                        "avatar_url": avatar_url,
+                        "auth_provider": "google",
+                    })
+
+        print("[auth] step 5: upserting tokens")
+        table("oauth_tokens").upsert(
+            {
+                "user_id": user_id,
+                "access_token": creds.token,
+                "refresh_token": creds.refresh_token or "",
+                "expires_at": creds.expiry.isoformat() if creds.expiry else "",
+            },
+            on_conflict="user_id",
+        )
 
-    # Redirect to frontend with user info
-    params = urlencode({
-        "user_id": user_id,
-        "name": name,
-        "avatar": avatar_url,
-    })
-    return RedirectResponse(f"{FRONTEND_URL}/signin/callback?{params}")
+        print(f"[auth] step 6: done, is_new={is_new_user}, redirecting")
+        params = urlencode({
+            "user_id": user_id,
+            "name": name,
+            "avatar": avatar_url,
+            "is_new": "true" if is_new_user else "false",
+        })
+        return RedirectResponse(f"{FRONTEND_URL}/signin/callback?{params}")
+
+    except Exception as e:
+        traceback.print_exc()
+        print(f"[auth] FAILED at step above: {e}")
+        return RedirectResponse(f"{FRONTEND_URL}/?error=auth_failed")

backend/routes/calendar.py

@@ -6,6 +6,7 @@
 """
 
 import json
+import logging
 from datetime import datetime, timezone, timedelta
 
 from fastapi import APIRouter, File, Form, HTTPException, Query, UploadFile
@@ -29,6 +30,7 @@
     GOOGLE_AVAILABLE = False
 
 router = APIRouter()
+logger = logging.getLogger(__name__)
 
 
 # ── Helpers ───────────────────────────────────────────────────────────────────
@@ -115,13 +117,21 @@ def save_assignments(body: SaveAssignmentsBody):
 @router.get("/upcoming/{user_id}")
 def get_upcoming(user_id: str):
     today = datetime.utcnow().strftime("%Y-%m-%d")
-    rows = table("assignments").select(
-        "*",
-        filters={"user_id": f"eq.{user_id}", "due_date": f"gte.{today}"},
-        order="due_date.asc",
-        limit=20,
-    )
-    return {"assignments": rows}
+    try:
+        rows = table("assignments").select(
+            "*",
+            filters={"user_id": f"eq.{user_id}", "due_date": f"gte.{today}"},
+            order="due_date.asc",
+            limit=20,
+        )
+        return {"assignments": rows or []}
+    except Exception:
+        logger.exception(
+            "Failed to fetch upcoming assignments for user_id=%s today=%s",
+            user_id,
+            today,
+        )
+        return {"assignments": []}
 
 
 @router.post("/suggest-study-blocks")

backend/routes/graph.py

@@ -1,4 +1,6 @@
-from fastapi import APIRouter
+import logging
+
+from fastapi import APIRouter, HTTPException
 from pydantic import BaseModel
 from typing import Optional
 
@@ -8,16 +10,25 @@
 )
 
 router = APIRouter()
+logger = logging.getLogger(__name__)
 
 
 @router.get("/{user_id}")
 def get_user_graph(user_id: str):
-    return get_graph(user_id)
+    try:
+        return get_graph(user_id)
+    except Exception as e:
+        logger.exception("get_graph failed for user_id=%s", user_id)
+        raise HTTPException(status_code=500, detail=str(e) or "Failed to fetch graph")
 
 
 @router.get("/{user_id}/recommendations")
 def get_user_recommendations(user_id: str):
-    return {"recommendations": get_recommendations(user_id)}
+    try:
+        return {"recommendations": get_recommendations(user_id)}
+    except Exception as e:
+        logger.exception("get_recommendations failed for user_id=%s", user_id)
+        raise HTTPException(status_code=500, detail=str(e) or "Failed to fetch recommendations")
 
 
 # ── Course endpoints ──────────────────────────────────────────────────────────

backend/tests/test_calendar_routes.py

@@ -137,6 +137,14 @@ def test_returns_empty_list_when_none(self):
         assert r.status_code == 200
         assert r.json()["assignments"] == []
 
+    def test_returns_empty_on_db_failure(self):
+        with patch("routes.calendar.table") as t:
+            t.return_value.select.side_effect = Exception("DB connection error")
+            r = client.get("/api/calendar/upcoming/user_andres")
+
+        assert r.status_code == 200
+        assert r.json() == {"assignments": []}
+
 
 # ── POST /api/calendar/suggest-study-blocks ───────────────────────────────────
 

backend/tests/test_graph_routes.py

@@ -0,0 +1,27 @@
+"""
+Unit tests for routes/graph.py
+"""
+
+from unittest.mock import patch
+
+from fastapi.testclient import TestClient
+
+from main import app
+
+client = TestClient(app)
+
+
+class TestGraphRoutes:
+    def test_get_user_graph_returns_500_on_failure(self):
+        with patch("routes.graph.get_graph", side_effect=Exception("graph failed")):
+            r = client.get("/api/graph/user_andres")
+
+        assert r.status_code == 500
+        assert r.json() == {"detail": "graph failed"}
+
+    def test_get_user_recommendations_returns_500_on_failure(self):
+        with patch("routes.graph.get_recommendations", side_effect=Exception("recommendations failed")):
+            r = client.get("/api/graph/user_andres/recommendations")
+
+        assert r.status_code == 500
+        assert r.json() == {"detail": "recommendations failed"}

frontend/src/app/api/auth/google/callback/route.ts

@@ -0,0 +1,10 @@
+export const dynamic = 'force-static';
+
+export async function GET() {
+  return new Response('Static export build: Google auth callback is handled by the backend redirect.', {
+    status: 410,
+    headers: {
+      'Content-Type': 'text/plain; charset=utf-8',
+    },
+  });
+}

frontend/src/app/api/auth/google/route.ts

@@ -0,0 +1,10 @@
+export const dynamic = 'force-static';
+
+export async function GET() {
+  return new Response('Static export build: use the frontend Google sign-in button instead.', {
+    status: 410,
+    headers: {
+      'Content-Type': 'text/plain; charset=utf-8',
+    },
+  });
+}