-- Fix admin@demo.com user by resetting security stamp and clearing any corrupted claims
-- Run this against the PowderCoatingDb database

-- Update security stamp (forces re-authentication)
UPDATE AspNetUsers
SET SecurityStamp = NEWID(),
    ConcurrencyStamp = NEWID()
WHERE Email = 'admin@demo.com';

-- Delete any potentially corrupted user claims
DELETE FROM AspNetUserClaims
WHERE UserId = (SELECT Id FROM AspNetUsers WHERE Email = 'admin@demo.com');

-- Verify the user record
SELECT
    Id,
    UserName,
    Email,
    CompanyId,
    CompanyRole,
    SecurityStamp,
    ConcurrencyStamp
FROM AspNetUsers
WHERE Email = 'admin@demo.com';

PRINT 'admin@demo.com user has been reset. Please log out and log back in.';