Stripe fix and email verification fix

server.py

@@ -455,7 +455,8 @@ async def verify_email(token: str, db: Session = Depends(get_db)):
         user.status = UserStatus.pending_approval
 
     user.email_verified = True
-    user.email_verification_token = None
+    # Don't clear token immediately - keeps endpoint idempotent for React StrictMode double-calls
+    # Token will be cleared on first successful login
 
     db.commit()
     db.refresh(user)
@@ -499,6 +500,11 @@ async def login(request: LoginRequest, db: Session = Depends(get_db)):
     
     access_token = create_access_token(data={"sub": str(user.id)})
 
+    # Clear verification token on first successful login after verification
+    if user.email_verified and user.email_verification_token:
+        user.email_verification_token = None
+        db.commit()
+
     return {
         "access_token": access_token,
         "token_type": "bearer",
@@ -509,6 +515,7 @@ async def login(request: LoginRequest, db: Session = Depends(get_db)):
             "last_name": user.last_name,
             "status": user.status.value,
             "role": user.role.value,
+            "email_verified": user.email_verified,
             "force_password_change": user.force_password_change
         }
     }