few more debugs for temp users

map/app/middleware/rateLimiter.js

@@ -40,15 +40,19 @@ const authLimiter = rateLimit({
     skipSuccessfulRequests: true
 });
 
-// Temp user rate limiter - much stricter limits
+// Temp user rate limiter - stricter but allows for auto-refresh
 const tempUserLimiter = rateLimit({
     windowMs: 15 * 60 * 1000, // 15 minutes
-    max: 10, // Much lower limit for temp users
+    max: 50, // Allow more requests to accommodate auto-refresh (every 30 seconds = ~30 requests per 15 min)
     keyGenerator,
     standardHeaders: true,
     legacyHeaders: false,
     trustProxy: true,
-    message: 'Too many requests for temporary account. Please contact an administrator for full access.'
+    message: JSON.stringify({
+        success: false,
+        error: 'Rate limit exceeded for temporary account. Please contact an administrator for full access.',
+        isRateLimit: true
+    })
 });
 
 // Conditional rate limiter that applies stricter limits to temp users

map/app/public/js/location-manager.js

@@ -32,6 +32,23 @@ export async function loadLocations() {
         showStatus('Loading locations...', 'info');
         
         const response = await fetch('/api/locations');
+        
+        // Handle rate limit responses
+        if (response.status === 429) {
+            let errorMessage = 'Too many requests. Please wait a moment.';
+            try {
+                const errorData = await response.json();
+                if (errorData.error) {
+                    errorMessage = errorData.error;
+                }
+            } catch (e) {
+                // If we can't parse the JSON, use the default message
+            }
+            console.warn('Rate limited:', errorMessage);
+            showStatus(errorMessage, 'warning');
+            return; // Don't throw an error, just return
+        }
+        
         const data = await response.json();
         
         if (!data.success) {
@@ -368,11 +385,6 @@ export function openEditForm(location) {
     // Extract ID - check multiple possible field names
     const locationId = location.Id || location.id || location.ID || location._id;
     
-    // Add debugging for temp users
-    console.log('Opening edit form for location:', location);
-    console.log('Extracted ID:', locationId);
-    console.log('Available keys:', Object.keys(location));
-    
     if (!locationId) {
         console.error('No ID found in location object. Available fields:', Object.keys(location));
         showStatus('Error: Location ID not found. Check console for details.', 'error');

map/app/public/js/main.js

@@ -55,9 +55,28 @@ document.addEventListener('DOMContentLoaded', async () => {
 });
 
 function setupAutoRefresh() {
-    refreshInterval = setInterval(() => {
+    // Import currentUser to check user type
-        loadLocations();
+    import('./auth.js').then(authModule => {
-    }, CONFIG.REFRESH_INTERVAL);
+        const { currentUser } = authModule;
+        
+        // Use longer interval for temp users to avoid rate limiting
+        const refreshInterval_ms = currentUser?.userType === 'temp' ? 
+            120000 : // 2 minutes for temp users
+            CONFIG.REFRESH_INTERVAL; // 30 seconds for regular users
+        
+        refreshInterval = setInterval(() => {
+            loadLocations();
+        }, refreshInterval_ms);
+        
+        if (currentUser?.userType === 'temp') {
+            console.log('Auto-refresh set to 2 minutes for temporary account');
+        }
+    }).catch(error => {
+        // Fallback to default interval if auth module fails to load
+        refreshInterval = setInterval(() => {
+            loadLocations();
+        }, CONFIG.REFRESH_INTERVAL);
+    });
 }
 
 // Clean up on page unload