Michael Chihlas
39e85c9770
Adds the invitee-side flow for self-serve signup Phase 2 (Task 36):
Backend
- Public GET /accounts/invites/{code}/lookup returns
{account_name, inviter_name, invited_email, role} for a valid invite,
404 invite_invalid_or_expired_or_revoked otherwise (collapses unknown /
expired / revoked / used into one anti-enumeration response). Mounted
in a new account_invite_lookup endpoints module on the public route
list, uses get_admin_db (BYPASSRLS) since the caller has no tenant.
- OAuthCallbackPayload gains optional account_invite_code + invited_email.
_sign_in_or_register honors them: a new OAuth user with a valid invite
joins the invited account (no personal account, no Pro trial), the
invite is marked used, and OAuth-profile-email vs invite-email mismatch
raises invite_email_mismatch (matching the email+password register
contract).
Frontend
- New public route /accept-invite -> AcceptInvitePage. Reads ?code=,
calls inviteApi.lookupAccountInvite, renders "Join {account} on
ResolutionFlow" with the invited email locked (rendered as a div, not
an input), three sign-in options (set password, Google, Microsoft),
and a clear "ask {inviter} to resend" + mailto: fallback for invalid
codes.
- OAuth state for invitees is base64url(JSON({csrf, accountInviteCode,
invitedEmail})). OAuthCallbackPage decodes both shapes, forwards the
invite fields to the backend, and surfaces invite_email_mismatch /
invite_invalid_or_expired_or_revoked errors with friendly text.
Successful invite-OAuth lands on /?welcome=teammate (suppresses the
welcome wizard for invitees per spec).
- UserCreate type + invite/auth API clients extended for the new fields.
Tests
- Backend: invite lookup happy path + four invalid-state collapse, OAuth
callback links invite when supplied + rejects on email mismatch.
- Frontend Vitest: AcceptInvitePage renders account name + locked email
+ accept buttons; resend message + mailto on invalid code.
All 43 backend auth/account/invite/email-verification tests green;
frontend Vitest 120/120 green; tsc -b clean.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
33 lines
972 B
Python
33 lines
972 B
Python
from pydantic import BaseModel
|
|
|
|
|
|
class OAuthCallbackPayload(BaseModel):
|
|
code: str
|
|
state: str | None = None
|
|
# When the OAuth flow originated from /accept-invite, the frontend round-trips
|
|
# the invite code + invited email so the backend can link the new user to the
|
|
# invited account instead of creating a personal one.
|
|
account_invite_code: str | None = None
|
|
invited_email: str | None = None
|
|
|
|
|
|
class OAuthCallbackResponse(BaseModel):
|
|
access_token: str
|
|
refresh_token: str
|
|
token_type: str = "bearer"
|
|
is_new_user: bool
|
|
|
|
|
|
class InviteLookupResponse(BaseModel):
|
|
"""Public response surface for GET /accounts/invites/{code}/lookup.
|
|
|
|
Returns the minimum context needed for the AcceptInvitePage:
|
|
account name (so we can title the card), inviter name (for the resend
|
|
fallback message), invited email (locked into the form), and role.
|
|
"""
|
|
|
|
account_name: str
|
|
inviter_name: str
|
|
invited_email: str
|
|
role: str
|