feat: introduce invites and allow for inviting new users without creating an account for them

core/.prettierignore

@@ -1 +1,2 @@
-app/c/\[communitySlug\]/developers/docs/stoplight.styles.css
+app/c/\[communitySlug\]/developers/docs/stoplight.styles.css
+vitest-bench.local.json

core/actions/_lib/runActionInstance.ts

@@ -180,6 +180,7 @@ const _runActionInstance = async (
 			communityId: pub.communityId as CommunitiesId,
 			lastModifiedBy,
 			actionRunId: args.actionRunId,
+			userId: isActionUserInitiated ? args.userId : undefined,
 		});
 
 		if (isClientExceptionOptions(result)) {

core/actions/email/run.ts

@@ -1,7 +1,5 @@
 "use server";
 
-import { jsonObjectFrom } from "kysely/helpers/postgres";
-
 import type { CommunityMembershipsId } from "db/public";
 import { logger } from "logger";
 import { assert, expect } from "utils";
@@ -11,95 +9,109 @@ import type { RenderWithPubContext } from "~/lib/server/render/pub/renderWithPub
 import { db } from "~/kysely/database";
 import { getCommunitySlug } from "~/lib/server/cache/getCommunitySlug";
 import * as Email from "~/lib/server/email";
+import { maybeWithTrx } from "~/lib/server/maybeWithTrx";
+import { coalesceMemberships, selectCommunityMemberships } from "~/lib/server/member";
 import { renderMarkdownWithPub } from "~/lib/server/render/pub/renderMarkdownWithPub";
 import { isClientException } from "~/lib/serverActions";
 import { defineRun } from "../types";
 
-export const run = defineRun<typeof action>(async ({ pub, config, args, communityId }) => {
-	try {
-		const communitySlug = await getCommunitySlug();
-		const recipientEmail = args?.recipientEmail ?? config.recipientEmail;
-		const recipientMemberId = (args?.recipientMember ?? config.recipientMember) as
-			| CommunityMembershipsId
-			| undefined;
+export const run = defineRun<typeof action>(
+	async ({ pub, config, args, communityId, actionRunId, userId }) => {
+		try {
+			const result = await maybeWithTrx(db, async (trx) => {
+				const communitySlug = await getCommunitySlug();
+				const recipientEmail = args?.recipientEmail ?? config.recipientEmail;
+				const recipientMemberId = (args?.recipientMember ?? config.recipientMember) as
+					| CommunityMembershipsId
+					| undefined;
 
-		assert(
-			recipientEmail !== undefined || recipientMemberId !== undefined,
-			"No email recipient was specified"
-		);
+				assert(
+					recipientEmail !== undefined || recipientMemberId !== undefined,
+					"No recipient was specified for email"
+				);
 
-		let recipient: RenderWithPubContext["recipient"] | undefined;
+				let recipient: RenderWithPubContext["recipient"] | undefined;
 
-		if (recipientMemberId !== undefined) {
-			recipient = await db
-				.selectFrom("community_memberships")
-				.select((eb) => [
-					"community_memberships.id",
-					jsonObjectFrom(
-						eb
-							.selectFrom("users")
-							.whereRef("users.id", "=", "community_memberships.userId")
-							.selectAll("users")
-					)
-						.$notNull()
-						.as("user"),
-				])
-				.where("id", "=", recipientMemberId)
-				.executeTakeFirstOrThrow(
-					() => new Error(`Could not find member with ID ${recipientMemberId}`)
-				);
-		}
+				if (recipientMemberId !== undefined) {
+					const memberships = await selectCommunityMemberships({
+						id: recipientMemberId,
+					}).execute();
+					if (!memberships.length) {
+						throw new Error(`Could not find member with ID ${recipientMemberId}`);
+					}
 
-		const renderMarkdownWithPubContext = {
-			communityId,
-			communitySlug,
-			recipient,
-			pub,
-		} as RenderWithPubContext;
+					const membership = coalesceMemberships(memberships);
 
-		const html = await renderMarkdownWithPub(
-			args?.body ?? config.body,
-			renderMarkdownWithPubContext
-		);
-		const subject = await renderMarkdownWithPub(
-			args?.subject ?? config.subject,
-			renderMarkdownWithPubContext,
-			true
-		);
+					recipient = {
+						id: membership.id,
+						user: membership.user,
+					};
+				} else if (recipientEmail !== undefined) {
+					recipient = {
+						email: recipientEmail,
+					};
+				} else {
+					throw new Error("No recipient was specified");
+				}
 
-		const result = await Email.generic({
-			to: expect(recipient?.user.email ?? recipientEmail),
-			subject,
-			html,
-		}).send();
+				const renderMarkdownWithPubContext = {
+					communityId,
+					communitySlug,
+					recipient,
+					pub,
+					inviter: {
+						userId,
+						actionRunId,
+					},
+					trx,
+				} as RenderWithPubContext;
 
-		if (isClientException(result)) {
-			logger.error({
-				msg: "An error occurred while sending an email",
-				error: result.error,
-				pub,
-				config,
-				args,
-				renderMarkdownWithPubContext,
-			});
-		} else {
-			logger.info({
-				msg: "Successfully sent email",
-				pub,
-				config,
-				args,
-				renderMarkdownWithPubContext,
-			});
-		}
+				const html = await renderMarkdownWithPub(
+					args?.body ?? config.body,
+					renderMarkdownWithPubContext
+				);
+				const subject = await renderMarkdownWithPub(
+					args?.subject ?? config.subject,
+					renderMarkdownWithPubContext,
+					true
+				);
+
+				const result = await Email.generic({
+					to: expect(recipient.email ?? recipient.user.email),
+					subject,
+					html,
+				}).send();
 
-		return result;
-	} catch (error) {
-		logger.error({ msg: "Failed to send email", error });
+				if (isClientException(result)) {
+					logger.error({
+						msg: "An error occurred while sending an email",
+						error: result.error,
+						pub,
+						config,
+						args,
+						renderMarkdownWithPubContext,
+					});
+				} else {
+					logger.info({
+						msg: "Successfully sent email",
+						pub,
+						config,
+						args,
+						renderMarkdownWithPubContext,
+					});
+				}
 
-		return {
-			title: "Failed to Send Email",
-			error: error.message,
-			cause: error,
-		};
+				return result;
+			});
+			return result;
+		} catch (error) {
+			logger.error({ msg: "Failed to send email", error });
+
+			return {
+				title: "Failed to Send Email",
+				error: error.message,
+				cause: error,
+			};
+		}
 	}
-});
+);

core/actions/types.ts

@@ -7,6 +7,7 @@ import type {
 	ActionRunsId,
 	CommunitiesId,
 	StagesId,
+	UsersId,
 } from "db/public";
 import type { LastModifiedBy } from "db/types";
 import type { Dependency, FieldConfig, FieldConfigItem } from "ui/auto-form";
@@ -47,6 +48,10 @@ export type RunProps<T extends Action> =
 				 */
 				lastModifiedBy: LastModifiedBy;
 				actionRunId: ActionRunsId;
+				/**
+				 * The user ID of the user who initiated the action, if any
+				 */
+				userId?: UsersId;
 			}
 		: never;
 

core/app/(user)/login/page.tsx

@@ -3,14 +3,17 @@ import { redirect } from "next/navigation";
 
 import { LAST_VISITED_COOKIE } from "~/app/components/LastVisitedCommunity/constants";
 import { getLoginData } from "~/lib/authentication/loginData";
+import { Notice } from "../../components/Notice";
 import LoginForm from "./LoginForm";
 
 export default async function Login({
 	searchParams,
 }: {
-	searchParams: {
+	searchParams: Promise<{
 		error?: string;
-	};
+		notice?: string;
+		body?: string;
+	}>;
 }) {
 	const { user } = await getLoginData();
 
@@ -27,9 +30,13 @@ export default async function Login({
 		redirect("/settings");
 	}
 
+	const { notice, error, body } = await searchParams;
+
 	return (
 		<div className="mx-auto max-w-sm">
 			<LoginForm />
+			{notice && <Notice type="notice" title={notice} body={body} />}
+			{error && <Notice type="error" title={error} body={body} />}
 			{/* <div className="text-gray-600 text-center mt-6">
 				Don't have an account?{" "}
 				<Link

core/app/(user)/magic-link/route.ts

@@ -9,6 +9,7 @@ import { logger } from "logger";
 import { db } from "~/kysely/database";
 import { lucia } from "~/lib/authentication/lucia";
 import { createRedirectUrl } from "~/lib/redirect";
+import { redirectToLogin } from "~/lib/server/navigation/redirects";
 import { InvalidTokenError, TokenFailureReason, validateToken } from "~/lib/server/token";
 
 const redirectToURL = (
@@ -53,15 +54,7 @@ const handleInvalidToken = ({
 	return redirectToURL(`/invalid-token?redirectTo=${encodeURIComponent(redirectTo)}`);
 };
 
-export async function GET(req: NextRequest) {
-	const searchParams = req.nextUrl.searchParams;
-	const token = searchParams.get("token");
-	const redirectTo = searchParams.get("redirectTo");
-
-	if (!token || !redirectTo) {
-		return NextResponse.redirect(new URL("/login", req.url));
-	}
-
+const handleTokenFlow = async (token: string, redirectTo: string, req: NextRequest) => {
 	const validatedTokenPromise = validateToken(token);
 
 	const currentSessionCookie = (await cookies()).get(lucia.sessionCookieName)?.value;
@@ -77,21 +70,22 @@ export async function GET(req: NextRequest) {
 
 	if (tokenSettled.status === "rejected") {
 		logger.debug({ msg: "Token validation failed", reason: tokenSettled.reason });
-		if (!(tokenSettled.reason instanceof InvalidTokenError)) {
-			logger.error({
-				msg: `Token validation unexpectedly failed with reason: ${tokenSettled.reason}`,
-				reason: tokenSettled.reason,
-			});
 
-			throw tokenSettled.reason;
+		if (tokenSettled.reason instanceof InvalidTokenError) {
+			return handleInvalidToken({
+				redirectTo,
+				tokenType: tokenSettled.reason.tokenType,
+				reason: tokenSettled.reason.reason,
+				token,
+			});
 		}
 
-		return handleInvalidToken({
-			redirectTo,
-			tokenType: tokenSettled.reason.tokenType,
-			reason: tokenSettled.reason.reason,
-			token,
+		logger.error({
+			msg: `Token validation unexpectedly failed with reason: ${tokenSettled.reason}`,
+			reason: tokenSettled.reason,
 		});
+
+		throw tokenSettled.reason;
 	}
 
 	const currentSession =
@@ -127,4 +121,43 @@ export async function GET(req: NextRequest) {
 	});
 
 	return redirectToURL(redirectTo, req);
+};
+
+export async function GET(req: NextRequest) {
+	const searchParams = req.nextUrl.searchParams;
+	const token = searchParams.get("token");
+	const redirectTo = searchParams.get("redirectTo");
+
+	if (!redirectTo) {
+		logger.error({
+			msg: "Magic link did not contain a redirectTo",
+			url: req.nextUrl,
+			cookies: req.cookies.getAll(),
+		});
+		return redirectToLogin({
+			loginNotice: {
+				type: "error",
+				title: "Your magic link is invalid",
+			},
+		});
+	}
+
+	if (token) {
+		return handleTokenFlow(token, redirectTo, req);
+	}
+
+	logger.error({
+		msg: "Magic link did not contain a token",
+		url: req.nextUrl,
+		cookies: req.cookies.getAll(),
+	});
+
+	return redirectToLogin({
+		loginNotice: {
+			type: "error",
+			title: "Your magic link is invalid",
+			// maybe to expressive to users
+			body: "You magic link did not contain a magic link token.",
+		},
+	});
 }