<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds a warning mechanism for incomplete Stripe payments setup by
checking if `charges_enabled` is true on the connected Stripe account.
The backend now retrieves and passes the `charges_enabled` status
through the purchase flow, and the frontend checkout form displays an
error message when payments are not fully enabled, preventing users from
attempting purchases on misconfigured accounts. Additionally, minor
cleanup was performed including removing unused test mode toggle state
management and fixing a description typo.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`apps/backend/src/app/api/latest/payments/purchases/verification-code-handler.tsx`
|
| 2 |
`apps/backend/src/app/api/latest/payments/purchases/create-purchase-url/route.ts`
|
| 3 |
`apps/backend/src/app/api/latest/payments/purchases/validate-code/route.ts`
|
| 4 | `apps/dashboard/src/components/payments/checkout.tsx` |
| 5 | `apps/dashboard/src/app/(main)/purchase/[code]/page-client.tsx` |
| 6 |
`apps/e2e/tests/backend/endpoints/api/v1/payments/validate-code.test.ts`
|
| 7 |
`apps/e2e/tests/backend/endpoints/api/v1/payments/before-offer-to-product-rename/outdated--validate-code.test.ts`
|
| 8 |
`apps/backend/src/app/api/latest/payments/purchases/purchase-session/route.tsx`
|
| 9 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/products/page-client-catalogs-view.tsx`
|
</details>
<details>
<summary>⚠️ Inconsistent Changes Detected</summary>
| File Path | Warning |
|-----------|---------|
|
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/products/page-client-catalogs-view.tsx`
| Removes error handling and loading state management for test mode
toggle, which seems unrelated to the charges_enabled warning feature |
|
`apps/backend/src/app/api/latest/payments/purchases/purchase-session/route.tsx`
| Changes description from 'Stripe price ID' to 'Stack auth price ID'
which is a documentation change unrelated to the charges_enabled warning
|
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Checkout interface now displays a "Payments not enabled" message with
guidance when charges are not enabled on the payment account.
* **Documentation**
* Clarified price ID field description in payment session documentation.
* **Tests**
* Updated payment validation endpoint test expectations to reflect new
response fields.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<img width="1920" height="965" alt="Screenshot 2025-10-16 at 7 22 51 PM"
src="https://github.com/user-attachments/assets/d6bed009-9a36-4c46-bf24-3a3dd29ef218"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR enhances the team invitation management in the dashboard by
replacing a server action with a client-side implementation that
displays pending team invitations in a redesigned dialog. The new dialog
shows current dashboard admin seat usage (active users plus pending
invitations versus the limit), lists all pending invitations with the
ability to revoke them, and provides an upgrade path when the team
reaches capacity. The implementation uses React Suspense for loading
states and moves invitation logic to the client using the admin app API.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`packages/template/src/lib/stack-app/apps/implementations/server-app-impl.ts`
|
| 2 |
`apps/dashboard/src/app/(main)/(protected)/(outside-dashboard)/projects/page.tsx`
|
| 3 |
`apps/dashboard/src/app/(main)/(protected)/(outside-dashboard)/projects/page-client.tsx`
|
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Team invitation now uses a modal dialog interface
* Added upgrade prompt when team reaches capacity limits
* **Bug Fixes**
* Fixed invitation list not updating after revocation
* **Improvements**
* Enhanced error handling with user-facing notifications for invitation
failures
* Improved form validation feedback during team member invitations
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<img width="1453" height="968" alt="Screenshot 2025-10-16 at 2 13 26 PM"
src="https://github.com/user-attachments/assets/bdcda780-ec3f-4595-beaf-fde4ddf8a59c"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR improves the payment UI by redesigning the incomplete Stripe
setup alert banner with a more visually appealing amber-themed warning,
and refines the product pricing interface by clarifying button labels
and cleaning up unused code. The setup banner now features better visual
hierarchy with icons, bullet points for missing capabilities, and a
prominent continue button, while the product card interface now displays
"Add Alternative Price" instead of just "Add Price" when prices already
exist.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/products/layout.tsx`
|
| 2 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/products/page-client-catalogs-view.tsx`
|
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> UI enhancements and logic improvements for payment setup and product
management in `layout.tsx` and `page-client-catalogs-view.tsx`.
>
> - **UI Enhancements**:
> - Updated incomplete Stripe setup alert in `layout.tsx` with improved
styling and clearer user guidance.
> - Enhanced product price management UI in
`page-client-catalogs-view.tsx`, including conditional button labels and
improved price handling logic.
> - **Logic Improvements**:
> - Introduced `hasExistingPrices` in `ProductCard` to simplify price
existence checks.
> - Removed unused `shouldUseDummyData` state in `PageClient`.
> - **Misc**:
> - Minor refactoring and cleanup in `page-client-catalogs-view.tsx` for
better readability and maintainability.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for d50c56de7d. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **UI Improvements**
* Enhanced incomplete payments alert with actionable guidance displayed
more prominently
* Improved price management interface with contextual button labels for
clearer user guidance
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR fixes payment test mode behavior by changing the default test
mode setting to `true` and refactoring the test mode bypass UI. The
bypass functionality is moved from a floating card in the purchase page
into the checkout form itself, providing a cleaner and more integrated
experience. Additionally, the database migration configuration is
updated to increase the `maxWait` timeout to handle concurrent migration
attempts more gracefully in high-contention scenarios like CI
environments.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/stack-shared/src/config/schema.ts` |
| 2 | `apps/dashboard/src/app/(main)/purchase/[code]/page-client.tsx` |
| 3 | `apps/dashboard/src/components/payments/checkout.tsx` |
| 4 | `apps/backend/src/auto-migrations/index.tsx` |
</details>
<details>
<summary>⚠️ Inconsistent Changes Detected</summary>
| File Path | Warning |
|-----------|---------|
| `apps/backend/src/auto-migrations/index.tsx` | Database migration
timeout configuration changes appear unrelated to payment test mode
fixes, which is the stated purpose of this PR |
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Sets payment test mode to default true, integrates test mode bypass
into checkout form, and updates migration timeout.
>
> - **Behavior**:
> - Default `testMode` set to `true` in `schema.ts`.
> - Integrates test mode bypass into `CheckoutForm` in `checkout.tsx`.
> - Removes separate bypass panel from `page-client.tsx`.
> - **Database**:
> - Increases `maxWait` timeout in `index.tsx` to handle concurrent
migration attempts.
> - **Tests**:
> - Updates tests in `backend-helpers.ts` and `validate-code.test.ts` to
reflect test mode behavior.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 6313c0bfed. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a test-mode checkout path with a “Complete test purchase” action
when test mode is active.
* **Refactor**
* Consolidated test-mode bypass into the checkout component and removed
the separate bypass UI.
* **Bug Fixes**
* Improved reliability of database migrations by extending the
transaction wait window, reducing timeout errors under load.
* **Chores**
* Payments now default to test mode enabled.
* **Tests**
* Updated tests and payload expectations to reflect test mode defaults
and behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<img width="1458" height="968" alt="Screenshot 2025-10-10 at 2 27 00 PM"
src="https://github.com/user-attachments/assets/ad2a4ecb-35b8-4b8b-a553-899ce0096d7a"
/>
(PAST)
<img width="1483" height="608" alt="Screenshot 2025-10-07 at 1 54 00 PM"
src="https://github.com/user-attachments/assets/abb854ba-fd9b-41de-a755-432262c8e1b2"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR improves the visibility and usability of the team member
invitation feature by replacing a small icon button with a more
prominent button labeled "Invite Teammate", reorganizing the team header
layout to better position the invite button, and making the invite
functionality more robust by fetching user and admin data asynchronously
instead of using hooks.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`apps/dashboard/src/app/(main)/(protected)/(outside-dashboard)/projects/page-client.tsx`
|
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enhances team member invitation UI and refactors data fetching in
`page-client.tsx` for better usability and robustness.
>
> - **UI Enhancements**:
> - Replaced icon-only invite button with a ghost button labeled "Invite
Teammate" in `page-client.tsx`.
> - Reorganized team header layout to better position the invite button.
> - **Data Fetching**:
> - Updated `TeamAddUserDialog` to fetch user and admin data
asynchronously instead of using hooks.
> - Validates admin limits at submission time in `TeamAddUserDialog`.
> - **Misc**:
> - Dialog title now reflects the team's display name in
`TeamAddUserDialog`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 3e16f0c9cd. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Projects are now grouped by team with readable team labels and a “No
Team” fallback; each team shows its own project grid.
* The “Add User” dialog is available next to each team and shows the
team’s display name in the title.
* **Style**
* Replaced icon-only trigger with a ghost button using a settings icon
and improved accessibility.
* **Chores**
* Invite submission now validates current admin limits at submit time.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds a developer-friendly error guard to prevent a common
mistake where developers try to destructure the user object from
`getUser()` or `useUser()` calls (e.g., `const { user } = await
app.getUser()`), when the method already returns the user object
directly. The fix implements a property getter that throws a helpful
error message, attaches it to all user objects (client-side
`CurrentUser`, server-side `ServerUser`, and `ServerTeamUser`), and
includes E2E tests to verify the behavior. Additionally, it fixes a typo
in the Convex example and addresses seed script execution issues.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/template/src/lib/stack-app/users/index.ts` |
| 2 |
`packages/template/src/lib/stack-app/apps/implementations/client-app-impl.ts`
|
| 3 |
`packages/template/src/lib/stack-app/apps/implementations/server-app-impl.ts`
|
| 4 | `apps/e2e/tests/js/app.test.ts` |
| 5 | `examples/convex/convex/myFunctions.ts` |
| 6 | `apps/backend/prisma/seed.ts` |
| 7 | `.github/workflows/check-prisma-migrations.yaml` |
</details>
<details>
<summary>⚠️ Inconsistent Changes Detected</summary>
| File Path | Warning |
|-----------|---------|
| `.github/workflows/check-prisma-migrations.yaml` | Adds database
cleanup step for auto-migration metadata in CI workflow, which appears
unrelated to the main purpose of adding a user getter error guard |
| `apps/backend/prisma/seed.ts` | Restructures the seed script execution
logic and removes the main module check handler, which seems unrelated
to the user getter error fix |
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds a guard to prevent destructuring of `user` objects and includes a
test to verify the error message.
>
> - **Behavior**:
> - Adds `attachUserDestructureGuard` function in `users/index.ts` to
throw an error when attempting to destructure `user`.
> - Updates `getUser()` in `client-app-impl.ts` and `server-app-impl.ts`
to use `attachUserDestructureGuard`.
> - Adds test in `app.test.ts` to verify error message when
destructuring `user`.
> - **Misc**:
> - Fixes string concatenation error in `myFunctions.ts`.
> - Adds step in `check-prisma-migrations.yaml` to remove auto-migration
metadata.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 9be5c8a0e2. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Added a protective guard that prevents destructuring the user from
current user objects on both client and server, displaying a clear,
actionable error with guidance to use supported access methods. Valid
usage is unaffected; no API changes.
* **Tests**
* Introduced end-to-end tests verifying the new error message and
behavior across sign-up, sign-in, and current user retrieval on client
and server.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR fixes database schema issues related to Prisma migrations by
setting the correct `search_path` before applying auto-migrations and
removing the `SchemaMigration` table from the CI workflow to ensure
proper schema comparison during migration checks.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `apps/backend/src/auto-migrations/index.tsx` |
| 2 | `.github/workflows/check-prisma-migrations.yaml` |
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Fixes Prisma migration schema issues and a string concatenation error
in `getUserInfo`.
>
> - **Database Schema**:
> - Removes `SchemaMigration` table in
`.github/workflows/check-prisma-migrations.yaml` to ensure correct
schema comparison.
> - Sets `STACK_SEED_MODE` to `'true'` in `seed()` in `seed.ts` for
consistent seeding behavior.
> - **Bug Fix**:
> - Fixes string concatenation error in `getUserInfo` in
`myFunctions.ts` by using `+` instead of `obj.displayName`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 5b664a0fe7. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Corrected user info message to properly display the user’s name in the
example app.
* **Chores**
* CI workflow now clears auto-generated migration metadata before
comparing schema changes to reduce false positives.
* Seeding now explicitly sets a seed-mode environment flag and no longer
auto-executes on direct invocation, enabling more controlled runs.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
