Commit Graph

68 Commits

Author SHA1 Message Date
Konsti Wohlwend
ae620bb1bf
Wildcard domains (#830) 2025-08-19 22:59:21 -07:00
BilalG1
91d8b18f72
Payments manual items (#837) 2025-08-19 14:21:12 -07:00
BilalG1
9e538a08e5
project owner team (#835)
<img width="1920" height="968" alt="Screenshot 2025-08-12 at 10 44
41 AM"
src="https://github.com/user-attachments/assets/3fb59810-45d8-46e1-9cfd-5a1a34936887"
/>
<!-- 

ELLIPSIS_HIDDEN -->


> [!IMPORTANT]
> Introduces team-based project ownership, refactoring existing
user-based model, and updates UI, backend, and tests to support this
feature.
> 
>   - **Behavior**:
> - Introduced team-based ownership for projects, replacing user-based
ownership.
> - Updated project creation, transfer, and deletion flows to use team
ownership.
> - Added team selection UI during project creation in the dashboard.
> - Projects now display owning team's name and include "owner team"
field in API responses.
>   - **Refactor**:
>     - Enhanced backend and schema for team-based project management.
> - Removed legacy user metadata updates related to project ownership.
> - Modified project listing and management to rely on team
associations.
> - Streamlined failed emails digest and contact channel queries to
resolve contacts via team membership.
>   - **Tests**:
> - Updated tests to validate team ownership and project-user
association handling.
> - Adjusted test snapshots and assertions for non-null selected team
data.
> - Improved test flows for authentication and project deletion with
team context.
>   - **Chores**:
>     - Minor improvements to logging and code clarity.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for e457b13b69. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>

----


<!-- ELLIPSIS_HIDDEN -->


> [!IMPORTANT]
> Introduces team-based project ownership, refactoring existing
user-based model, and updates UI, backend, and tests to support this
feature.
> 
>   - **Behavior**:
> - Introduced team-based project ownership, replacing user-based
ownership.
> - Updated project creation, transfer, and deletion flows to use team
ownership.
> - Added team selection UI during project creation in the dashboard.
> - Projects now display owning team's name and include "owner team"
field in API responses.
>   - **Refactor**:
>     - Enhanced backend and schema for team-based project management.
> - Removed legacy user metadata updates related to project ownership.
> - Modified project listing and management to rely on team
associations.
> - Streamlined failed emails digest and contact channel queries to
resolve contacts via team membership.
>   - **Tests**:
> - Updated tests to validate team ownership and project-user
association handling.
> - Adjusted test snapshots and assertions for non-null selected team
data.
> - Improved test flows for authentication and project deletion with
team context.
>   - **Chores**:
>     - Minor improvements to logging and code clarity.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 0f6f12b5dc. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>

----


<!-- ELLIPSIS_HIDDEN -->

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Team-based project ownership: teams can own projects; UI to pick a
team when creating projects; dashboard groups projects by team;
TeamSwitcher component added.

* **Improvements**
* API and responses now include owner_team_id and populated
selected_team/selected_team_id; provisioning and transfer flows assign
teams for ownership; seeds create internal/emulator owner teams.

* **Tests**
* E2E and backend tests updated to reflect team ownership and enriched
team fields.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
2025-08-19 11:42:11 -07:00
Konstantin Wohlwend
f1fb3007d5 More E2E tests for redirect URLs 2025-08-12 17:12:07 -07:00
BilalG1
2b541516bf
Payment tests, account status, smartRoutes (#828)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Emulator Test / docker (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Test / docker (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Runs E2E API Tests with external source of truth / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
<!--

Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md

-->

<!-- ELLIPSIS_HIDDEN -->


----

> [!IMPORTANT]
> Introduce comprehensive payment and subscription management with
Stripe integration, including new models, API endpoints, UI components,
and extensive tests.
> 
>   - **Features**:
> - Add Stripe integration for payments and subscriptions in
`apps/backend/src/lib/stripe.tsx` and
`apps/backend/src/app/api/latest/integrations/stripe/webhooks/route.tsx`.
> - Implement payment offers and items management in
`apps/backend/src/app/api/latest/payments`.
> - Add UI components for payment management in
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments`.
>   - **Models**:
> - Add `Subscription` model in `prisma/schema.prisma` and
`prisma/migrations/20250805195319_subscriptions/migration.sql`.
>   - **Tests**:
> - Add end-to-end tests for payment APIs in
`apps/e2e/tests/backend/endpoints/api/v1/payments`.
>   - **Configuration**:
> - Update environment variables in `.env.development` and
`docker.compose.yaml` for Stripe.
>   - **Misc**:
>     - Add new known errors related to payments in `known-errors.tsx`.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 972c24854f. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>

----


<!-- ELLIPSIS_HIDDEN -->

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Introduced comprehensive payments and subscriptions management with
Stripe integration.
* Added UI for managing payment offers, items, and purchase URLs in the
dashboard.
* Implemented Stripe onboarding, purchase sessions, and return flow
handling.
* Added Stripe Connect and Elements integration with theme-aware UI
components.

* **Bug Fixes**
* Enhanced validation and error handling for payments APIs and
customer/item type consistency.

* **Tests**
* Added extensive end-to-end and backend tests for payments and
purchase-related endpoints.

* **Chores**
  * Updated environment variables and dependencies for Stripe support.
  * Added Stripe mock service to development Docker Compose.

* **Documentation**
* Extended schemas and types for payment offers, prices, items, and
customer types.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Claude <noreply@anthropic.com>
2025-08-08 18:13:22 -07:00
BilalG1
4899632ea4
Email sending sdk function, freestyle mock, small fixes (#813)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Emulator Test / docker (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Test / docker (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Runs E2E API Tests with external source of truth / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
<!--

Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md

-->

<!-- ELLIPSIS_HIDDEN -->


----

> [!IMPORTANT]
> Enhances email sending API with template support, improved error
handling, and new interfaces, while adding comprehensive tests and
updating rendering logic.
> 
>   - **Behavior**:
> - Adds support for sending emails using templates with variables and
optional theming in `send-email/route.tsx`.
> - Introduces per-user notification category checks before sending
emails.
>     - Adds optional unsubscribe link in email themes.
>   - **Error Handling**:
> - Refines error handling in `send-email/route.tsx` for missing
content, non-existent user IDs, and shared email server configurations.
>     - Uses `KnownErrors` for specific error cases.
>   - **API Changes**:
> - Adds new interfaces and methods for email sending in
`server-interface.ts` and `admin-interface.ts`.
>     - Removes deprecated email sending methods from admin interfaces.
>   - **Testing**:
> - Adds e2e tests in `email.test.ts` for various email sending
scenarios, including HTML content, templates, and error cases.
>   - **Misc**:
> - Updates email rendering logic in `email-rendering.tsx` to handle new
template and theme options.
> - Simplifies import statements and cleans up code structure across
multiple files.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 1d5a056699. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>

----


<!-- ELLIPSIS_HIDDEN -->

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Enhanced email sending to support both raw HTML and template-based
emails with variables and optional theming.
  * Added per-user notification category checks before sending emails.
  * Email themes now support an optional unsubscribe link in the footer.

* **Improvements**
* Updated email rendering to pass the unsubscribe link as a prop to
themes.
  * Refined error handling for email sending.
  * Improved flexibility of email sending options and result reporting.

* **API Changes**
* Introduced new interfaces and methods for sending emails on the server
side, including detailed result reporting.
  * Removed deprecated admin-side email sending methods and interfaces.
  * Added new types for email sending options and results.

* **Bug Fixes**
* Fixed navigation and property naming inconsistencies in dashboard
email template editing and sending flows.

* **Chores**
  * Simplified import statements and cleaned up internal code structure.
* Updated Docker environment for freestyle mock service to use Bun
runtime and adjusted port mappings.

* **Tests**
* Added comprehensive tests covering email sending scenarios, including
error handling and multi-user support.
* Updated existing tests to reflect refined email subjects, template
rendering, and unsubscribe link features.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
2025-08-01 18:40:28 -07:00
Zai Shi
7226c40d0a
Remove legacy tenancy config (#802)
<!--

Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md

-->

<!-- ELLIPSIS_HIDDEN -->


----

> [!IMPORTANT]
> Refactor tenancy configuration structure, affecting authentication,
email, domain, OAuth, and permissions settings, with updates to feature
flag checks, property access, and test assertions.
> 
>   - **Refactor**:
> - Updated configuration structure for authentication, email, domain,
OAuth, and permissions settings, affecting feature flag checks and
property access in `handlers.tsx`, `route.tsx`, and `crud.tsx`.
> - Improved handling of domain and OAuth provider configurations for
integrations and CRUD operations.
> - Adjusted redirect URL validation and origin checks to use updated
tenancy configuration.
> - Transformed project and tenancy configuration data returned by API
handlers for consistency.
> - Centralized email theme and template retrieval from updated
configuration paths.
>   - **Bug Fixes**:
> - Corrected error messages related to OTP sign-in feature
availability.
>   - **Tests**:
> - Updated test assertions to match new error messages for OTP sign-in.
>   - **Chores**:
> - Reorganized import statements and updated internal logic to align
with new configuration structure.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ae04ae28be. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>

----


<!-- ELLIPSIS_HIDDEN -->

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Refactor**
* Updated configuration structure for authentication, email, domain,
OAuth, and permissions settings, resulting in changes to feature flag
checks and property access throughout the backend.
* Improved handling of domain and OAuth provider configurations for
integrations and CRUD operations.
* Adjusted redirect URL validation and origin checks to use updated
tenancy configuration.
* Transformed project and tenancy configuration data returned by API
handlers for consistency.
* Centralized email theme and template retrieval from updated
configuration paths.
* Simplified redirect URL validation calls by passing tenancy objects
directly.
* Updated passkey, password, OTP, and OAuth feature flag checks to new
nested configuration properties.

* **Bug Fixes**
* Corrected error messages related to OTP sign-in feature availability.

* **Tests**
  * Updated test assertions to match new error messages for OTP sign-in.

* **Chores**
* Reorganized import statements and updated internal logic to align with
new configuration structure.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
2025-07-31 20:06:33 +02:00
BilalG1
b2cc6f2f58
sending new templates (#794) 2025-07-28 17:26:03 -07:00
Konstantin Wohlwend
2c9e02fcc8 Fix tests 2025-07-16 11:42:25 -07:00
Konstantin Wohlwend
ce123bd6c8 Less flakey E2E tests 2025-07-16 11:02:48 -07:00
Zai Shi
dfae043457
Fix redirect uri error message (#682)
<!--

Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md

-->

<!-- ELLIPSIS_HIDDEN -->


----

> [!IMPORTANT]
> Update error message for invalid redirect URIs in OAuth callback
handler and adjust tests accordingly.
> 
>   - **Behavior**:
> - In `route.tsx`, change error handling for invalid redirect URIs to
throw `StatusError` with message: "Invalid redirect URI. You might have
set the wrong redirect URI in the OAuth provider settings. (Please copy
the redirect URI from the Stack Auth dashboard and paste it into the
OAuth provider's dashboard)".
>   - **Tests**:
> - Update `callback.test.ts` to expect new error message for untrusted
redirect URL case.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 00c68bc708. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>


<!-- ELLIPSIS_HIDDEN -->

---------

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
2025-07-02 01:12:10 +00:00
Zai Shi
9f79485410
Fix redirect url (#703)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Emulator Test / docker (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Test / docker (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
<!--

Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md

-->

<!-- ELLIPSIS_HIDDEN -->


----

> [!IMPORTANT]
> Adds redirect URL validation in sign-up process and updates test URL
to localhost.
> 
>   - **Behavior**:
> - Adds `validateRedirectUrl` check in `POST` handler in `route.tsx` to
ensure `verificationCallbackUrl` is whitelisted.
>     - Throws `RedirectUrlNotWhitelisted` error if URL is not valid.
>   - **Tests**:
> - Updates `verificationCallbackUrl` in `scaffoldProject` in
`js-helpers.ts` to `http://localhost:3000`.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for f25e26b9d3. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>


<!-- ELLIPSIS_HIDDEN -->

---------

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
2025-06-27 04:00:12 +02:00
Konsti Wohlwend
bae04178cc
Endpoints branching (#659)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Emulator Test / docker (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Test / docker (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Preview Docs / run (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
Co-authored-by: Zai Shi <zaishi00@outlook.com>
Co-authored-by: moritz <moritsch@student.ethz.ch>
2025-04-30 15:39:47 -07:00
Zai Shi
d9e2dae4c6
Config DB migration step 2 (#629)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Emulator Test / docker (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Test / docker (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Preview Docs / run (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: moritz <moritsch@student.ethz.ch>
2025-04-29 14:52:45 -07:00
Konstantin Wohlwend
5c9325ebb4 Fix flakey tests 2025-04-22 22:20:28 -07:00
Moritz Schneider
592d259dde
Api Keys (#590)
<!--

Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md

-->

<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/99619123-6be5-4788-aebe-5fc2a9a36245"
/>

<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/660677bf-f19a-4673-94c8-59ac50eb6ae5"
/>

<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/11ae63c4-5813-4fd8-aa01-fa580d2103be"
/>


<!-- ELLIPSIS_HIDDEN -->


----

> [!IMPORTANT]
> Introduces API key management for users and teams, integrating with
existing project configurations and permissions, and adds comprehensive
tests and examples.
> 
>   - **API Key Management**:
> - Introduces `ProjectApiKey` model in `schema.prisma` for managing API
keys.
> - Adds `createApiKeyHandlers` in `handlers.tsx` to handle API key CRUD
operations.
>     - Implements API key creation, revocation, and validation logic.
>   - **Permissions and Configurations**:
> - Adds `allowUserApiKeys` and `allowTeamApiKeys` to `ProjectConfig` in
`schema.prisma`.
> - Updates `TeamSystemPermission` enum to include `MANAGE_API_KEYS`.
> - Ensures API key operations respect project configurations and
user/team permissions.
>   - **Testing and Examples**:
> - Adds extensive tests in `api-keys.test.ts` to cover various API key
scenarios.
>     - Updates example projects to demonstrate API key usage.
>   - **Miscellaneous**:
>     - Refactors existing code to integrate API key functionalities.
> - Updates documentation and type definitions to reflect new API key
features.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 96f60c57f0. It will automatically
update as commits are pushed.</sup>


<!-- ELLIPSIS_HIDDEN -->

---------

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
2025-04-04 13:03:10 -07:00
Zai Shi
392a3f9790
Upgrade oslo to oslojs (#564) 2025-03-26 02:02:03 +01:00
Konsti Wohlwend
a99b04ac6c
Anonymous users (#566) 2025-03-20 18:24:19 -07:00
Konstantin Wohlwend
b53b0c8232 Rename UserEmailAlreadyExists to UserWithEmailAlreadyExists 2025-03-20 09:56:08 -07:00
Konstantin Wohlwend
e7104dcb52 Wait longer in test 2025-03-18 10:25:28 -07:00
devin-ai-integration[bot]
0e3f63d2ac
Add CLI authentication endpoints (#503)
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: TheCactusBlue <thecactusblue@gmail.com>
2025-03-12 18:44:33 -07:00
Moritz Schneider
6776af30fd
Active Sessions Page (#528)
<img width="1443" alt="image"
src="https://github.com/user-attachments/assets/611ede72-4d46-41dc-adea-9546c04b199a"
/>

Adds new active sessions page to settings

<!-- ELLIPSIS_HIDDEN -->


----

> [!IMPORTANT]
> Adds an active sessions page to settings, enabling users to view and
manage their sessions, with backend support for session listing and
deletion.
> 
>   - **Active Sessions Page**:
> - Adds `ActiveSessionsPage` component in `account-settings.tsx` to
display active sessions.
> - Allows revoking individual sessions or all sessions except the
current one.
>   - **Backend Changes**:
> - Adds `sessionsCrudHandlers` in `crud.tsx` for session management
(list, delete).
> - Updates `ProjectUserRefreshToken` model in `schema.prisma` to
include `id` and `isImpersonation` fields.
> - Implements session listing and deletion in `serverInterface.ts` and
`client-app-impl.ts`.
>   - **Error Handling**:
> - Introduces `CannotDeleteCurrentSession` error in `known-errors.tsx`.
>   - **Testing**:
> - Adds tests for session management in
`endpoints/api/v1/auth/sessions` tests.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ba78df0928. It will automatically
update as commits are pushed.</sup>


<!-- ELLIPSIS_HIDDEN -->

---------

Co-authored-by: TheCactusBlue <thecactusblue@gmail.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
2025-03-12 22:35:32 +01:00
CactusBlue
ef6248dd87
Option for merging/blocking account creations with same email but different oauth provider (#502)
* Add SettingSelect component and sign-up mode configuration

* update schema

* update schema

* add merge oauth schema fields

* update test snapshots

* reformat the file

* add mergeOauthMethods in the UI

* Improve documentation with minor enhancements and fixes (#466)

* Improve PATCH /users/me performance

* Neon domain (#488)

* React setup docs (#491)

* chore: update package versions

* Update branding from Stack to Stack Auth in documentation (#504)

Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: zai@stack-auth.com <zai@stack-auth.com>

* Improve inner OAuth cookie error description

* Fix tests

* Add several spans

* Fix Next.js navigation

* chore: update package versions

* add handler config

* Fix conditional hooks in account settings page

* Add `pnpm run claude-code`

* Fixed docs image ratio (#507)

* Documentation Updates (#508)

* add links

* moar

* fix broken links

* fixed images

* updated readme

* Add Python SDK tab to docs

* Fix broken links

* Prefix `pnpm pre` before `pnpm dev`

* Automatically update pull request branches (#509)

* Give PR updater more permissions

* Ignore PR merge conflicts in GH Actions

* [DEVIN: Konsti] Add userCount property to Project table with automatic update trigger (#506)

Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>

* chore: update package versions

* rewrite as toMatchobject

* fix test

* test again

* fix

* update claude

* fix migrations

* fix migration

* fix types

* Update CLAUDE.md

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>

* more instructions

* fix

* what was i on

* wew

* factor things

* correct the flow

* Update apps/backend/src/app/api/latest/auth/oauth/callback/[provider_id]/route.tsx

Very good catch

Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>

* rename everything

* fix more

* fix typeerror

* update all the tests

* modify migration for legacy projects

* add loading state

* enable email verification for tests

* update test

* get a failing test

* the test works now

* remove debug console log

* change error

* no lowercase

* use typedToUpper/Lowercase

* capture err

* fix types

* modify error throw

* fixed

* add working tests

* documentation update

* Update apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/merge-strategy.test.ts

Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>

* remove eslint rule

* fix json args

* documentation update

---------

Co-authored-by: devin-ai-integration[bot] <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
Co-authored-by: Zai Shi <zaishi00@outlook.com>
Co-authored-by: zai@stack-auth.com <zai@stack-auth.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
2025-03-10 21:25:12 +00:00
Zai Shi
6a8fd6a265 fixed tests
Some checks failed
Update pull request branches / Update pull request branches (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Test / docker (push) Has been cancelled
Runs E2E API Tests / build (20.x) (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Runs E2E API Tests / build (latest) (push) Has been cancelled
Lint & build / lint_and_build (20.x) (push) Has been cancelled
Lint & build / lint_and_build (22.x) (push) Has been cancelled
Dev Environment Test / test (push) Has been cancelled
Run setup tests / test (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
2025-03-05 18:05:18 -08:00
Konstantin Wohlwend
d6cc73a278 Fix tests 2025-03-03 19:16:50 -08:00
Konstantin Wohlwend
2f4108975e Fix tests 2025-02-18 15:25:44 -08:00
Konstantin Wohlwend
20488cffb7 Replace some 400 status codes with 409
Some checks failed
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Test / docker (push) Has been cancelled
Runs E2E API Tests / build (20.x) (push) Has been cancelled
Lint & build / lint_and_build (20.x) (push) Has been cancelled
Lint & build / lint_and_build (22.x) (push) Has been cancelled
Run setup tests / test (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
2025-02-17 18:11:32 -08:00
CactusBlue
495645a22a
add OTP to the subject line (#435)
* add OTP to the subject line

* strip sign in codes
2025-02-12 19:27:48 -08:00
Konsti Wohlwend
3c013cc105
nicify(...) now formats multiline strings nicely (#415)
Some checks failed
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Test / docker (push) Has been cancelled
Runs E2E API Tests / build (20.x) (push) Has been cancelled
Lint & build / lint_and_build (20.x) (push) Has been cancelled
Lint & build / lint_and_build (22.x) (push) Has been cancelled
Run setup tests / test (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
2025-02-02 19:22:06 -08:00
Konstantin Wohlwend
ef935e24d8 Fix STACK-BACKEND-5Q 2024-12-23 12:36:27 -08:00
Konstantin Wohlwend
ac0d657243 Prepend mailbox ID to generated email addresses 2024-12-21 12:19:24 -08:00
Konstantin Wohlwend
257ec46244 Fix build 2024-12-11 20:37:42 -08:00
Konsti Wohlwend
22676c563b
Neon project provision (#358) 2024-12-08 11:44:35 -08:00
Konstantin Wohlwend
c1b8601341 Advanced team invitations 2024-11-26 17:12:57 +01:00
Konstantin Wohlwend
bc24b41f61 Replace required() of yup schemas with defined() 2024-11-18 20:08:55 +01:00
Zai Shi
b6f0276ac1 improve redirect url error log 2024-11-13 19:42:53 +01:00
Moritz Schneider
93a1fcf7cb
Passkey support (#321)
* passkeys

* add passkey tests

---------

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
2024-10-28 16:56:46 -07:00
Konstantin Wohlwend
a79add4103 TOTP retry 2024-10-21 08:47:35 -07:00
Zai Shi
e6b898126e
Contact channel client (#290)
Added contact channels to stack-app
Added emails, OTP, and password settings to the account settings page
Added /api/v1/auth/password/set
Added otp_auth_enabled to users endpoints
2024-10-20 01:01:25 +02:00
Zai Shi
18d75fbf21
Contact channel APIs (#288)
* removed contact channels from otp

* fixed types

* fixed bugs

* fixed bug

* fixed bugs

* updated user contact channel

* updated tests

* updated tests

* added unique key to otp and password auth

* added contact channel api

* added new send-verification-code route

* updated tests

* added contact channel create tests, fixed bug

* added more tests, removed update

* added more tests

* added more tests

* added more tests

* fixed typecheck

* fixed route structure

* fixed bugs, fixed tests

* added more tests

* added more tests

* fixed tests

* fixed tests

* implemented new merge account logic

* moved user create of otp sign in to after the first email verification

* added cc updates

* fixed bugs

* added more tests

* added more flows

* uncomment tests

* added primary updates

* Update apps/e2e/tests/backend/endpoints/api/v1/contact-channels/legacy-send-verification-code.test.ts

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>

* Update apps/e2e/tests/backend/endpoints/api/v1/auth/otp/sign-in.test.ts

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>

* updated test names

* Update apps/e2e/tests/backend/endpoints/api/v1/auth-flows.test.ts

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>

* Update apps/e2e/tests/backend/endpoints/api/v1/auth-flows.test.ts

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>

* Update apps/backend/src/app/api/v1/auth/oauth/callback/[provider_id]/route.tsx

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>

* fixed lint

* fixed lint

* fix lint

---------

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
2024-10-14 02:12:56 +02:00
Zai Shi
28c3f57f31
New contact channels (#287)
* removed contact channels from otp

* fixed types

* fixed bugs

* fixed bug

* fixed bugs

* updated user contact channel

* updated tests

* updated tests

* added unique key to otp and password auth

* removed contact channel from user object
2024-10-01 06:22:12 +02:00
Zai Shi
06fcca6fe6
OTP (#263)
* fixed otp send email template

* added version

* added send response type

* updated email template

* added otp email

* added otp page

* fixed bugs

* fixed bugs, added back button on otp page

* otp works

* added max attempts per nonce code

* fixed error return type

* fixed tests

* fixed bugs

* updated button text

* added tests

* added totp code error handling

* removed console.log

* fixed verification code length

* fixed code length

* moved otp inside magic link sign in component

* changed version back, updated ui wording

* added old version otp email tests

* fixed tests
2024-09-24 20:02:06 +02:00
Zai Shi
8ea8ff383e
Added handling for user canceling the oauth process (#260)
* added oauth cancel handling

* added translation

* fixed tests

* fixed reviews
2024-09-20 22:45:06 +02:00
Zai Shi
84e30eead0
Remove shared Facebook (#238)
* removed facebook shared

* updated test

* added migration file

* facebook enabled var

* fixed migration file

* fixed connected account migration file
2024-09-11 02:25:18 +02:00
Zai Shi
57a33b2dd6
Query optimization (#230)
* removed v1 api

* added new database schema

* fixed small problems

* fixed import errors

* fixed small problems in schema

* fixed missing metadata

* fixed totp db

* updated user

* added check auth data, updated cc primary

* added user update

* added comments

* updated project create

* fixed bugs

* updated seed script

* updated verification code handler

* updated sign in

* updated imports

* updated projects

* updated sign in route

* remove credential and magic link fields from ProjectConfig model

* fixed type bugs

* updated otp sign-in

* fixed seed script

* fixed password update

* updated credential and magic link enable

* fixed projects credential and magic link

* fixed oauth provider update

* added otp and password config update

* fixed db fkey

* fixed circular dependency

* fixed seeding

* fixed auth method fkey constraint

* password type => identifierType

* fixed seed

* fixed bugs

* fixed circular import

* deterministic auth methods order

* fixed bug

* fixed credential enabled default

* fixed bugs

* fixed credential enabled update bug

* updated tests

* fixed small bugs

* fixed connected account bugs

* updated test

* fixed password update bug

* fixed bug

* fixed tests

* fixed redirect bugs

* added migration file

* Update migration SQL

* Fix stuff

* improved get user speed

* fixed crud, improved smart-request

* improved smart request further

* improved smart request

* added prisma preview features

* fixed smart request

* fixed prisma

* added otel

* fixed bugs

* fixed small problem

* added jaeger and delay

* fixed small things

* updated parse auth structure

---------

Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
2024-09-08 01:28:20 +02:00
Zai Shi
fe1fdc4c11
Connected account & auth methods DB migration (#204)
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
2024-09-07 13:03:31 -07:00
Konstantin Wohlwend
2c55d689a9 Refresh token revocation tests 2024-08-22 20:25:00 -07:00
Zai Shi
7b5d0ed793
Team metadata & client read only metadata (#196)
* added team metadata

* added client readonly metadata

* updated tests

* added team client meta data tests

* added user metadata tests

* added client read only metadata to stack-app

* added client read only metadata
2024-08-20 20:39:13 +02:00
Konstantin Wohlwend
c182cebec6 MFA for non-password apps 2024-08-11 13:30:05 -07:00
Konstantin Wohlwend
d01471acfc TOTP MFA components 2024-08-10 09:45:49 -07:00