mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-13 21:01:21 +08:00
e0c1cc5376
126 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Konsti Wohlwend
|
765b0f4e29
|
New setup (#1413) | ||
Madison
|
5e5cfdec4f
|
[Dashboard][Backend][SDK] - Adds sharable session replay ids. (#1294)
# Shareable Session Replay Links Adds the ability to share individual session replays via unique, direct URLs. https://www.loom.com/share/1e3298a19b114fc38af4bc43dcd5ec48 ## What changed - New admin endpoint — GET /api/v1/internal/session-replays/:id - Fetches a single session replay by ID with user metadata (display name, primary email) and chunk/event counts - Returns 404 if the replay doesn't exist - Admin-only access, consistent with the existing list endpoint ## New standalone replay page — /projects/:projectId/analytics/replays/:replayId - Thin server page wrapper that passes the replay ID to the existing PageClient - PageClient detects standalone mode via initialReplayId prop and fetches replay metadata directly instead of loading the full session list - Sidebar is hidden; the replay viewer takes the full width - "Back to all replays" link shown under the page title ## Copy link button - Moved from per-session sidebar items to the replay viewer header (next to the settings gear) - Copies a direct URL to the currently selected replay ## SDK plumbing - AdminGetSessionReplayResponse type in stack-shared - getSessionReplay() on StackAdminInterface, StackAdminApp interface, and _StackAdminAppImplIncomplete ## Tests - Happy path: fetch single replay by ID with inline snapshot - 404 for nonexistent replay ID - 401 for non-admin access (client and server) ## Test plan - [ ] Open /analytics/replays, select a replay, click the link icon in the header — verify URL is copied to clipboard - [ ] Paste that URL in a new tab — verify the standalone replay page loads and plays the correct replay - [ ] Verify "Back to all replays" link navigates back to the list page - [ ] Verify the original /analytics/replays list page still works as before (selecting, filtering, pagination) - [ ] Run pnpm test run session-replays <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Backend: internal endpoint to fetch a single session replay with user info, millisecond timestamps, and chunk/event counts. * Admin SDK/App: added response type and admin method to retrieve a single session replay; admin app maps response into the app model. * Dashboard: standalone session-replay page, UI adjustments for standalone mode, and a “copy replay link” button. * **Tests** * Added end-to-end tests for retrieval, not-found, and access-control scenarios. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
Aman Ganapathy
|
1de8a17183
|
Payments bulldozer txn rework (#1315)
### Object of this PR This PR is NOT a monolithic series of fixes for the payments suite + a complete rework. Its aims were a) introducing and robustly testing the bulldozer db system b) reworking the payments underlying architecture to use bulldozer for correctness and scalability c) Achieving parity with the old payments system excepting a few changes like ensuring correctness of the ledger algo There may still be some work to do with handling refunds, decoupling the concepts of purchases from that of products, and some other things. ### Ledger Algorithm This has been tuned and fixed. Item removals i.e negative item quantity changes will apply to the soonest expiring item grant i.e positive item quantity change. This is what is best for the user. Item grants can also expire, and when they expire we obviate whatever is left of their original capacity (meaning after all the removals that were applied to it). Our ledger algo is applied via Bulldozer, so automatic re-computation is handled when a new grant/ removal is inserted in the middle of the existing ones. ### Things we got rid of * No more automatic support for default products. You can use $0 plan provisions to accomplish the same effect but it's manual * Negative item quantity changes (i.e item removals) no longer can have expiries <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Enhanced payment processing pipeline with improved data consistency and state management. * Advanced refund handling with comprehensive transaction tracking. * Better tracking and management of customer item quantities and owned products. * Improved subscription lifecycle management including period-end handling. * **Bug Fixes** * Fixed payment data integrity verification. * Improved handling of edge cases in refund scenarios. * **Chores** * Updated cSpell configuration with additional words. * Expanded developer documentation for linting workflows. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com> Co-authored-by: Aadesh Kheria <kheriaaadesh@gmail.com> Co-authored-by: Mantra <87142457+mantrakp04@users.noreply.github.com> |
||
Mantra
|
e59a70783e
|
Turnstile integration for fraud protection (#1239)
Enhances sign-up process with Turnstile integration for fraud protection. Builds on top of fraud-protection-temp-emails. Made with [Cursor](https://cursor.com) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Cloudflare Turnstile bot-protection across signup/sign-in flows (including SDK JSON mode). * Email deliverability checks via Emailable. * Sign-up risk scoring with persisted risk metrics and country code tracking. * UI: country-code selector, risk-score editing in user details, users list refresh button, and Turnstile signup demo pages. * **Bug Fixes** * Use actual sign-up timestamp for reporting/metrics. * **Documentation** * Expanded knowledge base on Turnstile, risk scoring, and env configuration. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com> Co-authored-by: BilalG1 <bg2002@gmail.com> Co-authored-by: Armaan Jain <84474476+Developing-Gamer@users.noreply.github.com> Co-authored-by: nams1570 <amanganapathy@gmail.com> |
||
Armaan Jain
|
b5d5e5cea6
|
Add onboarding status to Project model and implement related database… (#1246) | ||
|
Aman Ganapathy
|
485fa9d623
|
[Refactor][Feat][Fix] Rework Email Section With New Sent Page, Better Drafts Page, and Settings Page (#1221)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
DB migration compat / Check if migrations changed (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Build and Run / docker (push) Has been cancelled
Runs E2E API Tests (Local Emulator) / E2E Tests (Local Emulator, Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (mock, 22.x) (push) Has been cancelled
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (prod, 22.x) (push) Has been cancelled
Runs E2E API Tests with custom port prefix / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Dev Environment Test With Custom Base Port / restart-dev-and-test-with-custom-base-port (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests with custom base port / setup-tests-with-custom-base-port (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
DB migration compat / Back-compat — Current branch migrations with ${{ needs.check-migrations-changed.outputs.base_branch }} branch code (push) Has been cancelled
DB migration compat / Forward-compat — Current branch code with ${{ needs.check-migrations-changed.outputs.base_branch }} branch migrations (push) Has been cancelled
DB migration compat / No migration changes (skipped) (push) Has been cancelled
### Context We didn't have an easy place for a user to see their domain statistics and track their sent emails, either overall or by draft. Additionally, there was scope creep with the sidebar, where we were supporting more pages. Our emails landing page was also rather confusing, especially toggling/ working with different email server types. So, we decide to add a "sent" page, to track email logs and email statistics, as well as let users temporarily override their sending limits if need be. Additionally, a user may want to see a particular email in more detail: what stage is it in? How did it proceed through time? How can I pause the sending of this email or change the scheduled time or edit the code? We allow for that to happen. ### Summary of Changes #### New Pages 1. **Sent Page:** A Domain Reputation card lets you track how many of your sent emails were bounced or marked as spam as well as how much capacity you have left. We also provide a temporary override, where you can use up to 4 times your capacity for a limited period of time. Additionally, we provide an email log that lets you see the recently sent emails. You can also toggle this view from a "list all emails" to "group by template/draft" which shows stats for each template/draft id (i.e a bar showing how many emails were sent, are pending, were marked as spam, were bounced etc, and the total number of emails sent with that template or draft). Clicking on an email in the list all view takes you to the "email-viewer" endpoint for that email (see below). Clicking on a template/draft in the group by view takes you to a page where you can see the statistics for that template/draft in more detail (the "send" stage view for that template/draft, as referenced below). 2. **Settings Page:** This is a new page we created because the old "emails" landing page wasn't doing its job. This page is to track all the email settings. Currently, we put in 2 sections. A "theme settings" card where users can see their active theme and click on a button to be navigated to the themes page. This is necessary as we remove themes from the sidebar. The other section is a card for email server and domain configuration - you can change your server type and adjust the settings or send a test email. It's cleaner and less noisy. 3. **Drafts Page**: There are a lot of changes here. On the landing page, we actually separate out the drafts into "active drafts" and "draft history" because drafts are meant to be fire-and-forget, not reusable. We also add the functionality to create a draft from a template. This was tricky to manage because templates rely on template variables which sent to the backend along with the code and injected during render time. We deal with this by having AI rewrite the template source code to remove any references to template variables and to make the draft standalone. The drafts page has been separated into a stepper-controlled multi stage process: draft->recipients->schedule->sent. Sent is a read only view that shows you the statistics of the emails sent using that draft, as mentioned earlier. You can also see the sent view of a historical draft. You can also bulk pause/cancel any unsent emails from the sent view of the drafts. 4. **Sidebar Updates**: The email sidebar now doesn't show "themes" or "emails" (the old landing page), but it does show "settings" and "sent", and the default landing page for emails is "sent". 5. **Email Viewer**: When you click on an individual email, you get navigated here. This has a timeline showing the progress of the email on the right, and some optional info for the user that's toggleable on the right bottom, while having either a preview of the email if it's sent or a way to edit it. You can also change the scheduledAt date of an email if it hasn't already been sent. #### Bug Fixes 1. **Search in `TeamMemberSearchTable`**: This was broken. Every time you tried to enter or remove a character, it would trigger skeleton loading that overlapped the search bar too, preventing you from adding/removing more. This was caused because the `useUser` hook eventually ended up calling a `use` hook, which throws a promise that triggers a suspense. This, coupled with the fact that the implementation of `TeamMemberSearchTable` involved a prop-drilling/ dependency inversion approach to passing down its toolbar to a base table component, meant the suspense would cover the toolbar too and couldn't be scoped to just the table. A refactor has gotten rid of the need for those base components while fixing tables in `payments/customers`, `teams/team_id`, and `payments/transactions` on top of the existing use in email drafts recipients stage. We also dedupped some code. 2. **Stale draft fetches on draft landing page**: `useEmailDrafts` uses an asyncCache to cache the fetched drafts. It is used on the drafts landing page to render the drafts. When a draft is sent, its `sentAt` is marked versus when it is still active, it is marked as null. The cache was stale and so navigating to the landing page after firing off a draft would errorneously represent that draft as still active and indeed, even allow you to edit it and fire it again. This violated the principle of drafts being fire and forget. This has been dealt with by adding functionality to refresh the draft cache upon firing off a draft. #### Other Changes 1. We bumped up the base time for the exponential send attempt retry backoff in `email-queue-step` to 20 seconds. The previous base was two seconds, and this effectively just made it wait until the next iteration of the `email-queue-step` cron job or at most an iteration that wasn't too far away. When an outage with our provider happens, it may take a while for it to be resolved, so a longer backoff is justified 2. We transitioned the themes page and the templates page to using the new components, though deeper UI refactors for them were out of scope for this ticket. 3. We implement a "temporarily increase capacity" button, that bumps up the throughput/ capacity limit fourfold for a user for a given period of time. It works like this: > Clicking the button sets a boost expiredat time. > When this time is set and still valid, the capacity rate is multiplied by 4. > When the button is clicked, trigger a loading spinner until the route finishes processing. > When the timer runs out, we reset the button back to its original state. > We dont need to wrap the onclick with runAsyncWithAlert because the component does that already. 4. We add a new default theme: a colorful theme with a lavender base. This was mainly done so we could have three times in a theme showcase in the settings page. ### UI Demos **Sent Page Demo:** https://github.com/user-attachments/assets/19294a90-bb65-4f00-9a97-111f6c08287f **Drafts Page Demo** https://github.com/user-attachments/assets/847609ef-d699-470c-a699-297bb9e17f04 **Settings Page Demo** https://github.com/user-attachments/assets/190a3829-036a-4f57-89c0-a873bef5a7ce **Email Viewer Page Demo** https://github.com/user-attachments/assets/3bc50159-4acb-4865-a4dd-830c84ee4235 --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com> |
||
BilalG1
|
09aa7576cb
|
analytics replay filters (#1213)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
DB migration compat / Check if migrations changed (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Build and Run / docker (push) Has been cancelled
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (mock, 22.x) (push) Has been cancelled
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (prod, 22.x) (push) Has been cancelled
Runs E2E API Tests with custom port prefix / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Dev Environment Test With Custom Base Port / restart-dev-and-test-with-custom-base-port (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests with custom base port / setup-tests-with-custom-base-port (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
DB migration compat / Back-compat — Current branch migrations with ${{ needs.check-migrations-changed.outputs.base_branch }} branch code (push) Has been cancelled
DB migration compat / Forward-compat — Current branch code with ${{ needs.check-migrations-changed.outputs.base_branch }} branch migrations (push) Has been cancelled
DB migration compat / No migration changes (skipped) (push) Has been cancelled
https://www.loom.com/share/5fe96d0d675b455391a6ade1377d2fa5 <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Advanced session replay filtering: user, team, duration range, last-event time window, and minimum click count * Dashboard UI: multi-dialog filters, active-filter badges, filter chips, clear actions, and filter-aware no-results messaging * New searchable user picker with server-backed pagination * Enhanced results: embedded project-user (id, display_name, primary_email), timing fields, chunk/event counts, and composite cursor pagination (next_cursor) * **Tests** * Extensive end-to-end coverage for filters, pagination, validation, and edge cases <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Konsti Wohlwend
|
9b5a188e4e
|
More connected accounts (#1165) | ||
|
BilalG1
|
003b693662
|
inline product cancelling (#1199)
<!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Subscription IDs are now included in product listings and UI data for clearer subscription tracking. * Cancellation can be performed by subscription ID as well as by product; client and template APIs support passing a subscription identifier. * **Tests** * End-to-end tests added/updated to cover canceling subscriptions via subscription ID and updated listing snapshots. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Konsti Wohlwend
|
45e8eddd70
|
Team invitations on user (#1200) | ||
|
BilalG1
|
fa27c80319
|
rename tabId to sessionReplaySegmentId (#1206)
<!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added new session replay analytics columns to ClickHouse for enhanced tracking and reporting * **Refactor** * Renamed session recording segment identifier across APIs and data models from `tab_id` to `session_replay_segment_id` * Updated internal data structures and type definitions to align with new naming convention <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
BilalG1
|
c7ef526bb4
|
session replays (#1187)
https://www.loom.com/share/3b7c9288149e4f878693281778c9d7e0 ## Todos (future PRs) - Fix pre-login recording - Better session search (filters, cmd-k, etc) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Analytics → Replays: session recording & multi-tab replay with timeline, speed, seek, and playback settings; dashboard UI for listing and viewing replays. * **Admin APIs** * Admin endpoints to list recordings, list chunks, fetch chunk events, and retrieve all events (paginated). * **Client** * Client-side rrweb recording with batching, deduplication, upload API and a send-batch client method. * **Configuration** * New STACK_S3_PRIVATE_BUCKET for private session storage. * **Tests** * Extensive unit and end-to-end tests for replay logic, streams, playback, and APIs. * **Chores** * Removed an E2E API test GitHub Actions workflow. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Aman Ganapathy
|
fa360aba9c
|
[Refactor] Change Retry Logic in Email Sending (#1191)
### Context Some of our users' emails were getting stuck in sending. The long delays in processing the retries caused a vercel function timeout. ### Summary of Changes We refactor the low level email sending functions to remove the retry logic there. We kick it up to the email queue step. Additionally, we flag emails to be retried when they encounter issues but leave it for a future iteration to actually perform the retry. We perform an exponential backoff with a random component to decide when they have to be retried. We also make some small adjustments to the queuing function to not queue skipped emails. When an email fails to send during the sending function, we check to see if it is a retryable error or not. Some errors are transient and trying again may succeed while others indicate deeper issues. If it is retryable, and the max number of retry attempts hasn't been reached, we set `nextSendRetryAt` to a time determined by an exponential backoff calculation function. When the queuing function looks for emails to queue, it doesn't just pick up the `SCHEDULED`. emails whose `scheduledAt` time <= `NOW()`, but also those emails whose `nextSendRetryAt` time <= `NOW()`. What this means in practice is that one iteration of the `email-queue-step` will mark emails as retryable while another iteration will perform the retry. This should be cleaner and prevent long delays in the `email-queue-step` process due to retries. This also makes it easier to scale up the number of retries if need be. |
||
|
Konstantin Wohlwend
|
e5a354617c | Fix restricted user schema | ||
|
Konsti Wohlwend
|
7a35751f8e
|
Sign up rules (#1138)
<!-- CURSOR_SUMMARY --> > [!NOTE] > **High Risk** > Touches core sign-up/auth flows and user restriction semantics (including new DB constraints) and introduces dynamic rule evaluation/logging; misconfiguration or CEL/parser bugs could block sign-ups or incorrectly restrict users. > > **Overview** > Introduces **CEL-based sign-up rules** (config-driven) that are evaluated during password/OTP/OAuth sign-ups and anonymous upgrades; matching rules can reject sign-ups or mark users as admin-restricted, and triggers are logged for analytics. > > Extends `ProjectUser` with `restrictedByAdmin` plus public/private restriction details, updates restriction computation/filtering, and exposes these fields via user CRUD (including validation + DB constraint enforcing consistency when unrestricted). > > Adds a new dashboard **Sign-up Rules** page with a visual condition builder (CEL <-> visual tree), drag-reorder by priority, per-rule 48h sparkline analytics via a new hidden internal endpoint, and adds user-page UI to view/edit manual restrictions. Also refactors ClickHouse client initialization to require env vars (removing `isClickhouseConfigured` checks) and adjusts CI container startup wait time. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 2141e689e8c1b72303b805e9234f996010d0880. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Sign-up Rules: visual rule builder, in-project CRUD with drag-reorder, per-rule analytics, backend evaluation, and admin UI. * Admin user restrictions: dashboard controls, banners/status, public/private admin details surfaced in user views. * **APIs & Schema** * Config and user schemas extended; new SignUpRejected error and sign-up rule types added. * **Tests** * Extensive unit and E2E coverage for rules, parser, evaluator, analytics, and restricted-user flows. * **Docs** * Editorial guidance added to AGENTS.md. * **Chores** * DB statement timeout, updated clean script, minor dependency additions. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
BilalG1
|
31b8d8040d
|
query timing route (#1146)
<!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added a dedicated endpoint to retrieve query timing statistics using query identifiers. * Query responses now include a unique query_id for tracking and reference. * **Improvements** * Query timeout validation now enforces a maximum limit of 2 minutes. * Query response structure updated to support separate timing information retrieval. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
BilalG1
|
484c3a6332
|
clickhouse setup (#1032) | ||
|
Aman Ganapathy
|
c8694c7ff5
|
[Fix] [Feat] Update OAuth Sign-In and Get Token Functions to Work (#1130)
### Summary of Changes Previously, on the Swift SDK, the `signInWithOAuth` function wasn't working. In this PR, we fix it by having the `getOAuthUrl` function to actually redirect correctly. Note that to do so, we updated the `validRedirectUrl` check on the backend to accept app native redirects (from our new trusted url scheme). Another thing to note is that we added functionality to the `TokenStore` abstraction to conditionally refresh the access token that the user is trying to fetch if it is expired/close to expiring if possible. `getOAuthUrl` will attempt to get a valid access token, and thus will rely on our algorithm documented in `utilities.md`. The specs serve as the source of truth. We go further and implement Apple Native sign in. To do so, we have it hit a new route on the backend and verify the `jwtToken` retrieved by the sdk against an Apple-provided set of `jwks`. We use jose to do so, in line with the rest of the codebase. We take this opportunity to refactor the oauth provider route owing to the amount of duplicated logic. Additionally, to enable the apple sign in, users will have to update the Apple authentication method modal on the dashboard and add accepted bundle ids. These are identifiers for projects, and we will check the `JWT` on the backend to make sure the audience is set to an accepted bundleId. We also update the Apple modal to be more informative. ### Using the new Features To use the Apple native sign in, users will have to 1) sign up with an apple developer account, 2) set up their bundleids for their projects by connecting them to the apple developer account, 3) update the Stack-Auth Authentication Methods dashboard apple modal with the relevant fields. Then, trying to sign in with apple with our Swift SDK will use the apple native sign in. ### UI Changes Renamed the fields in the apple modal. Added a new field for bundle ids. See below. https://github.com/user-attachments/assets/0e760c0e-3198-4818-ac7f-4900d7a125bb Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com> |
||
|
BilalG1
|
373fb48e7f
|
payment email templates (#1106)
<img width="553" height="471" alt="Screenshot 2026-01-14 at 12 16 36 PM"
src="https://github.com/user-attachments/assets/9f32473d-5294-4cf7-b527-0668fb04ae47"
/>
<img width="630" height="514" alt="Screenshot 2026-01-14 at 12 17 06 PM"
src="https://github.com/user-attachments/assets/b17f57f7-148d-4438-b337-df7516d1793e"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Expanded Stripe webhooks: handles invoice and one‑time/subscription
events, sends templated payment receipt and failure emails, posts
chargeback alerts to Telegram.
* Customer invoices API plus client and UI support for listing invoices;
backend stores invoice status, total, and hosted URL.
* **Tests**
* Added end‑to‑end tests for new webhook scenarios (receipts, failures,
chargebacks) and invoices API with email outbox checks.
* **Chores**
* Centralized Telegram helpers and improved formatting, validation, and
reliability.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Introduces end-to-end invoice visibility and payment notifications.
>
> - **Emails:** Adds default `payment_receipt` and `payment_failed`
templates and sends them from Stripe webhooks for one-time and
subscription payments (skips non‑uncollectible failures); resolves
recipients for users/teams.
> - **Webhooks:** Expands handled events; upserts invoices on
`invoice.*`; stricter unknown-type handling; adds Telegram chargeback
alert; refactors init script Telegram sending.
> - **Data model:** Extends `SubscriptionInvoice` with `status`,
`amountTotal`, `hostedInvoiceUrl` and writes them via
`upsertStripeInvoice`.
> - **API/SDK/UI:** New paginated `GET
/payments/invoices/{customer_type}/{customer_id}`; client interface
(`listInvoices`, hooks) and template Payments panel render an invoices
table.
> - **Tests:** E2E for invoices access, webhook behaviors, and email
delivery.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
BilalG1
|
d6dc85b6d6
|
upgrade/downgrade plans (#1087)
https://www.loom.com/share/f218c4d16b4d4306be93685aad7aed7a <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * One-click subscription switching (client + server) and UI dialog to choose alternative plans * Products now show available plan alternatives (switch options) * **Improvements** * More robust default payment-method handling, validation, and clearer errors when none is set * Improved payment-method retrieval and customer metadata persistence * **Tests** * End-to-end tests for plan switching and updated billing snapshots <sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub> <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
BilalG1
|
570249f67a
|
show products in account settings (#1071)
<img width="1193" height="827" alt="Screenshot 2026-01-09 at 1 46 38 PM" src="https://github.com/user-attachments/assets/2703cb15-0be6-4df5-9c79-a45ac514444e" /> <img width="1192" height="750" alt="Screenshot 2026-01-09 at 1 49 01 PM" src="https://github.com/user-attachments/assets/9cfd4936-ed2f-4e4d-a5f9-0c25c87623f1" /> <! -- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Manage and set default payment methods (user & team) via Setup Intents; Payments page in Account Settings to view/update card and active plans. * Product listings now include type (one_time | subscription) and subscription details (period end, cancelable, cancel-at-period-end). * Client/SDK: new billing APIs and Customer methods to fetch billing, create setup intents, and apply default payment methods. * **Tests** * New end-to-end tests for billing flows, setup-intent, and access control. * **Chores** * Added Stripe frontend libraries. <sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub> <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Konsti Wohlwend
|
1618f89c46
|
Onboarding app & restricted users (#1069)
- restricted users - onboarding app - waitlist app - fixed an exception when setting primary email - automatically update the JWT token on the client when the user object changes |
||
|
Konsti Wohlwend
|
e76ed50bf7
|
Email outbox CRUD endpoints (#1062) | ||
|
Konstantin Wohlwend
|
a09188f947 | Make config endpoints SmartRouteHandlers | ||
|
Konsti Wohlwend
|
e7e792d462
|
Email outbox backend (#1030) | ||
|
Madison
|
4480991789
|
[Docs][SDK] - Various small fixes (#1040)
<!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> # 🔒 Hidden Internal Endpoints from Public API Docs Internal endpoints were incorrectly appearing in public API documentation. Added hidden: true metadata to: - /internal/init-script-callback - Telegram notification callback - /internal/send-sign-in-invitation - Team invitation endpoint (public equivalent: /team-invitations/send-code) - /internal/projects/current - Internal project CRUD (adminRead, adminUpdate, adminDelete) - /internal/emails - Internal emails CRUD (adminList) # 🏷️ Fixed Endpoint Categorization (moved from "Others") Several endpoints were appearing in the "Others" category instead of their proper sections: - /emails/send-email -> Added tags: ["Emails"] - Notification preferences CRUD -> Added complete docs with tags: ["Emails"] - OAuth providers CRUD -> Changed tag from "OAuth Providers" → "Oauth" to match naming convention; added missing clientUpdate docs # 📝 API Documentation Improvements - Fixed duplicate API Key titles: Updated handlers to use dynamic summary (Create ${type} API key) instead of hardcoded "Create API key" for both user and team keys - Fixed empty Request section: API playground now only renders the Request panel when there are actual parameters or request body fields to display # 🎨 UserButton Component Fixes ### Component (packages/template/src/components/user-button.tsx): - Fixed hover effect centering (removed w-12 constraint, added p-1.5 padding) - Fixed showUserInfo not displaying (changed flex-grow w-0 → min-w-0) - Updated text styling with proper font sizes and theme-aware colors - Added hover:transition-none for snappy UX ### Documentation Demo (docs/src/components/stack-auth/stack-user-button-demo.tsx): - Added not-prose class to fix avatar not rendering in MDX context <img width="482" height="190" alt="image" src="https://github.com/user-attachments/assets/c7c847c8-3ca5-4a40-bb33-f89949b6dbad" /> | Old | New | |-----|-----| | <img src="https://github.com/user-attachments/assets/b0f2afe4-1499-49c0-946a-618a29876479" width="180" /> | <img src="https://github.com/user-attachments/assets/a358499c-f7e6-42c0-a0a0-2e6ad21728d2" width="180" /> | | Old | New | |-----|-----| | <img width="176" height="73" alt="image" src="https://github.com/user-attachments/assets/1e17d77e-e4df-484d-adf4-19fcdaa0b471" /> | <img width="198" height="76" alt="image" src="https://github.com/user-attachments/assets/61d95ca8-61e5-48db-8fd8-75335751622f" /> | |
||
Zai Shi
|
4b955ced3e
|
Email templates and project logos (#852)
https://www.loom.com/share/7628a0b5f14e4367bcde93e4817a50e8 <img width="811" height="437" alt="image" src="https://github.com/user-attachments/assets/6b02aae0-c723-43d4-92ab-a26e97623d9c" /> <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- ELLIPSIS_HIDDEN --> ---- > [!IMPORTANT] > Enhance email templates with project branding and dark-mode support, update schemas and API responses for new logo fields. > > - **Behavior**: > - Email templates now support project branding with compact/full logos and dark-mode variants in `email-rendering.tsx` and `emails.ts`. > - Project name displays beside logos in Light and Dark themes in `email-rendering.tsx`. > - Email rendering groups branding and unsubscribe data for consistent theming. > - **API Changes**: > - Project payloads and admin/project schemas rename `full_logo` to `logo_full` and add dark-mode logo fields in `projects.ts` and `schema-fields.ts`. > - Updates to `projects.tsx` and `page-client.tsx` to handle new logo fields. > - **Style**: > - Improved unsubscribe link contrast in Dark theme in `emails.ts`. > - **Database**: > - Adds `logoFullUrl`, `logoDarkModeUrl`, and `logoFullDarkModeUrl` columns to `Project` table in `migration.sql`. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for |
||
|
BilalG1
|
243caf9a23
|
Payment transactions (#990)
https://www.loom.com/share/db645a1799454ec6b0234c55ee28cee9
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Multi-currency, entry-based transaction model; unified transaction
builders.
- Refund API for subscriptions and one-time purchases; Stripe invoice
handling and webhook invoice-paid processing.
- **Refactor**
- Admin UI and SDK migrated to the new transaction shape; table
rendering simplified with summary-driven columns and avatar cells.
- **Bug Fixes**
- Improved aggregation, sorting and cursor pagination across mixed
transaction sources; refund state handling.
- **Tests**
- Expanded end-to-end tests, webhook simulation helpers, and snapshot
updates.
- **Chores**
- Database migrations for subscription invoices and refundedAt fields.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Replaces AdminTransaction with a unified, entry-based Transaction
model, updates the backend route/builders, admin SDK, dashboard table,
and tests (incl. filtering and serializer tweaks).
>
> - **Backend**:
> - **Entry-based transactions**: Add `transaction-builder.ts` to build
`Transaction` objects (product grants, money transfers, item quantity
changes) with multi-currency amounts and
`effective_at_millis`/`adjusted_by`.
> - **API**: `/internal/payments/transactions` now returns
`transactionSchema`, supports filtering by `TRANSACTION_TYPES`, merges
sources, and preserves concatenated-cursor pagination.
> - **Shared (stack-shared)**:
> - Add `transactionEntrySchema`, `transactionSchema`,
`TRANSACTION_TYPES`, and `TransactionType`; remove `AdminTransaction`
surface.
> - **Admin SDK/Template**:
> - Update `listTransactions` signatures, caches, and types to use
`Transaction`/`TransactionType` across interfaces and app
implementations.
> - **Dashboard UI**:
> - Refactor transaction table to new model: iconified type, avatar
customer cells, amount/details columns, and filters for type and
customer.
> - **Tests**:
> - Update e2e snapshots to new `Transaction` shape; add tests for
type/customer filters and server-granted subscriptions; serializer now
strips `effective_at_millis`.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
BilalG1
|
e843a2b637
|
svix embedded portal (#1007)
https://www.loom.com/share/ade557d34b674ecb9ae1d703b5332c9d
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added support for inline webhook configuration portal rendering when
available
* Enhanced webhooks page with improved theming support
* **Refactor**
* Updated webhook token API to return structured data including optional
server URL alongside token
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Enables embedded Svix portal on the Webhooks page when available,
updating the token API and shared types to return an optional portal URL
and wiring it through the admin app.
>
> - **Frontend (Dashboard Webhooks page)**:
> - Conditionally render Svix `AppPortal` when `svixToken.url` is
provided; otherwise fall back to `SvixProvider` with token.
> - Integrate theme support (`next-themes`) for portal `darkMode`;
import `svix-react` styles.
> - **Backend (API)**:
> - Update `POST /api/latest/webhooks/svix-token` to return `{ token,
url? }`, deriving `url` only when no `STACK_SVIX_SERVER_URL` is set.
> - **Shared Types/SDK**:
> - Extend `svixTokenAdminReadSchema` to include optional `url`.
> - Change admin app `useSvixToken()` to return `{ token, url }` and
propagate through implementation.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
BilalG1
|
7f2de7e1ec
|
Cookie subdomain sharing (#971)
<!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Projects now expose a domains field in the client API. - Cookie API expanded: domain and secure options added, plus getAll and isSecure helpers. - **Refactor** - Domain-aware cookie and token handling for cross-domain refresh flows. - Minor signature/formatting tweaks to IP and URL utilities. - **Tests** - E2E coverage added: refresh-cookie scenarios and a project scaffolding test. - Backend snapshot updated to include domains. - **Chores** - Added a new dependency for domain parsing. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com> |
||
|
BilalG1
|
c6b00e1a8b
|
dashboard payment customers, grant product routes and sdk (#939)
https://www.loom.com/share/2767f799df9d48519c737a1d082fc3f4?sid=967802e9-5bfb-438d-96cd-2f6fcbd2f69b <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- RECURSEML_SUMMARY:START --> ## High-level PR Summary This PR adds a "Grant Product" feature to the dashboard's customer page, allowing administrators to manually grant products to users, teams, or custom customers. The UI has been updated to rename "Items" to "Customers" in the navigation, and the page now includes a dialog for selecting a product and quantity (for stackable products) to grant. Additionally, the backend payment logic has been enhanced to properly set `currentPeriodEnd` and `cancelAtPeriodEnd` when canceling conflicting subscriptions during product grants. ⏱️ Estimated Review Time: 15-30 minutes <details> <summary>💡 Review Order Suggestion</summary> | Order | File Path | |-------|-----------| | 1 | `apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/sidebar-layout.tsx` | | 2 | `apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/customers/page.tsx` | | 3 | `apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/customers/page-client.tsx` | | 4 | `apps/backend/src/lib/payments.tsx` | | 5 | `packages/template/src/lib/stack-app/apps/implementations/server-app-impl.ts` | </details> <details> <summary>⚠️ Inconsistent Changes Detected</summary> | File Path | Warning | |-----------|---------| | `packages/template/src/lib/stack-app/apps/implementations/server-app-impl.ts` | This appears to be a simple variable rename (cache to itemsCache) that seems unrelated to adding grant product functionality to the dashboard | </details> [](https://discord.gg/n3SsVDAW6U) [
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Emulator Test / docker (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Test / docker (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Runs E2E API Tests with external source of truth / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
<!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- RECURSEML_SUMMARY:START --> ## High-level PR Summary This PR implements a comprehensive renaming of "offer" to "product" and "offer group" to "product catalog" throughout the codebase. The changes include database migrations, schema updates, API compatibility layers, function renames, and updates to client and server implementations. Backwards compatibility is maintained through migration layers that handle requests using the old terminology, translating them to the new terminology before processing. The PR includes documentation of this approach in CLAUDE-KNOWLEDGE.md. This rename affects multiple parts of the system including the database schema, API endpoints, error types, and SDK interfaces. ⏱️ Estimated Review Time: 1-3 hours <details> <summary>💡 Review Order Suggestion</summary> | Order | File Path | |-------|-----------| | 1 | `apps/backend/prisma/migrations/20250923191615_rename_offers_to_products/migration.sql` | | 2 | `apps/backend/src/app/api/migrations/v2beta1/payments/purchases/offers-compat.ts` | | 3 | `apps/backend/src/app/api/migrations/v2beta1/payments/purchases/create-purchase-url/route.ts` | | 4 | `apps/backend/src/app/api/migrations/v2beta1/payments/purchases/validate-code/route.ts` | | 5 | `apps/backend/src/lib/payments.tsx` | | 6 | `.claude/CLAUDE-KNOWLEDGE.md` | | 7 | `packages/stack-shared/src/schema-fields.ts` | | 8 | `packages/stack-shared/src/known-errors.tsx` | | 9 | `packages/stack-shared/src/config/schema.ts` | | 10 | `packages/template/src/lib/stack-app/customers/index.ts` | | 11 | `packages/template/src/lib/stack-app/apps/implementations/client-app-impl.ts` | | 12 | `packages/template/src/lib/stack-app/apps/implementations/server-app-impl.ts` | </details> [](https://discord.gg/n3SsVDAW6U) <!-- RECURSEML_SUMMARY:END --> <!-- ELLIPSIS_HIDDEN --> ---- > [!IMPORTANT] > Renames 'offer' to 'product' and 'offer group' to 'product catalog' across the codebase, updating database schema, API endpoints, and application logic for consistency and backward compatibility. > > - **Database**: > - Rename columns `offer` to `product` and `offerId` to `productId` in `OneTimePurchase` and `Subscription` tables in `migration.sql`. > - **API & Migrations**: > - Update API endpoints to accept `product_id`/`product_inline` instead of `offer_id`/`offer_inline`. > - Add `v2beta5` compatibility layer to map legacy `offer` fields to `product` equivalents. > - **Shared Schemas**: > - Rename `offerSchema` to `productSchema` and related schemas in `schema-fields.ts`. > - **Server Implementation**: > - Update `createCheckoutUrl` method in `server-app-impl.ts` to use `productId`/`InlineProduct`. > - **Tests**: > - Update tests to reflect renaming in `backend-helpers.ts` and other test files. > - **Miscellaneous**: > - Remove dummy data related to offers in `dummy-data.tsx`. > - Update documentation and comments to reflect terminology changes. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for |
||
|
BilalG1
|
ad34cfecc2
|
Transactions page (#900)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Emulator Test / docker (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Test / docker (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Runs E2E API Tests with external source of truth / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
<!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- RECURSEML_SUMMARY:START --> ## High-level PR Summary This PR adds a new `priceId` field to the `OneTimePurchase` and `Subscription` models in the database to store Stripe price identifiers. The change includes database schema updates, corresponding migration files, and modifications to payment processing logic to properly track and store price IDs throughout the purchase flow. The implementation consistently propagates the price ID from Stripe's API responses through various payment processing endpoints and webhooks handlers, ensuring the data is properly stored and synced with the database models. ⏱️ Estimated Review Time: 15-30 minutes <details> <summary>💡 Review Order Suggestion</summary> | Order | File Path | |-------|-----------| | 1 | `apps/backend/prisma/schema.prisma` | | 2 | `apps/backend/prisma/migrations/20250917193043_store_price_id/migration.sql` | | 3 | `apps/backend/src/lib/stripe.tsx` | | 4 | `apps/backend/src/app/api/latest/payments/purchases/purchase-session/route.tsx` | | 5 | `apps/backend/src/app/api/latest/internal/payments/test-mode-purchase-session/route.tsx` | | 6 | `apps/backend/src/app/api/latest/integrations/stripe/webhooks/route.tsx` | | 7 | `apps/e2e/tests/backend/endpoints/api/v1/stripe-webhooks.test.ts` | </details> <!-- RECURSEML_SUMMARY:END --> <!-- ELLIPSIS_HIDDEN --> ---- > [!IMPORTANT] > Add `priceId` field to track Stripe price identifiers in purchase and subscription models, updating schema, payment logic, and tests. > > - **Database Changes**: > - Add `priceId` field to `OneTimePurchase` and `Subscription` models in `schema.prisma`. > - Update database schema with migration `20250917193043_store_price_id/migration.sql`. > - **Payment Processing**: > - Update `processStripeWebhookEvent()` in `webhooks/route.tsx` to handle `priceId`. > - Modify `POST` handlers in `purchase-session/route.tsx` and `test-mode-purchase-session/route.tsx` to include `priceId` in metadata. > - Update `syncStripeSubscriptions()` in `stripe.tsx` to sync `priceId`. > - **Testing**: > - Add tests in `stripe-webhooks.test.ts` to validate `priceId` handling in webhook and purchase flows. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for |
||
|
Zai Shi
|
d789a097f3
|
OAuth provider client and dashboard (#792)
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add OAuth provider client and dashboard with UI components, server and
client interface updates, schema enhancements, and new tests.
>
> - **New Features**:
> - Add UI components in `page-client.tsx` for viewing, adding, editing,
toggling, and removing OAuth providers.
> - Implement `OAuthProviderDialog` and `OAuthProvidersSection` for
managing OAuth providers.
> - **Server and Client Interfaces**:
> - Update `StackServerInterface` and `StackClientInterface` to include
CRUD operations for OAuth providers.
> - Add `createServerOAuthProvider`, `listServerOAuthProviders`,
`updateServerOAuthProvider`, and `deleteServerOAuthProvider` methods.
> - **Schema and Types**:
> - Add `provider_config_id` to OAuth provider schemas in
`oauth-providers.ts` and `schema-fields.ts`.
> - Define `OAuthProvider` and `ServerOAuthProvider` types in
`users/index.ts`.
> - **Tests**:
> - Add `oauth-providers.test.ts` for client-side OAuth provider
functionality.
> - Update existing tests to include `provider_config_id` assertions.
> - **Miscellaneous**:
> - Update `server-app-impl.ts` and `client-app-impl.ts` to handle OAuth
provider operations.
> - Enhance error handling for account-ID conflicts in OAuth provider
operations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for
|
||
|
Konsti Wohlwend
|
284d85247a
|
Improved anonymous users (#857) | ||
|
BilalG1
|
249271b22d
|
Payment dogfooding (#847)
https://www.loom.com/share/642ec83442594512817f571e7e96514c?sid=42b82e19-bca3-488a-9257-8dbad1a26e29 |
||
|
BilalG1
|
9e538a08e5
|
project owner team (#835)
<img width="1920" height="968" alt="Screenshot 2025-08-12 at 10 44 41 AM" src="https://github.com/user-attachments/assets/3fb59810-45d8-46e1-9cfd-5a1a34936887" /> <!-- ELLIPSIS_HIDDEN --> > [!IMPORTANT] > Introduces team-based project ownership, refactoring existing user-based model, and updates UI, backend, and tests to support this feature. > > - **Behavior**: > - Introduced team-based ownership for projects, replacing user-based ownership. > - Updated project creation, transfer, and deletion flows to use team ownership. > - Added team selection UI during project creation in the dashboard. > - Projects now display owning team's name and include "owner team" field in API responses. > - **Refactor**: > - Enhanced backend and schema for team-based project management. > - Removed legacy user metadata updates related to project ownership. > - Modified project listing and management to rely on team associations. > - Streamlined failed emails digest and contact channel queries to resolve contacts via team membership. > - **Tests**: > - Updated tests to validate team ownership and project-user association handling. > - Adjusted test snapshots and assertions for non-null selected team data. > - Improved test flows for authentication and project deletion with team context. > - **Chores**: > - Minor improvements to logging and code clarity. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for |
||
|
Zai Shi
|
16d99963fd
|
Project logo upload (#817)
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add support for uploading and managing project logos with image
compression and validation in project settings.
>
> - **Behavior**:
> - Added support for uploading and managing project logos (`logoUrl`,
`fullLogoUrl`) in `Project` model.
> - New `LogoUpload` component in `logo-upload.tsx` for image upload
with compression and validation.
> - Projects display and store logo URLs for branding.
> - **Database**:
> - Added `logoUrl` and `fullLogoUrl` columns to `Project` table in
`migration.sql`.
> - Updated `schema.prisma` to include new fields in `Project` model.
> - **Backend**:
> - Updated `createOrUpdateProjectWithLegacyConfig()` in `projects.tsx`
to handle logo uploads.
> - Increased max image upload size to 1 MB in `images.tsx` and
`s3.tsx`.
> - Added `browser-image-compression` dependency in `package.json`.
> - **Frontend**:
> - Integrated `LogoUpload` component in `page-client.tsx` for project
settings.
> - Updated `AdminProject` type in `projects/index.ts` to include logo
URLs.
> - **Tests**:
> - Updated e2e tests in `projects.test.ts` and others to verify logo
upload functionality.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for
|
||
|
Zai Shi
|
2b5eebcd22
|
Config override CRUD (#803)
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add admin-only API endpoints and UI support for project configuration
overrides, with comprehensive tests and documentation updates.
>
> - **New Features**:
> - Added admin-only API endpoints for reading and updating project
configuration overrides in `config/crud.tsx` and
`config/override/crud.tsx`.
> - Admin app supports fetching, caching, and updating configuration
overrides with new React hooks in `admin-app-impl.ts`.
> - **Bug Fixes**:
> - Validation and error handling for OAuth providers, duplicate IDs,
and invalid config fields in `oauth-providers/crud.tsx`.
> - **Tests**:
> - Added end-to-end tests for configuration management and validation
errors in `config.test.ts` and `js/config.test.ts`.
> - **Documentation**:
> - Updated API documentation for new config override endpoints in
`config.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for
|
||
|
Zai Shi
|
018be1fdff
|
OAuth provider crud (#759)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Emulator Test / docker (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Test / docker (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Runs E2E API Tests with external source of truth / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
> [!IMPORTANT] > Add CRUD operations for OAuth providers, update schemas and error handling, and include tests for new functionality. > > - **Behavior**: > - Adds CRUD operations for OAuth providers in `client-interface.ts` and `server-interface.ts`. > - Introduces `oauthProviderCrud` in `oauth-providers.ts` for managing OAuth provider data. > - Updates `schema-fields.ts` to include new schemas for OAuth provider attributes. > - Adds error handling for OAuth provider operations in `known-errors.tsx`. > - **Schema**: > - Defines `oauthProviderCrudClientUpdateSchema`, `oauthProviderCrudServerUpdateSchema`, and `oauthProviderCrudServerCreateSchema` in `oauth-providers.ts`. > - Updates `projects.ts` to include `oauthProviderReadSchema` and `oauthProviderWriteSchema`. > - **Tests**: > - Adds tests for OAuth provider CRUD operations in `oauth-providers.test.ts`. > - **Misc**: > - Renames `oauth.ts` to `connected-accounts.ts` in `crud` directory. > - Updates `projects.test.ts` to include `provider_config_id` in OAuth provider configurations. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for |
||
|
Konstantin Wohlwend
|
e6b214b257 | Fix typo | ||
|
Konsti Wohlwend
|
a7ef394be4
|
Source of Truth (#660)
Co-authored-by: Zai Shi <zaishi00@outlook.com> |
||
|
BilalG1
|
cca18bf790
|
Email themes (#743) | ||
|
BilalG1
|
61d0adb7a5
|
Send email route and notification settings page (#717) | ||
|
Zai Shi
|
b23759c3e0
|
Improve user profile page (#712)
<img width="890" alt="image"
src="https://github.com/user-attachments/assets/1e317987-0a09-4f7c-850a-ac2bddec9390"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add functionality to send sign-in invitation emails, including backend
API, frontend UI, and email template support.
>
> - **Backend**:
> - Add `SIGN_IN_INVITATION` to `EmailTemplateType` in `schema.prisma`
and `migration.sql`.
> - New API route `send-sign-in-invitation/route.tsx` to handle sending
sign-in invitation emails.
> - Implement `sendSignInInvitationEmail()` in `admin-interface.ts`.
> - **Frontend**:
> - Update `page-client.tsx` to include sign-in invitation template
management.
> - Add `SendSignInInvitationDialog` in `page-client.tsx` for sending
invitations.
> - Modify `user-table.tsx` to include sign-in invitation actions.
> - **Email Templates**:
> - Add `sign-in-invitation.tsx` template.
> - Update `utils.tsx` to include metadata for sign-in invitation
emails.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for
|
||
|
Madison
|
133de58998
|
Docs api keys (#644)
Init API Keys docs updates.
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add documentation and API handlers for creating and managing user and
team API keys.
>
> - **API Handlers**:
> - Updated `createApiKeyHandlers` in `handlers.tsx` to include metadata
for API key creation and validation.
> - `create` and `check` handlers now have descriptions, summaries, and
tags for API keys.
> - **Documentation**:
> - Added `api-keys.mdx` to explain API key creation, management, and
usage for users and teams.
> - Updated `docs-template.yml` to include API Keys in the navigation.
> - Added `sdk/types/api-key.mdx` for detailed API key type definitions
and usage.
> - Updated `sdk/types/team.mdx` and `sdk/types/user.mdx` to include API
key functions for teams and users.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for
|
||
|
Konsti Wohlwend
|
f3f2adcee7
|
Remove SmartRequest.auth.project.config (#658)
Co-authored-by: Zai Shi <zaishi00@outlook.com> Co-authored-by: moritz <moritsch@student.ethz.ch> |
||
|
Zai Shi
|
d9e2dae4c6
|
Config DB migration step 2 (#629)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Docker Emulator Test / docker (push) Has been cancelled
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Docker Server Test / docker (push) Has been cancelled
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Lint & build / lint_and_build (latest) (push) Has been cancelled
Preview Docs / run (push) Has been cancelled
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Run setup tests / setup-tests (push) Has been cancelled
TOC Generator / TOC Generator (push) Has been cancelled
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com> Co-authored-by: moritz <moritsch@student.ethz.ch> |
||
|
Zai Shi
|
61bc0de8f4
|
Config DB (#568)
- Added new config json schema and helper functions - Separated the internal project and client project so we can later change the internal project APIs without breaking backward compatibility - Added database to config json and config json to project type so we can test and compare the result in production Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com> |
||
Moritz Schneider
|
592d259dde
|
Api Keys (#590)
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/99619123-6be5-4788-aebe-5fc2a9a36245"
/>
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/660677bf-f19a-4673-94c8-59ac50eb6ae5"
/>
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/11ae63c4-5813-4fd8-aa01-fa580d2103be"
/>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Introduces API key management for users and teams, integrating with
existing project configurations and permissions, and adds comprehensive
tests and examples.
>
> - **API Key Management**:
> - Introduces `ProjectApiKey` model in `schema.prisma` for managing API
keys.
> - Adds `createApiKeyHandlers` in `handlers.tsx` to handle API key CRUD
operations.
> - Implements API key creation, revocation, and validation logic.
> - **Permissions and Configurations**:
> - Adds `allowUserApiKeys` and `allowTeamApiKeys` to `ProjectConfig` in
`schema.prisma`.
> - Updates `TeamSystemPermission` enum to include `MANAGE_API_KEYS`.
> - Ensures API key operations respect project configurations and
user/team permissions.
> - **Testing and Examples**:
> - Adds extensive tests in `api-keys.test.ts` to cover various API key
scenarios.
> - Updates example projects to demonstrate API key usage.
> - **Miscellaneous**:
> - Refactors existing code to integrate API key functionalities.
> - Updates documentation and type definitions to reflect new API key
features.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for
|