medusa
medusa copied to clipboard
medusajs
feat(admin-next): Email password invite flow in admin 2.0
Add invite flow for email-password auth provider
https://github.com/medusajs/medusa/assets/59018053/553adf5d-e122-4115-b4a8-288eaad84859
To test it out, you need the latest changes from develop, in which invite support has been added to our CLI.
Then do:
- Run admin dashboard:
cd packages/admin-next/dashboard && yarn run dev - Start your Medusa project (that has latest changes)
- Run the following command in your Medusa project:
medusa user -e [email protected] --invite - Copy token from terminal output
- Access the invite URL in admin:
http://localhost:5173/invite?token=[token] - Accept the invite
⚠️ No Changeset found
Latest commit: 16b1b5eb27146a14e90978e3131cab35c42d173c
Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.
This PR includes no changesets
When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types
Click here to learn what changesets are, and how to add one.
Click here if you're a maintainer who wants to add a changeset to this PR
![changeset-bot[bot] avatar](https://avatars.githubusercontent.com/in/28616?v=4 "Published by a pub.dev verified publisher"){kind=small}
The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| medusa-dashboard | ✅ Ready (Inspect) | Visit Preview | 💬 Add feedback | Mar 28, 2024 10:38am |
3 Ignored Deployments
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| api-reference | ⬜️ Ignored (Inspect) | Mar 28, 2024 10:38am | ||
| docs-ui | ⬜️ Ignored (Inspect) | Visit Preview | Mar 28, 2024 10:38am | |
| medusa-docs | ⬜️ Ignored (Inspect) | Visit Preview | Mar 28, 2024 10:38am |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
The main flow works nicely!
However, I've noticed 2 issues:
-
If you try to reuse the same invite link twice -> it won't create an account but the flow will look like everything is OK (should we check if the invite token is used already?)
-
The other odd issue, probably not directly related to your PR is that when you try to log in with email/pass that doesn't exist....it will create a new record in
auth_usertable
If you try to reuse the same invite link twice -> it won't create an account but the flow will look like everything is OK (should we check if the invite token is used already?)
Did you accept it with a different email + password or the same as the first time?
The other odd issue, probably not directly related to your PR is that when you try to log in with email/pass that doesn't exist....it will create a new record in auth_user table
This is actually intended behaviour and part of our new auth flow. Funny enough, I just had a discussed with Seb on how to address this in our docs. Probably could have a cron job cleaning up unused auth users on a fixed schedule, but we'll let that be up to users to decide
Did you accept it with a different email + password or the same as the first time?
I used a different email.
This is actually intended behaviour and part of our new auth flow.
Ahh alright 😅 I thought that might be intentional but wanted to check.
"Issue" with double-accepting invites resolved internally. We failed to reproduce, so will keep it as is.