feat(m5c): onboarding — DB invites, request-access, admin approval, email
Move the access whitelist from the ALLOWED_EMAILS env var into a DB Invite table (env kept as bootstrap fallback), and add a self-service request + admin approval flow with fail-soft email. - models: Invite(email, status pending|approved|denied, requested_at, decided_*) - migration 0008: invites table; seed env ALLOWED_EMAILS u ADMIN_EMAILS as approved - auth: is_allowed() (DB-first, env fallback); a denied Google login records a pending request and bounces to /?access=requested instead of a raw 403; public POST /auth/request-access; upsert is idempotent so repeats don't re-spam admins - routes/admin.py (admin-only): list/approve/deny invites + manual add - email.py: smtplib + Gmail App Password, fail-soft (skips if SMTP unset) - /api/me exposes pending_invites; config + .env.example gain SMTP_* - UI: Login 'Request access' form + access=requested/denied handling; Settings -> Access requests (approve/deny + add); admin nudge toast on pending requests Verified locally: request-access creates a pending invite and emails the admin; seed approved npeter83; guinea-pig yt.trash2023 denied until approved.
This commit is contained in:
parent
5754f47f20
commit
2add173760
13 changed files with 605 additions and 15 deletions
10
.env.example
10
.env.example
|
|
@ -36,6 +36,16 @@ FRONTEND_ORIGIN=
|
|||
# screen is in "Testing"). Strongly recommended for the always-on server instance.
|
||||
YOUTUBE_API_KEY=
|
||||
|
||||
# Optional: outbound email for onboarding (access-request + approval notices). Gmail SMTP +
|
||||
# App Password (account needs 2FA; generate at https://myaccount.google.com/apppasswords under
|
||||
# the SENDING account). All optional — if unset, email is skipped and onboarding still works
|
||||
# via in-app notifications. SMTP_FROM falls back to SMTP_USER.
|
||||
SMTP_HOST=
|
||||
SMTP_PORT=587
|
||||
SMTP_USER=
|
||||
SMTP_PASSWORD=
|
||||
SMTP_FROM=
|
||||
|
||||
# --- Deployment role ---
|
||||
# DATABASE_URL is set automatically by docker-compose.yml / docker-compose.server.yml to the
|
||||
# bundled `db` service. Override it only for local dev against the central server DB, e.g.:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue