zaid.marzguioui/myeasycms-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ebd0fd4638550c38ff92323057eb5d733cfde5f8
myeasycms-v2/apps/web/app/api/club/accept-invite/route.ts
Zaid Marzguioui 1294caa7fa
Some checks failed
Workflow / ⚫️ Test (push) Has been cancelled
Details
Workflow / ʦ TypeScript (push) Has been cancelled
Details
feat: MyEasyCMS v2 — Full SaaS rebuild 
Complete rebuild of 22-year-old PHP CMS as modern SaaS:

Database (15 migrations, 42+ tables):
- Foundation: account_settings, audit_log, GDPR register, cms_files
- Module Engine: modules, fields, records, permissions, relations + RPC
- Members: 45+ field member profiles, departments, roles, honors, SEPA mandates
- Courses: courses, sessions, categories, instructors, locations, attendance
- Bookings: rooms, guests, bookings with availability
- Events: events, registrations, holiday passes
- Finance: SEPA batches/items (pain.008/001 XML), invoices
- Newsletter: campaigns, templates, recipients, subscriptions
- Site Builder: site_pages (Puck JSON), site_settings, cms_posts
- Portal Auth: member_portal_invitations, user linking

Feature Packages (9):
- @kit/module-builder — dynamic low-code CRUD engine
- @kit/member-management — 31 API methods, 21 actions, 8 components
- @kit/course-management, @kit/booking-management, @kit/event-management
- @kit/finance — SEPA XML generator + IBAN validator
- @kit/newsletter — campaigns + dispatch
- @kit/document-generator — PDF/Excel/Word
- @kit/site-builder — Puck visual editor, 15 blocks, public rendering

Pages (60+):
- Dashboard with real stats from all APIs
- Full CRUD for all 8 domains with react-hook-form + Zod
- Recharts statistics
- German i18n throughout
- Member portal with auth + invitation system
- Public club websites via Puck at /club/[slug]

Infrastructure:
- Dockerfile (multi-stage, standalone output)
- docker-compose.yml (Supabase self-hosted + Next.js)
- Kong API gateway config
- .env.production.example
2026-03-29 23:17:38 +02:00

76 lines
2.9 KiB
TypeScript
Raw Blame History

import { createClient } from '@supabase/supabase-js';
import { NextResponse } from 'next/server';
export async function POST(request: Request) {
try {
const formData = await request.formData();
const token = formData.get('token') as string;
const slug = formData.get('slug') as string;
const password = formData.get('password') as string;
if (!token || !password || password.length < 8) {
return NextResponse.json({ error: 'Ungültige Eingabe' }, { status: 400 });
}
// Use service role to create user + link member
const supabase = createClient(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.SUPABASE_SECRET_KEY!,
);
// 1. Get invitation
const { data: invitation, error: invError } = await supabase
.from('member_portal_invitations')
.select('id, email, member_id, account_id, status, expires_at')
.eq('invite_token', token)
.single();
if (invError || !invitation || invitation.status !== 'pending') {
return NextResponse.redirect(new URL(`/club/${slug}/portal/invite?token=${token}&error=invalid`, request.url));
}
if (new Date(invitation.expires_at) < new Date()) {
return NextResponse.redirect(new URL(`/club/${slug}/portal/invite?token=${token}&error=expired`, request.url));
}
// 2. Create auth user
const { data: authData, error: authError } = await supabase.auth.admin.createUser({
email: invitation.email,
password,
email_confirm: true,
user_metadata: { invited_via: 'member_portal' },
});
if (authError) {
// User might already exist — try to find them
const { data: existingUsers } = await supabase.auth.admin.listUsers();
const existing = existingUsers?.users?.find(u => u.email === invitation.email);
if (existing) {
// Link existing user to member
await supabase.from('members').update({ user_id: existing.id }).eq('id', invitation.member_id);
await supabase.from('member_portal_invitations').update({ status: 'accepted', accepted_at: new Date().toISOString() }).eq('id', invitation.id);
return NextResponse.redirect(new URL(`/club/${slug}/portal`, request.url));
}
console.error('[accept-invite] Auth error:', authError.message);
return NextResponse.redirect(new URL(`/club/${slug}/portal/invite?token=${token}&error=auth`, request.url));
}
// 3. Link member to user
await supabase.from('members').update({ user_id: authData.user.id }).eq('id', invitation.member_id);
// 4. Mark invitation as accepted
await supabase.from('member_portal_invitations').update({
status: 'accepted',
accepted_at: new Date().toISOString(),
}).eq('id', invitation.id);
// 5. Redirect to portal login
return NextResponse.redirect(new URL(`/club/${slug}/portal`, request.url));
} catch (err) {
console.error('[accept-invite] Error:', err);
return NextResponse.json({ error: 'Serverfehler' }, { status: 500 });
}
}
Reference in New Issue View Git Blame Copy Permalink