feat: Guest email authentication (#1088)

* feat: API endpoints for email signin

* fix: After testing

* Initial signin flow working

* move shared middleware

* feat: Add guest signin toggle, obey on endpoints

* feat: Basic email signin when enabled

* Improve guest signin email
Disable double signin with JWT

* fix: Simple rate limiting

* create placeholder users in db

* fix: Give invited users default avatar
add invited users to people settings

* test

* add transaction

* tmp: test CI

* derp

* md5

* urgh

* again

* test: pass

* test

* fix: Remove usage of data values

* guest signin page

* Visually separator 'Invited' from other people tabs

* fix: Edge case attempting SSO signin for guest email account

* fix: Correctly set email auth method to cookie

* Improve rate limit error display

* lint: cleanup / comments

* Improve invalid token error display

* style tweaks

* pass guest value to subdomain

* Restore copy link option

* feat: Allow invite revoke from people management

* fix: Incorrect users email schema does not allow for user deletion

* lint

* fix: avatarUrl for deleted user failure

* change default to off for guest invites

* fix: Changing security settings wipes subdomain

* fix: user delete permissioning

* test: Add user.invite specs

app/stores/AuthStore.js

@@ -29,8 +29,8 @@ export default class AuthStore {
     }
 
     this.rootStore = rootStore;
-    this.user = data.user;
-    this.team = data.team;
+    this.user = new User(data.user);
+    this.team = new Team(data.team);
     this.token = getCookie('accessToken');
 
     if (this.token) setImmediate(() => this.fetch());
@@ -72,8 +72,8 @@ export default class AuthStore {
       runInAction('AuthStore#fetch', () => {
         this.addPolicies(res.policies);
         const { user, team } = res.data;
-        this.user = user;
-        this.team = team;
+        this.user = new User(user);
+        this.team = new Team(team);
 
         if (window.Bugsnag) {
           Bugsnag.user = {
@@ -141,7 +141,7 @@ export default class AuthStore {
 
       runInAction('AuthStore#updateTeam', () => {
         this.addPolicies(res.policies);
-        this.team = res.data;
+        this.team = new Team(res.data);
       });
     } finally {
       this.isSaving = false;

app/stores/BaseStore.js

@@ -114,14 +114,17 @@ export default class BaseStore<T: BaseModel> {
   }
 
   @action
-  async delete(item: T) {
+  async delete(item: T, options?: Object = {}) {
     if (!this.actions.includes('delete')) {
       throw new Error(`Cannot delete ${this.modelName}`);
     }
     this.isSaving = true;
 
     try {
-      await client.post(`/${this.modelName}s.delete`, { id: item.id });
+      await client.post(`/${this.modelName}s.delete`, {
+        id: item.id,
+        ...options,
+      });
       return this.remove(item.id);
     } finally {
       this.isSaving = false;

app/stores/UsersStore.js

@@ -14,7 +14,10 @@ export default class UsersStore extends BaseStore<User> {
 
   @computed
   get active(): User[] {
-    return filter(this.orderedData, user => !user.isSuspended);
+    return filter(
+      this.orderedData,
+      user => !user.isSuspended && user.lastActiveAt
+    );
   }
 
   @computed
@@ -22,11 +25,21 @@ export default class UsersStore extends BaseStore<User> {
     return filter(this.orderedData, user => user.isSuspended);
   }
 
+  @computed
+  get invited(): User[] {
+    return filter(this.orderedData, user => !user.lastActiveAt);
+  }
+
   @computed
   get admins(): User[] {
     return filter(this.orderedData, user => user.isAdmin);
   }
 
+  @computed
+  get all(): User[] {
+    return filter(this.orderedData, user => user.lastActiveAt);
+  }
+
   @computed
   get orderedData(): User[] {
     return orderBy(Array.from(this.data.values()), 'name', 'asc');