Multi-tenant invite system without SMTP dependency. Designed for dev/early
stage; promotes to email-driven later by adding SMTP to Appwrite.
New schema:
- invite_links table (code, email, role, status, expiresAt, invitedBy)
with unique index on code, indexes on (tenantId,status) and (tenantId,email)
New code:
- lib/appwrite/audit.ts: logAudit() helper writes to audit_logs with
X-Forwarded-For/User-Agent capture; never throws.
- lib/appwrite/tenant-guard.ts: requireTenant() returns
{ user, tenantId, role, settings }; pulls highest role from team
memberships. requireRole() guard.
- lib/appwrite/team-actions.ts:
* inviteMemberAction — creates short code (8 char nanoid-style),
inserts invite_links row with team-scoped perms, returns shortUrl.
Reuses existing pending invite for same email instead of duplicating.
Blocks self-invite, blocks invite of existing members.
* cancelInviteAction — owner/admin only, marks status=cancelled.
* removeMemberAction — owner/admin only; protects self-removal and
requires owner-on-owner.
* updateMemberRoleAction — owner only.
* resolveInviteCode — public-ish lookup by code (admin SDK).
* acceptInviteAction — verifies session.email matches invite.email,
creates membership via admin SDK, marks invite accepted.
All mutations write to audit_logs.
UI:
- /d/[code] short-URL accept page (server). Logged-in matching user
sees 'Daveti kabul et' button; non-matching user sees error; logged-out
user gets sign-up / sign-in CTAs that preserve the code.
- /settings/members page (server): InviteForm, PendingInvitesTable,
MembersTable. Owner/admin gates respected; only owner can change roles.
- Sign-up and sign-in forms accept ?invite=CODE (and ?email= for sign-up):
hidden input -> server action redirects to /d/CODE on success.
Other:
- next.config.ts: removed eslint config block (deprecated in Next 16);
kept typescript.ignoreBuildErrors for template legacy.
Server-action files ('use server') can only export async functions.
Exporting initialAuthState (object) caused:
'A use server file can only export async functions, found object'
when sign-up form was submitted.
Moved AuthState type and initialAuthState const to lib/appwrite/auth-types.ts.
Updated 3 form components to import the const from the new location.
- Server actions in lib/appwrite/auth-actions.ts:
signInAction, signUpAction, forgotPasswordAction, signOutAction
All use node-appwrite admin client; session secret stored as httpOnly
cookie (isletmem-session). Errors localized to Turkish.
- Redesigned /sign-in and /sign-up using sign-in-3 split-card layout,
branded as 'İşletmem' with gradient brand panel (no external image).
Removed social login buttons (email/password only for now).
- /forgot-password localized; success state shows email-sent confirmation.
- Auth pages redirect to /dashboard if user already has a session.
- middleware.ts:
* Protects /dashboard, /onboarding, /settings — redirects to /sign-in?redirect=...
* Auth pages redirect logged-in users to /dashboard
* Keeps legacy /login and /register redirects