Stage 11: account linking & merge (email + Telegram Login Widget)
Tests · Go / test (push) Successful in 7s
Tests · Integration / integration (push) Successful in 11s
Tests · UI / test (push) Successful in 20s
Tests · Go / test (pull_request) Successful in 6s
Tests · Integration / integration (pull_request) Successful in 11s
Tests · UI / test (pull_request) Successful in 19s
Tests · Go / test (push) Successful in 7s
Tests · Integration / integration (push) Successful in 11s
Tests · UI / test (push) Successful in 20s
Tests · Go / test (pull_request) Successful in 6s
Tests · Integration / integration (pull_request) Successful in 11s
Tests · UI / test (pull_request) Successful in 19s
Link an email (confirm-code) or Telegram (web Login Widget) to the current account; if the identity already has its own account, merge the two into the one in use (the current account is primary, except a guest initiator whose durable counterpart wins). The merge runs in one transaction (internal/accountmerge): stats + hint wallet summed, paid_account ORed, identities/games/chat/complaints transferred, friends/blocks de-duplicated, the secondary kept as a merged_into tombstone so a shared finished game's no-cascade FKs hold; a shared active game blocks the merge. - migration 00009: accounts.paid_account, merged_into, merged_at (+ jetgen) - internal/link orchestrator; session.RevokeAllForAccount on merge - connector ValidateLoginWidget RPC + loginwidget HMAC validator - edge ops link.email.request/confirm/merge, link.telegram.confirm/merge; supersedes the Stage 8 email.bind.* surface (request never reveals 'taken' before the code is verified, so a probe cannot enumerate addresses) - UI Profile link section + irreversible-merge dialog; Telegram web sign-in - focused regression tests (merge core, guest inversion, active-game refusal, finished-shared-game kept), gateway transcode + connector + UI codec/e2e - docs: PLAN, ARCHITECTURE 3/4/9, FUNCTIONAL(+ru), module READMEs
This commit is contained in:
Ilia Denisov
+29
-5
@@ -272,18 +272,42 @@ table UpdateProfileRequest {
|
||||
notifications_in_app_only:bool = true;
|
||||
}
|
||||
|
||||
// EmailBindRequest asks the backend to send a confirm-code binding email to the
|
||||
// caller's account.
|
||||
table EmailBindRequest {
|
||||
// --- account linking & merge (Stage 11, authenticated) ---
|
||||
|
||||
// LinkEmailRequest mails a confirm-code to email for a later link or merge. The
|
||||
// code is always sent (no pre-send "taken" signal), so a probe cannot enumerate
|
||||
// registered addresses.
|
||||
table LinkEmailRequest {
|
||||
email:string;
|
||||
}
|
||||
|
||||
// EmailConfirmRequest verifies the code and binds the email (returns Profile).
|
||||
table EmailConfirmRequest {
|
||||
// LinkEmailConfirm carries the email and its confirm code, for both the confirm
|
||||
// (preview) and the explicit merge step.
|
||||
table LinkEmailConfirm {
|
||||
email:string;
|
||||
code:string;
|
||||
}
|
||||
|
||||
// LinkTelegramRequest carries Telegram Login Widget data (a URL query string) for
|
||||
// attaching a Telegram identity to the current account.
|
||||
table LinkTelegramRequest {
|
||||
data:string;
|
||||
}
|
||||
|
||||
// LinkResult is the unified result of a confirm or merge step. status is "linked"
|
||||
// (bound to the caller), "merge_required" (the identity belongs to another account —
|
||||
// the secondary_* fields summarise it for the irreversible confirmation), or
|
||||
// "merged" (done). session is present only when the active account switched (a guest
|
||||
// initiator whose durable counterpart won) — the client adopts it.
|
||||
table LinkResult {
|
||||
status:string;
|
||||
secondary_user_id:string;
|
||||
secondary_display_name:string;
|
||||
secondary_games:int;
|
||||
secondary_friends:int;
|
||||
session:Session;
|
||||
}
|
||||
|
||||
// StatsView is a durable account's lifetime statistics (games-played and win-rate
|
||||
// are derived client-side).
|
||||
table StatsView {
|
||||
|
||||
Reference in New Issue
Block a user