feat(gateway): confirmEmailLink RPC + language on the email request + profile event

Add the confirm-link edge method (auth.email.confirm_link): a new
EmailConfirmLinkRequest/Result fbs table, the transcode const + handler + encoder,
and the backend-client call to the existing /sessions/email/confirm-link endpoint —
it rides Execute under the existing service prefix, so no proto/Caddy change. Add a
language field to EmailRequestRequest and forward it (the backend already seeds it).
Add the NotifyProfile sub-kind + notify.ProfileChanged, published by the confirm-link
handler on a successful link so an in-app session re-fetches its profile when the
email was confirmed in another browser. Regenerated fbs bindings (Go + TS).
This commit is contained in:
Ilia Denisov
2026-07-03 04:22:09 +02:00
parent 25d80bc31d
commit 762155a55e
14 changed files with 418 additions and 41 deletions
+18 -1
View File
@@ -132,10 +132,12 @@ table GuestLoginRequest {
// EmailRequestRequest asks the backend to send a login confirm-code to email. It
// also provisions the account on first contact, so browser_tz (the detected UTC
// offset) is seeded into its time zone here, not at the later login step.
// offset) is seeded into its time zone here, not at the later login step; language
// (the client's UI language) seeds the new account's language and localises the email.
table EmailRequestRequest {
email:string;
browser_tz:string;
language:string;
}
// EmailLoginRequest logs in to the account owning email (provisioned at the
@@ -145,6 +147,21 @@ table EmailLoginRequest {
code:string;
}
// EmailConfirmLinkRequest verifies a one-tap deeplink token from a confirmation
// email. The token, not a session, is the authorization.
table EmailConfirmLinkRequest {
token:string;
}
// EmailConfirmLinkResult is the outcome of a deeplink confirmation: purpose is
// "login" or "link"; for a login session carries the minted credential; for a link
// status is "confirmed" or "merge_required" (the app completes the merge).
table EmailConfirmLinkResult {
purpose:string;
status:string;
session:Session;
}
// Session is the minted credential returned by every auth operation.
table Session {
token:string;