feat(account): restore the confirm deeplink token (domain layer)
Re-apply the deeplink backend deferred out of PR1a: migration 00006 adds email_confirmations.purpose + link_token_hash (hand-edited jet), each issued code now carries an opaque 256-bit token (only its SHA-256 stored), and ConfirmByToken resolves a token to a login (confirm + clear guest) or a link (attach when free, signal merge when owned elsewhere). issueCode now embeds the /app/#/confirm/<token> link in the email. The confirm endpoint, gateway RPC and SPA route follow.
This commit is contained in:
@@ -21,4 +21,6 @@ type EmailConfirmations struct {
|
||||
Attempts int16
|
||||
ConsumedAt *time.Time
|
||||
CreatedAt time.Time
|
||||
Purpose string
|
||||
LinkTokenHash *string
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user