taorepoara
commented
5 months ago Are the invitations linking to the API endpoint (api.lenra.io) or the client (app.lenra.io) one ?
Since the user must be logged in, client changes might be needed.
Closed jonas-martinez closed 5 months ago
taorepoara
commented
5 months ago Are the invitations linking to the API endpoint (api.lenra.io) or the client (app.lenra.io) one ?
Since the user must be logged in, client changes might be needed.
jonas-martinez
commented
5 months ago @taorepoara They are linked to the app.lenra.io endpoint. What changes are you thinking about ?
taorepoara
commented
5 months ago The client does not check if the user is connected them before calling the API.
We should add changes in the client to login the user if he's not and then call the API (with your fix)
I'll approve this one, but you should create an issue in the client to do this change
taorepoara
commented
5 months ago :tada: This PR is included in version 1.3.2 :tada:
The release is available on:
v1.3.2Your semantic-release bot :package::rocket:
About this PR
Closes https://github.com/lenra-io/server/issues/518
Technical highlight/advice
I just changed the way we use the scopes for the invitations route.
It is important to use the :manage_account_scope as I did in this PR because it sets the user in the current connexion. The user is used in the :ensure_cgs_accepted, this is why I had to add the scope mentioned previously.
How to test my changes
Just run the server, backoffice and client as always. Create an application and try to invite yourself on another email address. Then, connect to the client using this new account and accept the invitation, you are properly redirected to the app.
Checklist
I included unit tests that cover my changes
I added/updated the documentation about my changes