feat(events): guest accounts for public event registration
Non-members who register for an event now get a persistent identity: with consent, a status:"guest" Member is upserted and an auth cookie is set so the "You're Registered" state survives a page refresh. Tiered auto-login matches passwordless-auth norms — auto-login is only safe when the account holds no privileges: - New email → create guest + cookie - Returning guest → cookie - Existing non-guest (active/pending/etc.) → attach ticket only, no cookie, confirmation email includes a sign-in link Guests are gated on status === "guest", so admin/middleware code that keys on status === "active" naturally excludes them. Guests are also treated as non-members for ticket pricing/validation to prevent picking up member-only pricing on their second registration.
This commit is contained in:
parent
7e7672d52b
commit
6f9e6a3d98
7 changed files with 162 additions and 10 deletions
|
|
@ -95,7 +95,8 @@ export const helcimUpdateBillingSchema = z.object({
|
|||
export const ticketPurchaseSchema = z.object({
|
||||
name: z.string().min(1).max(200),
|
||||
email: z.string().trim().toLowerCase().email(),
|
||||
transactionId: z.string().max(500).optional()
|
||||
transactionId: z.string().max(500).optional(),
|
||||
createAccount: z.boolean().optional().default(true)
|
||||
})
|
||||
|
||||
export const ticketReserveSchema = z.object({
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue