feat: add team invitation acceptance flow with email link routing

Implement end-to-end invitation acceptance: neutral entry route validates token and routes to register (new users), login (existing users), or auto-accepts (authenticated users). Handles 2FA token survival via session, email case-insensitive matching, and dedicated error pages. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 15:16:45 +01:00
parent 8f39bd9b73
commit 88e5803061
13 changed files with 422 additions and 19 deletions
--- a/app/Providers/FortifyServiceProvider.php
+++ b/app/Providers/FortifyServiceProvider.php
@@ -20,7 +20,15 @@ class FortifyServiceProvider extends ServiceProvider
     */
    public function register(): void
    {
-        //
+        $this->app->singleton(
+            \Laravel\Fortify\Contracts\RegisterResponse::class,
+            \App\Http\Responses\RegisterResponse::class
+        );
+
+        $this->app->singleton(
+            \Laravel\Fortify\Contracts\LoginResponse::class,
+            \App\Http\Responses\LoginResponse::class
+        );
    }

    /**
@@ -47,11 +55,21 @@ class FortifyServiceProvider extends ServiceProvider
     */
    private function configureViews(): void
    {
-        Fortify::loginView(fn (Request $request) => Inertia::render('auth/Login', [
-            'canResetPassword' => Features::enabled(Features::resetPasswords()),
-            'canRegister' => Features::enabled(Features::registration()),
-            'status' => $request->session()->get('status'),
-        ]));
+        Fortify::loginView(function (Request $request) {
+            $props = [
+                'canResetPassword' => Features::enabled(Features::resetPasswords()),
+                'canRegister' => Features::enabled(Features::registration()),
+                'status' => $request->session()->get('status'),
+            ];
+
+            $token = $request->query('invitation');
+            if ($token) {
+                $props['invitation'] = $token;
+                $request->session()->put('pending_invitation_token', $token);
+            }
+
+            return Inertia::render('auth/Login', $props);
+        });

        Fortify::resetPasswordView(fn (Request $request) => Inertia::render('auth/ResetPassword', [
            'email' => $request->email,
@@ -66,7 +84,20 @@ class FortifyServiceProvider extends ServiceProvider
            'status' => $request->session()->get('status'),
        ]));

-        Fortify::registerView(fn () => Inertia::render('auth/Register'));
+        Fortify::registerView(function (Request $request) {
+            $props = [];
+
+            $token = $request->query('invitation');
+            if ($token) {
+                $invitation = \App\Models\TeamInvitation::where('token', $token)->first();
+                if ($invitation && $invitation->isValid()) {
+                    $props['invitation'] = $token;
+                    $props['invitationEmail'] = $invitation->email;
+                }
+            }
+
+            return Inertia::render('auth/Register', $props);
+        });

        Fortify::twoFactorChallengeView(fn () => Inertia::render('auth/TwoFactorChallenge'));