@alanbraulio-plankchecks…self-serve/03-signup-flow → self-serve/02d-routers-apps-authcfg-misc17 files · +3102 −13updated 1mo agoStack order: Merge after PR 5 — apps, auth-configs, misc routers.
Adds the complete self-serve signup flow: from the public /signup page through Google/Microsoft OAuth to org provisioning.
/signup, enters org name and emailuser@acme.com): org name/slug auto-derived from domainuser@gmail.com): redirected to org name input formOrganization record with tier: free_trial and 14-day trialExpiresAtUserMapping record for orgId resolutionorg_admin role via FusionAuth registrationteam_admin| Category | Files |
|---|---|
| Signup page | app/signup/page.tsx, signup-form.tsx, signup-hero.tsx |
| OAuth routes | api/auth/self-serve/callback/route.ts, confirm-email/route.ts, create-org/route.ts |
| Server logic | self-serve-auth.ts (token validation), self-serve-idp-hint.ts (Google/MS detection), self-serve-org-derivation.ts (domain → org slug), self-serve-provision-org.ts (org creation), self-serve-signup-state.ts (cookie-based state machine), signup-rate-limit.ts |
| FusionAuth | fusionauth.ts — extended with self-serve tenant operations (group creation, user registration) |
| Auth routes | claim-admin/route.ts (founder promotion), oauth/authorize/route.ts (MCP OAuth support) |
| Analytics | analytics.ts — event types for signup funnel tracking |
| Onboarding tRPC | start-self-serve-signup.ts — mutation to initiate signup |
UserMapping table.SIGNUP_RATE_LIMIT_* env vars (default: 10 signups per 60s window).| # | PR | Link |
|---|---|---|
| 1 | Foundation | #458 |
| 2 | Core orgId Resolution | #459 |
| 3 | Routers: orgs, audit, onboarding | #460 |
| 4 | Routers: teams, connections, me | #461 |
| 5 | Routers: apps, auth-configs, misc | #462 |
| 6 | Self-Serve Signup Flow | this PR |
| 7 | Sign-In & Auth Broker | #464 |
| 8 | Trial UI | #465 |
| 9 | Enterprise Tier Gates | #466 |
| 10 | Trial Lifecycle | #467 |
| 11 | Proxy Trial Lock | #468 |
| 12 | Tests & Fixtures | #469 |