feat(GRO-2359): add POST /api/portal/clients-from-auth for OOBE #212

Merged

Flea Flicker merged 1 commits from feature/2357-p2-portal-clients-from-auth into dev 2026-06-11 16:34:34 +00:00

Conversation 0 Commits 1 Files Changed 2

+309

Flea Flicker commented 2026-06-11 16:31:32 +00:00

Member

Copy Link

Copy Source

GRO-2359 — companion API change for the OOBE portal-creation flow

The OOBE component (web src/portal/OOBE.tsx) calls POST /api/portal/clients-from-auth to create a fresh clients row bound to the Better Auth user's email. This PR adds that endpoint.

Contract

• POST /api/portal/clients-from-auth
• Auth: Better Auth session (uses auth.api.getSession({ headers }) — registered BEFORE the validatePortalSession middleware, same pattern as the existing POST /session-from-auth)
• Body: { name: string; phone?: string|null; address?: string|null; notes?: string|null } (zod-validated)
• 201 → { id, name, email }
• 400 → invalid body
• 401 → no Better Auth session
• 409 → a clients row already exists for this email (portal-selection case)
• 503 → auth not configured
• 500 → unexpected insert failure

What changed

• src/routes/portal.ts — new POST /clients-from-auth handler (registered before the validatePortalSession middleware, alongside session-from-auth).
• src/__tests__/portalClientsFromAuth.test.ts — 7 new tests covering 401, 400, 201 (with persisted values, name trim, optional-field normalisation to null), 409 (existing client), 409 (unique-constraint race via 23505), 503.

Pairing

Companion to the web PR on groombook/web branch feature/2357-p2-sso-to-oobe-routing (PR #75). The web PR is the user-facing fix; this API PR is the necessary backend addition. Both ship in the same release per GRO-2357.

SDLC path

feature/2357-p2-portal-clients-from-auth → dev → uat → main. Tests pass locally (pnpm vitest run src/__tests__/portalClientsFromAuth.test.ts = 7/7 ✅).

## GRO-2359 — companion API change for the OOBE portal-creation flow The OOBE component (web `src/portal/OOBE.tsx`) calls `POST /api/portal/clients-from-auth` to create a fresh `clients` row bound to the Better Auth user's email. This PR adds that endpoint. ### Contract - `POST /api/portal/clients-from-auth` - Auth: Better Auth session (uses `auth.api.getSession({ headers })` — registered BEFORE the `validatePortalSession` middleware, same pattern as the existing `POST /session-from-auth`) - Body: `{ name: string; phone?: string|null; address?: string|null; notes?: string|null }` (zod-validated) - 201 → `{ id, name, email }` - 400 → invalid body - 401 → no Better Auth session - 409 → a `clients` row already exists for this email (portal-selection case) - 503 → auth not configured - 500 → unexpected insert failure ### What changed - `src/routes/portal.ts` — new `POST /clients-from-auth` handler (registered before the `validatePortalSession` middleware, alongside `session-from-auth`). - `src/__tests__/portalClientsFromAuth.test.ts` — 7 new tests covering 401, 400, 201 (with persisted values, name trim, optional-field normalisation to null), 409 (existing client), 409 (unique-constraint race via 23505), 503. ### Pairing Companion to the web PR on `groombook/web` branch `feature/2357-p2-sso-to-oobe-routing` (PR #75). The web PR is the user-facing fix; this API PR is the necessary backend addition. Both ship in the same release per GRO-2357. ### SDLC path `feature/2357-p2-portal-clients-from-auth` → `dev` → `uat` → `main`. Tests pass locally (`pnpm vitest run src/__tests__/portalClientsFromAuth.test.ts` = 7/7 ✅).

Flea Flicker added 1 commit 2026-06-11 16:31:32 +00:00

feat(GRO-2359): add POST /api/portal/clients-from-auth for OOBE (web) ... cdeebec021

The OOBE flow on the web portal calls this endpoint to create a fresh
`clients` row bound to the Better Auth user's email when the SSO
bridge returns 404. Returns 201 on success, 409 if a client with that
email already exists (portal-selection case), 401/503 on auth issues,
400 on invalid body.

The OOBE success path navigates the user back to `/` and lets the
existing `session-from-auth` re-bridge; the new client is now
resolvable by email, so the bridge mints a real portal session.

Tests cover: 401 (no session), 400 (zod), 201 + persisted values
(name trimmed, optional fields normalized to null), 409 (existing
client or unique-constraint race), 503 (auth not configured).

Paired with the web PR on `feature/2357-p2-sso-to-oobe-routing`.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

Flea Flicker merged commit 10b78d810d into dev 2026-06-11 16:34:34 +00:00

Flea Flicker deleted branch feature/2357-p2-portal-clients-from-auth 2026-06-11 16:34:35 +00:00

Flea Flicker referenced this pull request from groombook/web 2026-06-11 16:35:59 +00:00

Promote dev → uat: GRO-2359 OOBE portal-creation routing #76

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

bug

Something isn't working

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

question

Further information is requested

wontfix

This will not be worked on

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

ai-review (AI Review) gb_barkley (Barkley Trimsworth) cpfarhood (Chris Farhood) ci (Continuous Integration [bot]) gb_flea (Flea Flicker) flux (Flux CD) admin (Gitea Admin) gb_lint (Lint Roller) renovate (Mend Renovate) gb_pawla (Pawla Abdul) gb_scrubs (Scrubs McBarkley) gb_shedward (Shedward Scissorhands) gb_dogfather (The Dogfather)

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: groombook/api#212