[PR #295] [MERGED] Add Email Invite Functionality #3762

New Issue

OVERLORD · 2025-10-09T18:29:36+03:00

OVERLORD commented

2025-10-09 18:29:36 +03:00

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/295
Author: @njfox
Created: 12/16/2018
Status: ✅ Merged
Merged: 12/21/2018
Merged by: @dani-garcia

Base: master ← Head: invite_emails

📝 Commits (10+)

680f5e8 Add Invite JWT struct and supporting functions
e2907f4 Add invite email functionality
d428120 Add email_invitations config option
4910b14 Implement email invitations and registration workflow
e245e96 Fix broken rebase
042c107 Remove CONFIG.email_invitation option
9479108 Remove CONFIG.email_invitations
26bf7bc Use upstream jslib invite/registration workflow
99256b9 Prefix unused params with underscore
2cd736a Validate JWT if a user registers with SMTP invites enabled

📊 Changes

6 files changed (+178 additions, -12 deletions)

View changed files

📝 BUILD.md (+3 -0)
📝 Dockerfile.alpine (+3 -1)
📝 src/api/core/accounts.rs (+30 -9)
📝 src/api/core/organizations.rs (+76 -2)
📝 src/auth.rs (+37 -0)
📝 src/mail.rs (+29 -0)

📄 Description

This PR adds support for emailing invite tokens to users who are invited to organizations. EMAIL_INVITATIONS has been added as a config option that, when enabled, will cause the /invite endpoint to generate a JWT which is valid for 5 days and email the user a link. When the user clicks the link, their UserOrganization status is set to "Accepted", which is what happened automatically before. The previous behavior is unchanged when EMAIL_INVITATIONS is not explicitly enabled.

Note the TODO in src/api/core/organizations.rs:511--currently, when the user clicks the invite link, they are just presented with a blank page. I couldn't figure out how to get redirection working in rocket but ideally they would be automatically redirected to the registration page with their email address pre-filled (ie something like rocket::response::Redirect::to(format!("/#/register?email={}", invite_claims.email)).

I think a good next step after getting the redirect working would be to email the user who sent the invitation to let them know it has been accepted, and it would be trivial to add to the new #[get("/organizations/<org_id>/users/<org_user_id>/accept?<token>")] endpoint added in this PR.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/295 **Author:** [@njfox](https://github.com/njfox) **Created:** 12/16/2018 **Status:** ✅ Merged **Merged:** 12/21/2018 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `master` ← **Head:** `invite_emails` --- ### 📝 Commits (10+) - [`680f5e8`](https://github.com/dani-garcia/vaultwarden/commit/680f5e83d802e69b5ee890fd9be42d745a0cd43c) Add Invite JWT struct and supporting functions - [`e2907f4`](https://github.com/dani-garcia/vaultwarden/commit/e2907f4250b41ffcb00135ecc6b96e3c58d21ff4) Add invite email functionality - [`d428120`](https://github.com/dani-garcia/vaultwarden/commit/d428120ec645ad5089833b405c2ee73d094e0e37) Add email_invitations config option - [`4910b14`](https://github.com/dani-garcia/vaultwarden/commit/4910b14d57b173c23a893fe778e1c24d2c617e16) Implement email invitations and registration workflow - [`e245e96`](https://github.com/dani-garcia/vaultwarden/commit/e245e965baaef161c7407f5eead1115641d27a4f) Fix broken rebase - [`042c107`](https://github.com/dani-garcia/vaultwarden/commit/042c1072d9f35003348815288693324028646a5d) Remove CONFIG.email_invitation option - [`9479108`](https://github.com/dani-garcia/vaultwarden/commit/9479108fb7861b2abf67be9c7825c6b7f3e4fa3d) Remove CONFIG.email_invitations - [`26bf7bc`](https://github.com/dani-garcia/vaultwarden/commit/26bf7bc12f9d6eda0426a545d52a7236a39cf5a7) Use upstream jslib invite/registration workflow - [`99256b9`](https://github.com/dani-garcia/vaultwarden/commit/99256b9b3a53831367c0616ce834aeb65f53cbd2) Prefix unused params with underscore - [`2cd736a`](https://github.com/dani-garcia/vaultwarden/commit/2cd736ab817e2d1c717ec876978cd2623e62665a) Validate JWT if a user registers with SMTP invites enabled ### 📊 Changes **6 files changed** (+178 additions, -12 deletions) <details> <summary>View changed files</summary> 📝 `BUILD.md` (+3 -0) 📝 `Dockerfile.alpine` (+3 -1) 📝 `src/api/core/accounts.rs` (+30 -9) 📝 `src/api/core/organizations.rs` (+76 -2) 📝 `src/auth.rs` (+37 -0) 📝 `src/mail.rs` (+29 -0) </details> ### 📄 Description This PR adds support for emailing invite tokens to users who are invited to organizations. `EMAIL_INVITATIONS` has been added as a config option that, when enabled, will cause the /invite endpoint to generate a JWT which is valid for 5 days and email the user a link. When the user clicks the link, their UserOrganization status is set to "Accepted", which is what happened automatically before. The previous behavior is unchanged when `EMAIL_INVITATIONS` is not explicitly enabled. Note the TODO in src/api/core/organizations.rs:511--currently, when the user clicks the invite link, they are just presented with a blank page. I couldn't figure out how to get redirection working in rocket but ideally they would be automatically redirected to the registration page with their email address pre-filled (ie something like `rocket::response::Redirect::to(format!("/#/register?email={}", invite_claims.email))`. I think a good next step after getting the redirect working would be to email the user who sent the invitation to let them know it has been accepted, and it would be trivial to add to the new `#[get("/organizations/<org_id>/users/<org_user_id>/accept?<token>")]` endpoint added in this PR. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

OVERLORD added the pull-request label 2025-10-09 18:29:36 +03:00

OVERLORD closed this issue

2025-10-09 18:29:38 +03:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#3762