forgejo_admin/basketball-api
1
0
Fork 1
Code Issues 10 Pull requests 3 Projects Releases Packages Wiki Activity Actions

feat: generic coach signup page + JWT auth fix #32

Merged
forgejo_admin merged 1 commit from 30-generic-coach-signup-jwt-fix into main 2026-03-10 04:25:49 +00:00
Conversation 0 Commits 1 Files changed 3 +407
forgejo_admin commented 2026-03-10 04:23:01 +00:00
Owner
Copy link

Summary

Adds open-access coach signup routes (/coach/signup) so Marcus can share one link for all coaches, and fixes JWT token_issuer in AuthConfig so admin endpoints authenticate correctly against pal-e-auth tokens.

Changes

  • src/basketball_api/main.py -- Added token_issuer="pal-e-auth" to AuthConfig constructor so JWT decode validates the iss claim correctly.
  • src/basketball_api/routes/coach.py -- Added GET /coach/signup (renders branded agreement form with empty fields, no token required) and POST /coach/signup (creates Coach record with tenant_id=1, signs agreement, generates invite token, redirects to Stripe Connect onboarding). Handles duplicate emails: unsigned coaches get updated, signed coaches see "already registered" page.
  • tests/test_coach_signup.py -- Tests for GET signup page, POST happy path with Stripe redirect, agreement checkbox validation, Stripe failure error display, duplicate email handling for both signed and unsigned coaches.

Test Plan

  • ruff check src/ tests/ passes
  • ruff format --check src/ tests/ passes
  • pytest tests/ -v passes (requires Postgres -- verified via CI)
  • Visit /coach/signup -- should render branded agreement form
  • Submit signup form -- should create coach and redirect to Stripe
  • Submit with existing signed email -- should show "Already Registered"
  • Admin endpoints now accept JWT tokens with iss: pal-e-auth

Review Checklist

  • No new Alembic migration needed (no schema changes)
  • Ruff check and format pass
  • New routes are unauthenticated (by design -- open coach signup)
  • Hardcoded tenant_id=1 for Westside (matches issue spec)
  • Existing /coach/onboard/* routes unchanged
  • Stripe calls mocked in tests

Related

  • Closes #30
  • Plan: plan-2026-03-08-tryout-prep (Phase 3a-iii)
## Summary Adds open-access coach signup routes (`/coach/signup`) so Marcus can share one link for all coaches, and fixes JWT `token_issuer` in `AuthConfig` so admin endpoints authenticate correctly against `pal-e-auth` tokens. ## Changes - **`src/basketball_api/main.py`** -- Added `token_issuer="pal-e-auth"` to `AuthConfig` constructor so JWT decode validates the `iss` claim correctly. - **`src/basketball_api/routes/coach.py`** -- Added `GET /coach/signup` (renders branded agreement form with empty fields, no token required) and `POST /coach/signup` (creates Coach record with `tenant_id=1`, signs agreement, generates invite token, redirects to Stripe Connect onboarding). Handles duplicate emails: unsigned coaches get updated, signed coaches see "already registered" page. - **`tests/test_coach_signup.py`** -- Tests for GET signup page, POST happy path with Stripe redirect, agreement checkbox validation, Stripe failure error display, duplicate email handling for both signed and unsigned coaches. ## Test Plan - [ ] `ruff check src/ tests/` passes - [ ] `ruff format --check src/ tests/` passes - [ ] `pytest tests/ -v` passes (requires Postgres -- verified via CI) - [ ] Visit `/coach/signup` -- should render branded agreement form - [ ] Submit signup form -- should create coach and redirect to Stripe - [ ] Submit with existing signed email -- should show "Already Registered" - [ ] Admin endpoints now accept JWT tokens with `iss: pal-e-auth` ## Review Checklist - [x] No new Alembic migration needed (no schema changes) - [x] Ruff check and format pass - [x] New routes are unauthenticated (by design -- open coach signup) - [x] Hardcoded `tenant_id=1` for Westside (matches issue spec) - [x] Existing `/coach/onboard/*` routes unchanged - [x] Stripe calls mocked in tests ## Related - Closes #30 - Plan: `plan-2026-03-08-tryout-prep` (Phase 3a-iii)
feat: generic coach signup page + JWT auth fix
All checks were successful
ci/woodpecker/pr/woodpecker Pipeline was successful
Details
fcf6ebf0cb 
- Add /coach/signup routes for open-access coach registration
- Fix JWT token_issuer in AuthConfig for admin endpoint auth
- Add tests for signup flow

Closes #30

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
forgejo_admin deleted branch 30-generic-coach-signup-jwt-fix 2026-03-10 04:25:49 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
domain:backend

   
domain:devops

   
domain:frontend

   
status:approved

QA passed, awaiting merge approval

  
status:in-progress

Dev agent is actively working

  
status:needs-fix

QA found issues, back to dev

  
status:qa

PR submitted, awaiting QA review

  
type:bug

Bug fix

  
type:devops

Infrastructure/CI/config work

  
type:feature

New functionality

No labels
domain:backend
domain:devops
domain:frontend
status:approved
status:in-progress
status:needs-fix
status:qa
type:bug
type:devops
type:feature
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
forgejo_admin/basketball-api!32
No description provided.