Implement a new feature where users receive 5 invitation codes when they confirm their email.
Backend changes:
- Extend InvitationCodeGenerator with GenerateForOwnerAsync() for batch code creation
- Mint 5 codes on email confirmation (not registration) in AuthController.ConfirmEmailAsync
- Add GET /invitation-codes/mine (self-service) endpoint for users to view their own codes
- Add POST /users/{id}/invitation-codes (admin-only) endpoint to grant additional codes
- Create MyInvitationCodeDto and GrantInvitationCodesRequest DTOs
Frontend changes:
- Add "My Invitation Codes" tab to Profile.razor with list of user's codes
- Unused codes rendered normally with copy-to-clipboard button
- Used codes shown with strikethrough (no user identity revealed)
- Add "Give Invitation Codes" action to admin Users page
- Dialog prompts for count (1-50) of codes to grant to selected user
- Success/error messages displayed after granting
- Extend InvitationCodesService.GetMyAsync() and UsersService.GrantInvitationCodesAsync()
- Regenerate Kiota API client from updated OpenAPI schema
No database schema changes required - existing InvitationCode fields accommodate both
registration-issued and admin-granted codes.
- Updated SoundSynthVideosController to return ProblemDetails for bad requests and conflicts.
- Modified UsersController to return ProblemDetails for user not found and account purge failures.
- Enhanced BooksService, DocumentsService, GpusService, InstructionSetExtensionsService, MachineFamiliesService, MagazinesService, ResolutionsService, ScreensService, SoftwareFamiliesService, SoftwarePlatformsService, SoftwareVersionsService, SoundSynthsService, and WwpcImportsService to utilize ExtractDetail for error messages from ApiException.
- Introduced ExtractDetail method to standardize error message extraction from ApiException across multiple services.
- Implemented InvitationCodesService for admin management of invitation codes, including listing, creating, and revoking codes.
- Updated AuthService to handle email confirmation during login and added methods for user registration and email confirmation.
- Enhanced Italian resource files with new strings for user registration and invitation code management.
- Added new navigation links for invitation codes in admin menus across multiple languages.
- Introduced JavaScript utility for downloading user data as a blob, improving GDPR compliance.
- Added two-factor authentication support in the login process, including handling for two-factor tokens and available methods.
- Enhanced the login page to manage two-factor verification and recovery codes.
- Introduced a security tab in the user profile for managing two-factor authentication settings, including enabling/disabling authenticator and email methods.
- Implemented backend services for managing two-factor authentication, including enabling/disabling methods and regenerating recovery codes.
- Added admin functionality to disable two-factor authentication for users.
- Updated UI components to reflect changes in two-factor authentication status and provide user feedback.
- Configured SMTP settings for email notifications related to two-factor authentication.
- Implement BulkDeleteRequestBuilder for deleting multiple users.
- Implement BulkLockoutRequestBuilder for locking out multiple users.
- Implement BulkRemoveRoleRequestBuilder for removing roles from multiple users.
- Update UsersRequestBuilder to include bulk operations for adding roles, deleting users, locking out users, and removing roles.
- Add models for BulkLockoutRequest, BulkOperationResult, BulkRoleRequest, and BulkUserIdsRequest.
- Enhance UsersController with endpoints for bulk delete, bulk add role, bulk remove role, and bulk lockout.
- Create dialogs for bulk role operations and bulk lockout in the admin interface.
- Update Users.razor to support bulk actions and integrate with the new bulk operations.
- Enhance UsersService with methods for bulk operations handling.