If a user starts the onboarding process, make sure they can still accept an invite (#13794)

* Add free_trial to deploy camunda script

* Getting invite details should not require tenancy

* make sure onboarding cookie is complete

* Make sure password is atleast 8 characters

* yarn lock

* update pro and account-portal

* update account-portal

packages/account-portal

@@ -1 +1 @@
-Subproject commit c167c331ff9b8161fc18e2ecbaaf1ea5815ba964
+Subproject commit 39acfff42a063e5a8a7d58d36721ec3103e16348

packages/builder/src/pages/builder/invite/index.svelte

@@ -32,8 +32,14 @@
     onboarding = true
     try {
       const { password, firstName, lastName } = formData
-      await users.acceptInvite(inviteCode, password, firstName, lastName)
+      const user = await users.acceptInvite(
+        inviteCode,
+        password,
+        firstName,
+        lastName
+      )
       notifications.success("Invitation accepted successfully")
+      auth.setOrg(user.tenantId)
       await login()
     } catch (error) {
       notifications.error(error.message)
@@ -66,7 +72,7 @@
       notifications.success("Logged in successfully")
       $goto("../portal")
     } catch (err) {
-      notifications.error(err.message ? err.message : "Invalid credentials") //not likely, considering.
+      notifications.error(err.message ? err.message : "Something went wrong")
     }
   }
 
@@ -141,12 +147,19 @@
                   password: e.detail,
                 }
               }}
+              validateOn="blur"
               validate={() => {
                 let fieldError = {}
 
-                fieldError["password"] = !formData.password
+                function validatePassword() {
-                  ? "Please enter a password"
+                  if (!formData.password) {
-                  : undefined
+                    return "Please enter a password"
+                  } else if (formData.password.length < 8) {
+                    return "Please enter at least 8 characters"
+                  }
+                  return undefined
+                }
+                fieldError["password"] = validatePassword()
 
                 fieldError["confirmationPassword"] =
                   !passwordsMatch(

packages/types/src/api/web/user.ts

@@ -92,6 +92,7 @@ export interface AcceptUserInviteResponse {
   _id: string
   _rev: string
   email: string
+  tenantId: string
 }
 
 export interface SyncUserRequest {

packages/worker/src/api/controllers/global/users.ts

@@ -35,6 +35,7 @@ import {
 } from "@budibase/backend-core"
 import { checkAnyUserExists } from "../../../utilities/users"
 import { isEmailConfigured } from "../../../utilities/email"
+import { BpmStatusKey, BpmStatusValue } from "@budibase/shared-core"
 
 const MAX_USERS_UPLOAD_LIMIT = 1000
 
@@ -444,10 +445,16 @@ export const inviteAccept = async (
 
         await cache.invite.deleteCode(inviteCode)
 
+        // make sure onboarding flow is cleared
+        ctx.cookies.set(BpmStatusKey.ONBOARDING, BpmStatusValue.COMPLETED, {
+          expires: new Date(0),
+        })
+
         ctx.body = {
           _id: user._id!,
           _rev: user._rev!,
           email: user.email,
+          tenantId: user.tenantId,
         }
       }
     )

packages/worker/src/api/index.ts

@@ -105,11 +105,6 @@ const NO_TENANCY_ENDPOINTS = [
     route: "/api/admin/auth/oidc/callback",
     method: "GET",
   },
-  // tenant is determined from code in redis
-  {
-    route: "/api/global/users/invite/accept",
-    method: "POST",
-  },
   // global user search - no tenancy
   // :id is user id
   // TODO: this should really be `/api/system/users/:id`
@@ -117,6 +112,15 @@ const NO_TENANCY_ENDPOINTS = [
     route: "/api/global/users/tenant/:id",
     method: "GET",
   },
+  // tenant is determined from code in redis
+  {
+    route: "/api/global/users/invite/accept",
+    method: "POST",
+  },
+  {
+    route: "/api/global/users/invite/:code",
+    method: "GET",
+  },
 ]
 
 // most public endpoints are gets, but some are posts