alee/golfgame
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Add invite request system and Gitea Actions CI/CD pipeline
Some checks failed
Build & Deploy Staging / build (release) Waiting to run
Details
Build & Deploy Staging / deploy (release) Has been cancelled
Details

Browse Source 
Invite request feature:
- Public form to request an invite when INVITE_REQUEST_ENABLED=true
- Stores requests in new invite_requests DB table
- Emails admins on new request, emails requester on approve/deny
- Admin panel tab to review, approve, and deny requests
- Approval auto-creates invite code and sends signup link

CI/CD pipeline:
- Build & push Docker image to Gitea registry on release
- Auto-deploy to staging with health check
- Manual workflow_dispatch for production deploys

Also includes client layout/sizing improvements for card grid
and opponent spacing.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
adlee-was-taken
2026-04-07 19:38:52 -04:00
parent 0c0588f920
commit ef54ac201a
16 changed files with 1003 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.env.example
View File

@@ -75,6 +75,9 @@ SECRET_KEY=
# Enable invite-only mode (requires invitation to register)
INVITE_ONLY=true
# Allow visitors to request an invite from the login page (only relevant when INVITE_ONLY=true)
INVITE_REQUEST_ENABLED=false
# Metered open signups (public beta)
# 0 = disabled (invite-only enforced), -1 = unlimited, N = max open signups per day
# When set > 0, users can register without an invite code up to the daily limit.

51
.gitea/workflows/deploy-prod.yml Normal file
View File

@@ -0,0 +1,51 @@
name: Deploy Production
on:
workflow_dispatch:
inputs:
tag:
description: 'Release tag to deploy (e.g. v3.3.0)'
required: true
env:
IMAGE: git.adlee.work/alee/golfgame
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Deploy to production
uses: appleboy/ssh-action@v1
with:
host: ${{ secrets.PROD_HOST }}
username: root
key: ${{ secrets.DEPLOY_SSH_KEY }}
envs: IMAGE
script: |
cd /opt/golfgame
# Pull the same image that passed staging
docker login git.adlee.work -u ${{ secrets.REGISTRY_USER }} -p ${{ secrets.REGISTRY_TOKEN }}
docker pull $IMAGE:${{ github.event.inputs.tag }}
# Tag it so compose uses it
docker tag $IMAGE:${{ github.event.inputs.tag }} golfgame-app:latest
# Update code (for compose file / env changes)
git fetch origin && git checkout ${{ github.event.inputs.tag }}
# Restart app
docker compose -f docker-compose.prod.yml up -d app
# Wait for healthy
echo "Waiting for health check..."
for i in $(seq 1 30); do
if docker compose -f docker-compose.prod.yml ps app | grep -q "healthy"; then
echo "Production deploy successful — ${{ github.event.inputs.tag }}"
exit 0
fi
sleep 2
done
echo "CRITICAL: app not healthy after 60s"
docker compose -f docker-compose.prod.yml logs --tail=30 app
exit 1

70
.gitea/workflows/deploy-staging.yml Normal file
View File

@@ -0,0 +1,70 @@
name: Build & Deploy Staging
on:
release:
types: [published]
env:
IMAGE: git.adlee.work/alee/golfgame
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Log in to Gitea Container Registry
uses: docker/login-action@v3
with:
registry: git.adlee.work
username: ${{ secrets.REGISTRY_USER }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Build and push image
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: |
${{ env.IMAGE }}:${{ github.ref_name }}
${{ env.IMAGE }}:latest
deploy:
needs: build
runs-on: ubuntu-latest
steps:
- name: Deploy to staging
uses: appleboy/ssh-action@v1
with:
host: ${{ secrets.STAGING_HOST }}
username: root
key: ${{ secrets.DEPLOY_SSH_KEY }}
envs: IMAGE
script: |
cd /opt/golfgame
# Pull the pre-built image
docker login git.adlee.work -u ${{ secrets.REGISTRY_USER }} -p ${{ secrets.REGISTRY_TOKEN }}
docker pull $IMAGE:${{ github.ref_name }}
# Tag it so compose uses it
docker tag $IMAGE:${{ github.ref_name }} golfgame-app:latest
# Update code (for compose file / env changes)
git fetch origin && git checkout ${{ github.ref_name }}
# Restart app (no --build, image is pre-built)
docker compose -f docker-compose.staging.yml up -d app
# Wait for healthy
echo "Waiting for health check..."
for i in $(seq 1 30); do
if docker compose -f docker-compose.staging.yml ps app | grep -q "healthy"; then
echo "Staging deploy successful — ${{ github.ref_name }}"
exit 0
fi
sleep 2
done
echo "WARNING: app not healthy after 60s"
docker compose -f docker-compose.staging.yml logs --tail=20 app
exit 1

33
client/admin.html
View File

@@ -37,6 +37,7 @@
<a href="#" data-panel="users" class="nav-link">Users</a>
<a href="#" data-panel="games" class="nav-link">Games</a>
<a href="#" data-panel="invites" class="nav-link">Invites</a>
<a href="#" data-panel="invite-requests" class="nav-link">Requests</a>
<a href="#" data-panel="audit" class="nav-link">Audit Log</a>
</div>
<div class="nav-user">
@@ -191,6 +192,35 @@
</table>
</section>
<!-- Invite Requests Panel -->
<section id="invite-requests-panel" class="panel hidden">
<h2>Invite Requests</h2>
<div class="panel-toolbar">
<div class="filter-bar">
<select id="request-status-filter">
<option value="pending">Pending</option>
<option value="">All</option>
<option value="approved">Approved</option>
<option value="denied">Denied</option>
</select>
<button id="request-filter-btn" class="btn">Filter</button>
</div>
</div>
<table id="invite-requests-table" class="data-table">
<thead>
<tr>
<th>Name</th>
<th>Email</th>
<th>Message</th>
<th>Submitted</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody></tbody>
</table>
</section>
<!-- Audit Log Panel -->
<section id="audit-panel" class="panel hidden">
<h2>Audit Log</h2>
@@ -207,12 +237,15 @@
<option value="end_game">End Game</option>
<option value="create_invite">Create Invite</option>
<option value="revoke_invite">Revoke Invite</option>
<option value="approve_invite_request">Approve Request</option>
<option value="deny_invite_request">Deny Request</option>
</select>
<select id="audit-target-filter">
<option value="">All Targets</option>
<option value="user">Users</option>
<option value="game">Games</option>
<option value="invite_code">Invites</option>
<option value="invite_request">Invite Requests</option>
</select>
<button id="audit-filter-btn" class="btn">Filter</button>
</div>

82
client/admin.js
View File

@@ -198,6 +198,9 @@ function showPanel(panelId) {
case 'invites':
loadInvites();
break;
case 'invite-requests':
loadInviteRequests();
break;
case 'audit':
loadAuditLog();
break;
@@ -643,6 +646,80 @@ async function promptRevokeInvite(code) {
}
}
// =============================================================================
// Invite Requests
// =============================================================================
async function loadInviteRequests() {
const status = document.getElementById('request-status-filter').value;
const params = new URLSearchParams();
if (status) params.set('status', status);
try {
const data = await apiRequest(`/api/admin/invite-requests?${params}`);
const tbody = document.querySelector('#invite-requests-table tbody');
tbody.innerHTML = '';
if (data.requests.length === 0) {
tbody.innerHTML = '<tr><td colspan="6" class="text-muted">No invite requests</td></tr>';
return;
}
data.requests.forEach(req => {
const statusBadge = req.status === 'approved'
? '<span class="badge badge-success">Approved</span>'
: req.status === 'denied'
? '<span class="badge badge-danger">Denied</span>'
: '<span class="badge badge-warning">Pending</span>';
const actions = req.status === 'pending'
? `<button class="btn btn-small btn-primary" data-action="approve-request" data-id="${req.id}">Approve</button>
<button class="btn btn-small btn-danger" data-action="deny-request" data-id="${req.id}">Deny</button>`
: `<span class="text-muted">${req.reviewed_by_username || '-'}</span>`;
tbody.innerHTML += `
<tr>
<td>${escapeHtml(req.name)}</td>
<td>${escapeHtml(req.email)}</td>
<td>${req.message ? escapeHtml(req.message).substring(0, 80) : '<span class="text-muted">-</span>'}</td>
<td>${formatDate(req.created_at)}</td>
<td>${statusBadge}</td>
<td>${actions}</td>
</tr>`;
});
} catch (error) {
showToast('Failed to load invite requests: ' + error.message, 'error');
}
}
async function handleApproveRequest(requestId) {
if (!confirm('Approve this invite request? An invite code will be created and emailed to the requester.')) return;
try {
const data = await apiRequest(`/api/admin/invite-requests/${requestId}/approve`, {
method: 'POST',
});
showToast(`Request approved! Invite code: ${data.code}`, 'success');
loadInviteRequests();
} catch (error) {
showToast('Failed to approve request: ' + error.message, 'error');
}
}
async function handleDenyRequest(requestId) {
if (!confirm('Deny this invite request? The requester will be notified.')) return;
try {
await apiRequest(`/api/admin/invite-requests/${requestId}/deny`, {
method: 'POST',
});
showToast('Request denied', 'success');
loadInviteRequests();
} catch (error) {
showToast('Failed to deny request: ' + error.message, 'error');
}
}
// =============================================================================
// Auth
// =============================================================================
@@ -786,6 +863,9 @@ document.addEventListener('DOMContentLoaded', () => {
document.getElementById('create-invite-btn').addEventListener('click', handleCreateInvite);
document.getElementById('include-expired').addEventListener('change', loadInvites);
// Invite requests panel
document.getElementById('request-filter-btn').addEventListener('click', loadInviteRequests);
// Audit panel
document.getElementById('audit-filter-btn').addEventListener('click', () => {
auditPage = 0;
@@ -826,6 +906,8 @@ document.addEventListener('DOMContentLoaded', () => {
else if (action === 'end-game') promptEndGame(btn.dataset.id);
else if (action === 'copy-invite') copyInviteLink(btn.dataset.code);
else if (action === 'revoke-invite') promptRevokeInvite(btn.dataset.code);
else if (action === 'approve-request') handleApproveRequest(parseInt(btn.dataset.id));
else if (action === 'deny-request') handleDenyRequest(parseInt(btn.dataset.id));
});
// Check auth on load

66
client/app.js
View File

@@ -1,4 +1,3 @@
// SPDX-License-Identifier: GPL-3.0-or-later
// Golf Card Game - Client Application
// Debug logging - set to true to see detailed state/animation logs
@@ -4868,6 +4867,15 @@ class AuthManager {
this.resetPasswordConfirm = document.getElementById('reset-password-confirm');
this.resetError = document.getElementById('reset-error');
this.resetSuccess = document.getElementById('reset-success');
this.requestInviteContainer = document.getElementById('request-invite-container');
this.requestInviteForm = document.getElementById('request-invite-form');
this.requestInviteName = document.getElementById('request-invite-name');
this.requestInviteEmail = document.getElementById('request-invite-email');
this.requestInviteMessage = document.getElementById('request-invite-message');
this.requestInviteError = document.getElementById('request-invite-error');
this.requestInviteSuccess = document.getElementById('request-invite-success');
this.requestBackSignup = document.getElementById('request-back-signup');
this.requestBackLogin = document.getElementById('request-back-login');
}
bindEvents() {
@@ -4898,6 +4906,15 @@ class AuthManager {
});
this.forgotForm?.addEventListener('submit', (e) => this.handleForgotPassword(e));
this.resetForm?.addEventListener('submit', (e) => this.handleResetPassword(e));
this.requestInviteForm?.addEventListener('submit', (e) => this.handleRequestInvite(e));
this.requestBackSignup?.addEventListener('click', (e) => {
e.preventDefault();
this.showForm('signup');
});
this.requestBackLogin?.addEventListener('click', (e) => {
e.preventDefault();
this.showForm('login');
});
// Check URL for reset token or invite code on page load
this.checkResetToken();
@@ -4923,6 +4940,7 @@ class AuthManager {
this.signupFormContainer.classList.add('hidden');
this.forgotFormContainer?.classList.add('hidden');
this.resetFormContainer?.classList.add('hidden');
this.requestInviteContainer?.classList.add('hidden');
this.clearErrors();
if (form === 'login') {
@@ -4937,6 +4955,9 @@ class AuthManager {
} else if (form === 'reset') {
this.resetFormContainer?.classList.remove('hidden');
this.resetPassword?.focus();
} else if (form === 'request-invite') {
this.requestInviteContainer?.classList.remove('hidden');
this.requestInviteName?.focus();
}
}
@@ -4953,6 +4974,8 @@ class AuthManager {
if (this.forgotSuccess) this.forgotSuccess.textContent = '';
if (this.resetError) this.resetError.textContent = '';
if (this.resetSuccess) this.resetSuccess.textContent = '';
if (this.requestInviteError) this.requestInviteError.textContent = '';
if (this.requestInviteSuccess) this.requestInviteSuccess.textContent = '';
}
async handleLogin(e) {
@@ -5089,7 +5112,17 @@ class AuthManager {
if (invite_required) {
this.signupInviteCode.required = true;
this.signupInviteCode.placeholder = 'Invite Code (required)';
if (this.inviteCodeHint) this.inviteCodeHint.textContent = '';
if (this.inviteCodeHint) {
if (this.signupInfo.invite_request_enabled) {
this.inviteCodeHint.innerHTML = 'Don\'t have one? <a href="#" id="show-request-invite">Request an invite</a>';
document.getElementById('show-request-invite')?.addEventListener('click', (e) => {
e.preventDefault();
this.showForm('request-invite');
});
} else {
this.inviteCodeHint.textContent = '';
}
}
} else if (open_signups_enabled) {
this.signupInviteCode.required = false;
this.signupInviteCode.placeholder = 'Invite Code (optional)';
@@ -5166,4 +5199,33 @@ class AuthManager {
this.resetError.textContent = 'Connection error';
}
}
async handleRequestInvite(e) {
e.preventDefault();
this.clearErrors();
const name = this.requestInviteName.value.trim();
const email = this.requestInviteEmail.value.trim();
const message = this.requestInviteMessage.value.trim() || null;
try {
const response = await fetch('/api/auth/request-invite', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ name, email, message }),
});
const data = await response.json();
if (!response.ok) {
this.requestInviteError.textContent = data.detail || 'Request failed';
return;
}
this.requestInviteSuccess.textContent = data.message;
this.requestInviteForm.reset();
} catch (err) {
this.requestInviteError.textContent = 'Connection error';
}
}
}

94
client/index.html
View File

@@ -322,38 +322,38 @@
<div class="game-table">
<div id="opponents-row" class="opponents-row"></div>
<div class="player-row">
<div class="table-center">
<div class="deck-area">
<!-- Held card slot (left of deck) -->
<div id="held-card-slot" class="held-card-slot hidden">
<div id="held-card-display" class="card card-front">
<span id="held-card-content"></span>
</div>
<span class="held-label">Holding</span>
<div class="table-center">
<div class="deck-area">
<!-- Held card slot (left of deck) -->
<div id="held-card-slot" class="held-card-slot hidden">
<div id="held-card-display" class="card card-front">
<span id="held-card-content"></span>
</div>
<div class="pile-wrapper">
<span class="pile-label">DRAW</span>
<div id="deck" class="card card-back"></div>
</div>
<div class="pile-wrapper">
<span class="pile-label">DISCARD</span>
<div class="discard-stack">
<div id="discard" class="card">
<span id="discard-content"></span>
</div>
<!-- Floating held card (appears larger over discard when holding) -->
<div id="held-card-floating" class="card card-front held-card-floating hidden">
<span id="held-card-floating-content"></span>
</div>
<button id="discard-btn" class="btn btn-small hidden">Discard</button>
<button id="skip-flip-btn" class="btn btn-small btn-secondary hidden">Skip Flip</button>
<button id="knock-early-btn" class="btn btn-small btn-danger hidden">Knock!</button>
<span class="held-label">Holding</span>
</div>
<div class="pile-wrapper">
<span class="pile-label">DRAW</span>
<div id="deck" class="card card-back"></div>
</div>
<div class="pile-wrapper">
<span class="pile-label">DISCARD</span>
<div class="discard-stack">
<div id="discard" class="card">
<span id="discard-content"></span>
</div>
<!-- Floating held card (appears larger over discard when holding) -->
<div id="held-card-floating" class="card card-front held-card-floating hidden">
<span id="held-card-floating-content"></span>
</div>
<button id="discard-btn" class="btn btn-small hidden">Discard</button>
<button id="skip-flip-btn" class="btn btn-small btn-secondary hidden">Skip Flip</button>
<button id="knock-early-btn" class="btn btn-small btn-danger hidden">Knock!</button>
</div>
</div>
</div>
</div>
<div class="player-row">
<div class="player-section">
<div class="player-area">
<h4 id="player-header"><span class="player-name">You</span><span id="your-score" class="player-showing">0</span></h4>
@@ -427,6 +427,26 @@
<!-- Drawer backdrop for mobile -->
<div id="drawer-backdrop" class="drawer-backdrop"></div>
<!-- Desktop scorecard button + overlay -->
<button id="desktop-scorecard-btn">Scorecard</button>
<div id="desktop-scorecard-overlay" class="side-panel desktop-scorecard-overlay">
<h4>Current Standings</h4>
<div id="desktop-standings-list" class="standings-list"></div>
<h4>Scores</h4>
<table id="desktop-score-table">
<thead>
<tr>
<th>Player</th>
<th>Hole</th>
<th>Tot</th>
<th>W</th>
</tr>
</thead>
<tbody></tbody>
</table>
</div>
<div id="desktop-scorecard-backdrop" class="desktop-scorecard-backdrop"></div>
</div>
<!-- Rules Screen -->
@@ -911,6 +931,28 @@ TOTAL: 0 + 8 + 16 = 24 points</pre>
</form>
<p class="auth-switch">Already have an account? <a href="#" id="show-login">Login</a></p>
</div>
<!-- Request Invite Form -->
<div id="request-invite-container" class="hidden">
<h3>Request an Invite</h3>
<p class="auth-hint">Registration is invite-only. Request access and we'll get back to you.</p>
<form id="request-invite-form">
<div class="form-group">
<input type="text" id="request-invite-name" placeholder="Your name" required maxlength="100">
</div>
<div class="form-group">
<input type="email" id="request-invite-email" placeholder="Email" required>
</div>
<div class="form-group">
<textarea id="request-invite-message" placeholder="Why do you want to join? (optional)" rows="3" maxlength="500"></textarea>
</div>
<p id="request-invite-error" class="error"></p>
<p id="request-invite-success" class="success"></p>
<button type="submit" class="btn btn-primary btn-full">Request Invite</button>
</form>
<p class="auth-switch">Already have an invite? <a href="#" id="request-back-signup">Sign up</a></p>
<p class="auth-switch">Already have an account? <a href="#" id="request-back-login">Login</a></p>
</div>
</div>
</div>

228
client/style.css
View File

@@ -1024,13 +1024,13 @@ input::placeholder {
/* Card Styles */
.card {
width: clamp(65px, 5.5vw, 100px);
height: clamp(91px, 7.7vw, 140px);
width: clamp(65px, 7vw, 135px);
height: clamp(91px, 9.8vw, 189px);
border-radius: 6px;
display: flex;
align-items: center;
justify-content: center;
font-size: clamp(2rem, 2.5vw, 3.2rem);
font-size: clamp(2rem, 3vw, 3.8rem);
font-weight: bold;
cursor: pointer;
/* No CSS transition - hover effects handled by anime.js */
@@ -1151,7 +1151,7 @@ input::placeholder {
/* Card Grid */
.card-grid {
display: grid;
grid-template-columns: repeat(3, clamp(65px, 5.5vw, 100px));
grid-template-columns: repeat(3, clamp(65px, 7vw, 135px));
gap: clamp(8px, 0.8vw, 14px);
justify-content: center;
}
@@ -1161,18 +1161,22 @@ input::placeholder {
display: flex;
flex-direction: column;
align-items: center;
gap: 25px;
justify-content: space-between;
gap: 15px;
width: 100%;
flex: 1;
min-height: 0;
}
/* Player row - deck/discard and player cards side by side */
/* Player row - local player cards */
.player-row {
display: flex;
justify-content: center;
align-items: center;
gap: 25px;
gap: clamp(15px, 2vh, 35px);
width: 100%;
flex-wrap: wrap;
padding-bottom: clamp(10px, 2vh, 30px);
}
.opponents-row {
@@ -1180,9 +1184,9 @@ input::placeholder {
flex-wrap: nowrap;
justify-content: center;
align-items: flex-end;
gap: clamp(12px, 1.8vw, 35px);
min-height: clamp(120px, 14vw, 200px);
padding: 8px 20px 0;
gap: clamp(12px, 6vw, 120px);
min-height: clamp(120px, 18vw, 280px);
padding: 15px 20px 0;
width: 100%;
}
@@ -1234,7 +1238,62 @@ input::placeholder {
transform: rotate(8deg);
}
/* 5 opponents: deeper arch with graduated rotation toward center */
/* 5 opponents: tighter spacing to fit single row on wide screens */
.opponents-row:has(.opponent-area:first-child:nth-last-child(5)) {
gap: clamp(6px, 2vw, 50px);
}
.opponents-row .opponent-area:first-child:nth-last-child(5),
.opponents-row .opponent-area:first-child:nth-last-child(5) ~ .opponent-area {
flex-shrink: 1;
}
.opponents-row .opponent-area:first-child:nth-last-child(5) .card-grid,
.opponents-row .opponent-area:first-child:nth-last-child(5) ~ .opponent-area .card-grid {
grid-template-columns: repeat(3, clamp(38px, 4vw, 85px));
gap: clamp(2px, 0.4vw, 6px);
}
.opponents-row .opponent-area:first-child:nth-last-child(5) .card,
.opponents-row .opponent-area:first-child:nth-last-child(5) ~ .opponent-area .card {
width: clamp(38px, 4vw, 85px);
height: clamp(53px, 5.6vw, 119px);
font-size: clamp(0.9rem, 1.3vw, 2.2rem);
}
/* 5 opponents mid-width: wrap into 2 arch rows (3 + 2) */
@media (min-width: 750px) and (max-width: 1220px) {
.opponents-row:has(.opponent-area:first-child:nth-last-child(5)) {
flex-wrap: wrap;
gap: clamp(6px, 1.5vw, 20px);
row-gap: clamp(4px, 1vw, 16px);
}
/* Force 3+2 split: each item ~30% so 3 fit per row */
.opponents-row .opponent-area:first-child:nth-last-child(5),
.opponents-row .opponent-area:first-child:nth-last-child(5) ~ .opponent-area {
flex: 0 0 auto;
}
/* Row 1 arch: 3 opponents */
.opponents-row .opponent-area:first-child:nth-last-child(5) {
margin-bottom: 0;
transform: rotate(-5deg);
}
.opponents-row .opponent-area:first-child:nth-last-child(5) ~ .opponent-area:nth-child(2) {
margin-bottom: 20px;
transform: rotate(0deg);
}
.opponents-row .opponent-area:first-child:nth-last-child(5) ~ .opponent-area:nth-child(3) {
margin-bottom: 0;
transform: rotate(5deg);
}
/* Row 2 arch: 2 opponents */
.opponents-row .opponent-area:first-child:nth-last-child(5) ~ .opponent-area:nth-child(4) {
margin-bottom: 8px;
transform: rotate(-3deg);
}
.opponents-row .opponent-area:first-child:nth-last-child(5) ~ .opponent-area:nth-child(5) {
margin-bottom: 8px;
transform: rotate(3deg);
}
}
.opponents-row .opponent-area:first-child:nth-last-child(5) {
margin-bottom: 0;
transform: rotate(-10deg);
@@ -1367,9 +1426,9 @@ input::placeholder {
}
.deck-area .card {
width: clamp(80px, 7vw, 120px);
height: clamp(112px, 9.8vw, 168px);
font-size: clamp(2.4rem, 3.2vw, 4rem);
width: clamp(80px, 8.5vw, 150px);
height: clamp(112px, 11.9vw, 210px);
font-size: clamp(2.4rem, 3.5vw, 4.5rem);
}
#discard {
@@ -1771,14 +1830,14 @@ input::placeholder {
.opponent-area .card-grid {
display: grid;
grid-template-columns: repeat(3, clamp(45px, 4vw, 75px));
gap: clamp(4px, 0.4vw, 8px);
grid-template-columns: repeat(3, clamp(45px, 5vw, 100px));
gap: clamp(4px, 0.5vw, 8px);
}
.opponent-area .card {
width: clamp(45px, 4vw, 75px);
height: clamp(63px, 5.6vw, 105px);
font-size: clamp(1.3rem, 1.5vw, 2.2rem);
width: clamp(45px, 5vw, 100px);
height: clamp(63px, 7vw, 140px);
font-size: clamp(1.3rem, 1.8vw, 2.6rem);
border-radius: 5px;
}
@@ -1929,6 +1988,7 @@ input::placeholder {
align-items: center;
gap: 8px;
width: 100%;
min-height: calc(100vh - 50px);
}
/* Side Panels - positioned in bottom corners */
@@ -1953,6 +2013,88 @@ input::placeholder {
right: 15px;
}
/* Desktop: hide side panels by default, show via scorecard button */
.side-panel.left-panel,
.side-panel.right-panel {
display: none;
}
/* Desktop scorecard button - bottom right corner */
#desktop-scorecard-btn {
position: fixed;
bottom: 15px;
right: 15px;
z-index: 99;
background: linear-gradient(145deg, rgba(15, 50, 35, 0.92) 0%, rgba(8, 30, 20, 0.95) 100%);
border: 1px solid rgba(244, 164, 96, 0.35);
color: #f4a460;
font-size: 0.7rem;
font-weight: 700;
letter-spacing: 0.15em;
text-transform: uppercase;
padding: 8px 16px;
border-radius: 8px;
cursor: pointer;
backdrop-filter: blur(10px);
box-shadow: 0 4px 16px rgba(0, 0, 0, 0.4);
transition: all 0.2s ease;
}
#desktop-scorecard-btn:hover {
background: linear-gradient(145deg, rgba(20, 60, 40, 0.95) 0%, rgba(12, 40, 28, 0.97) 100%);
border-color: rgba(244, 164, 96, 0.6);
box-shadow: 0 4px 20px rgba(0, 0, 0, 0.5), 0 0 10px rgba(244, 164, 96, 0.15);
}
#desktop-scorecard-btn:active {
transform: scale(0.96);
}
#desktop-scorecard-btn.active {
background: linear-gradient(135deg, #f4a460, #e8935a);
color: #1a472a;
border-color: transparent;
box-shadow: 0 2px 12px rgba(244, 164, 96, 0.4);
}
/* Desktop scorecard overlay — combines standings + scores */
.side-panel.desktop-scorecard-overlay {
display: none;
position: fixed;
bottom: 55px;
right: 15px;
left: auto;
width: 280px;
max-height: 70vh;
overflow-y: auto;
z-index: 100;
border-radius: 10px;
padding: 10px 12px;
background: linear-gradient(145deg, rgba(15, 50, 35, 0.95) 0%, rgba(8, 30, 20, 0.97) 100%);
backdrop-filter: blur(10px);
border: 1px solid rgba(244, 164, 96, 0.25);
box-shadow: 0 8px 32px rgba(0, 0, 0, 0.5);
}
.side-panel.desktop-scorecard-overlay.open {
display: block;
}
/* Desktop scorecard backdrop */
.desktop-scorecard-backdrop {
display: none;
position: fixed;
top: 0;
left: 0;
right: 0;
bottom: 0;
z-index: 98;
}
.desktop-scorecard-backdrop.visible {
display: block;
}
.side-panel > h4 {
font-size: 0.7rem;
text-align: center;
@@ -3596,7 +3738,24 @@ input::placeholder {
color: rgba(255, 255, 255, 0.4);
}
.modal-auth input:focus {
.modal-auth textarea {
width: 100%;
padding: 12px 15px;
background: rgba(0, 0, 0, 0.3);
border: 1px solid rgba(255, 255, 255, 0.2);
border-radius: 8px;
color: white;
font-size: 1rem;
font-family: inherit;
resize: vertical;
}
.modal-auth textarea::placeholder {
color: rgba(255, 255, 255, 0.4);
}
.modal-auth input:focus,
.modal-auth textarea:focus {
outline: none;
border-color: #f4a460;
}
@@ -3612,6 +3771,15 @@ input::placeholder {
color: rgba(255, 255, 255, 0.45);
}
.form-hint a {
color: #f4a460;
text-decoration: none;
}
.form-hint a:hover {
text-decoration: underline;
}
.auth-switch {
text-align: center;
margin-top: 15px;
@@ -5336,12 +5504,16 @@ body.mobile-portrait .opponents-row {
flex-shrink: 0;
}
/* --- Mobile: Player row gets remaining space, centered vertically --- */
/* --- Mobile: Table center and player row share remaining space --- */
body.mobile-portrait .table-center {
flex-shrink: 0;
}
body.mobile-portrait .player-row {
display: flex;
flex-direction: column;
align-items: center;
justify-content: space-evenly;
justify-content: center;
gap: 10px;
width: 100%;
flex: 1 1 0%;
@@ -5503,6 +5675,18 @@ body.mobile-portrait .real-card .card-face-back {
line-height: 1;
}
/* Hide desktop scorecard button and backdrop on mobile */
body.mobile-portrait #desktop-scorecard-btn,
body.mobile-portrait .desktop-scorecard-backdrop {
display: none !important;
}
/* Re-enable side panels on mobile (overrides desktop hide) */
body.mobile-portrait .side-panel.left-panel,
body.mobile-portrait .side-panel.right-panel {
display: block;
}
/* --- Mobile: Side panels become bottom drawers --- */
body.mobile-portrait .side-panel {
position: fixed;

1
docker-compose.prod.yml
View File

@@ -40,6 +40,7 @@ services:
- BASE_URL=${BASE_URL:-https://golf.example.com}
- RATE_LIMIT_ENABLED=true
- INVITE_ONLY=true
- INVITE_REQUEST_ENABLED=true
- DAILY_OPEN_SIGNUPS=${DAILY_OPEN_SIGNUPS:-0}
- DAILY_SIGNUPS_PER_IP=${DAILY_SIGNUPS_PER_IP:-3}
- BOOTSTRAP_ADMIN_USERNAME=${BOOTSTRAP_ADMIN_USERNAME:-}

1
docker-compose.staging.yml
View File

@@ -29,6 +29,7 @@ services:
- BASE_URL=${BASE_URL:-https://staging.golfcards.club}
- RATE_LIMIT_ENABLED=false
- INVITE_ONLY=true
- INVITE_REQUEST_ENABLED=false
- DAILY_OPEN_SIGNUPS=${DAILY_OPEN_SIGNUPS:-0}
- DAILY_SIGNUPS_PER_IP=${DAILY_SIGNUPS_PER_IP:-3}
- BOOTSTRAP_ADMIN_USERNAME=${BOOTSTRAP_ADMIN_USERNAME:-}

4
server/config.py
View File

@@ -149,6 +149,9 @@ class ServerConfig:
SECRET_KEY: str = ""
INVITE_ONLY: bool = True
# Allow visitors to request an invite (shown on login page when invite-only)
INVITE_REQUEST_ENABLED: bool = False
# Metered open signups (public beta)
# 0 = disabled (invite-only), -1 = unlimited, N = max per day
DAILY_OPEN_SIGNUPS: int = 0
@@ -203,6 +206,7 @@ class ServerConfig:
ROOM_IDLE_TIMEOUT_SECONDS=get_env_int("ROOM_IDLE_TIMEOUT_SECONDS", 300),
SECRET_KEY=get_env("SECRET_KEY", ""),
INVITE_ONLY=get_env_bool("INVITE_ONLY", True),
INVITE_REQUEST_ENABLED=get_env_bool("INVITE_REQUEST_ENABLED", False),
DAILY_OPEN_SIGNUPS=get_env_int("DAILY_OPEN_SIGNUPS", 0),
DAILY_SIGNUPS_PER_IP=get_env_int("DAILY_SIGNUPS_PER_IP", 3),
BOOTSTRAP_ADMIN_USERNAME=get_env("BOOTSTRAP_ADMIN_USERNAME", ""),

73
server/routers/admin.py
View File

@@ -418,3 +418,76 @@ async def revoke_invite_code(
if not success:
raise HTTPException(status_code=404, detail="Invite code not found")
return {"message": "Invite code revoked successfully"}
# =============================================================================
# Invite Request Endpoints
# =============================================================================
@router.get("/invite-requests")
async def list_invite_requests(
status: Optional[str] = None,
admin: User = Depends(require_admin_v2),
service: AdminService = Depends(get_admin_service_dep),
):
"""List invite requests, optionally filtered by status (pending, approved, denied)."""
requests = await service.get_invite_requests(status=status)
return {"requests": [r.to_dict() for r in requests]}
@router.post("/invite-requests/{request_id}/approve")
async def approve_invite_request(
request_id: int,
request: Request,
admin: User = Depends(require_admin_v2),
service: AdminService = Depends(get_admin_service_dep),
):
"""Approve an invite request — creates a code and emails the requester."""
code = await service.approve_invite_request(
request_id=request_id,
admin_id=admin.id,
ip_address=get_client_ip(request),
)
if not code:
raise HTTPException(status_code=404, detail="Request not found or already handled")
# Get the request details to send the approval email
requests = await service.get_invite_requests()
req = next((r for r in requests if r.id == request_id), None)
if req:
from services.email_service import get_email_service
email_service = get_email_service()
await email_service.send_invite_approved_email(
to=req.email,
name=req.name,
invite_code=code,
)
return {"code": code, "message": "Request approved and invite sent"}
@router.post("/invite-requests/{request_id}/deny")
async def deny_invite_request(
request_id: int,
request: Request,
admin: User = Depends(require_admin_v2),
service: AdminService = Depends(get_admin_service_dep),
):
"""Deny an invite request — optionally emails the requester."""
result = await service.deny_invite_request(
request_id=request_id,
admin_id=admin.id,
ip_address=get_client_ip(request),
)
if not result:
raise HTTPException(status_code=404, detail="Request not found or already handled")
from services.email_service import get_email_service
email_service = get_email_service()
await email_service.send_invite_denied_email(
to=result["email"],
name=result["name"],
)
return {"message": "Request denied"}

57
server/routers/auth.py
View File

@@ -75,6 +75,13 @@ class UpdatePreferencesRequest(BaseModel):
preferences: dict
class InviteRequestBody(BaseModel):
"""Invite request body."""
name: str
email: str
message: Optional[str] = None
class ConvertGuestRequest(BaseModel):
"""Convert guest to user request."""
guest_id: str
@@ -332,6 +339,7 @@ async def signup_info():
return {
"invite_required": invite_required,
"invite_request_enabled": config.INVITE_REQUEST_ENABLED,
"open_signups_enabled": open_signups_enabled,
"daily_limit": config.DAILY_OPEN_SIGNUPS if not unlimited else None,
"remaining_today": remaining,
@@ -339,6 +347,55 @@ async def signup_info():
}
@router.post("/request-invite")
async def request_invite(
request_body: InviteRequestBody,
request: Request,
):
"""
Public endpoint: submit a request for an invite code.
Stores the request in the database and notifies admins via email.
"""
if not config.INVITE_REQUEST_ENABLED:
raise HTTPException(status_code=404, detail="Invite requests are not enabled")
if not _admin_service:
raise HTTPException(status_code=503, detail="Service not initialized")
name = request_body.name.strip()
email = request_body.email.strip().lower()
message = request_body.message.strip() if request_body.message else None
if not name or len(name) > 100:
raise HTTPException(status_code=400, detail="Name is required (max 100 characters)")
if not email or "@" not in email:
raise HTTPException(status_code=400, detail="Valid email is required")
client_ip = get_client_ip(request)
request_id = await _admin_service.create_invite_request(
name=name,
email=email,
message=message,
ip_address=client_ip,
)
# Notify admin emails
if config.ADMIN_EMAILS:
from services.email_service import get_email_service
email_service = get_email_service()
for admin_email in config.ADMIN_EMAILS:
await email_service.send_invite_request_admin_notification(
to=admin_email,
requester_name=name,
requester_email=email,
message=message or "",
)
return {"status": "ok", "message": "Your request has been submitted. We'll be in touch!"}
@router.post("/verify-email")
async def verify_email(
request_body: VerifyEmailRequest,

206
server/services/admin_service.py
View File

@@ -138,6 +138,35 @@ class InviteCode:
}
@dataclass
class InviteRequest:
"""Invite request details."""
id: int
name: str
email: str
message: Optional[str]
status: str
ip_address: Optional[str]
created_at: datetime
reviewed_at: Optional[datetime]
reviewed_by: Optional[str]
reviewed_by_username: Optional[str] = None
def to_dict(self) -> dict:
return {
"id": self.id,
"name": self.name,
"email": self.email,
"message": self.message,
"status": self.status,
"ip_address": self.ip_address,
"created_at": self.created_at.isoformat() if self.created_at else None,
"reviewed_at": self.reviewed_at.isoformat() if self.reviewed_at else None,
"reviewed_by": self.reviewed_by,
"reviewed_by_username": self.reviewed_by_username,
}
class AdminService:
"""
Admin operations and moderation service.
@@ -1211,6 +1240,183 @@ class AdminService:
return result != "UPDATE 0"
# -------------------------------------------------------------------------
# Invite Requests
# -------------------------------------------------------------------------
async def create_invite_request(
self,
name: str,
email: str,
message: Optional[str] = None,
ip_address: Optional[str] = None,
) -> int:
"""
Create a new invite request.
Returns:
The request ID.
"""
async with self.pool.acquire() as conn:
# Check for existing pending request from same email
existing = await conn.fetchval(
"SELECT id FROM invite_requests WHERE email = $1 AND status = 'pending'",
email,
)
if existing:
return existing
row_id = await conn.fetchval(
"""
INSERT INTO invite_requests (name, email, message, ip_address)
VALUES ($1, $2, $3, $4::inet)
RETURNING id
""",
name,
email,
message,
ip_address,
)
logger.info(f"New invite request #{row_id} from {email}")
return row_id
async def get_invite_requests(self, status: Optional[str] = None) -> List[InviteRequest]:
"""Get invite requests, optionally filtered by status."""
async with self.pool.acquire() as conn:
query = """
SELECT r.id, r.name, r.email, r.message, r.status, r.ip_address,
r.created_at, r.reviewed_at, r.reviewed_by,
u.username as reviewed_by_username
FROM invite_requests r
LEFT JOIN users_v2 u ON r.reviewed_by = u.id
"""
params = []
if status:
query += " WHERE r.status = $1"
params.append(status)
query += " ORDER BY r.created_at DESC"
rows = await conn.fetch(query, *params)
return [
InviteRequest(
id=row["id"],
name=row["name"],
email=row["email"],
message=row["message"],
status=row["status"],
ip_address=str(row["ip_address"]) if row["ip_address"] else None,
created_at=row["created_at"],
reviewed_at=row["reviewed_at"],
reviewed_by=str(row["reviewed_by"]) if row["reviewed_by"] else None,
reviewed_by_username=row["reviewed_by_username"],
)
for row in rows
]
async def approve_invite_request(
self,
request_id: int,
admin_id: str,
ip_address: Optional[str] = None,
) -> Optional[str]:
"""
Approve an invite request: create an invite code and update the request.
Returns:
The generated invite code, or None if request not found/already handled.
"""
async with self.pool.acquire() as conn:
# Verify request exists and is pending
row = await conn.fetchrow(
"SELECT id, email, name FROM invite_requests WHERE id = $1 AND status = 'pending'",
request_id,
)
if not row:
return None
# Create an invite code for this request
code = secrets.token_urlsafe(6).upper()[:8]
expires_at = datetime.now(timezone.utc) + timedelta(days=7)
invite_id = await conn.fetchval(
"""
INSERT INTO invite_codes (code, created_by, expires_at, max_uses)
VALUES ($1, $2, $3, 1)
RETURNING id
""",
code,
admin_id,
expires_at,
)
# Update the request
await conn.execute(
"""
UPDATE invite_requests
SET status = 'approved', reviewed_at = NOW(), reviewed_by = $1, invite_code_id = $2
WHERE id = $3
""",
admin_id,
invite_id,
request_id,
)
await self.audit(
admin_id,
"approve_invite_request",
"invite_request",
str(request_id),
{"email": row["email"], "invite_code": code},
ip_address,
)
logger.info(f"Admin {admin_id} approved invite request #{request_id}, code={code}")
return code
async def deny_invite_request(
self,
request_id: int,
admin_id: str,
ip_address: Optional[str] = None,
) -> Optional[dict]:
"""
Deny an invite request.
Returns:
The request info (name, email) or None if not found/already handled.
"""
async with self.pool.acquire() as conn:
row = await conn.fetchrow(
"SELECT id, email, name FROM invite_requests WHERE id = $1 AND status = 'pending'",
request_id,
)
if not row:
return None
await conn.execute(
"""
UPDATE invite_requests
SET status = 'denied', reviewed_at = NOW(), reviewed_by = $1
WHERE id = $2
""",
admin_id,
request_id,
)
await self.audit(
admin_id,
"deny_invite_request",
"invite_request",
str(request_id),
{"email": row["email"]},
ip_address,
)
logger.info(f"Admin {admin_id} denied invite request #{request_id}")
return {"name": row["name"], "email": row["email"]}
# Global admin service instance
_admin_service: Optional[AdminService] = None

70
server/services/email_service.py
View File

@@ -165,6 +165,76 @@ class EmailService:
return await self._send_email(to, subject, html)
async def send_invite_request_admin_notification(
self,
to: str,
requester_name: str,
requester_email: str,
message: str,
) -> Optional[str]:
"""Notify admin of a new invite request."""
if not self.is_configured():
logger.info(f"Email not configured. Would send invite request notification to {to}")
return None
admin_url = f"{self.base_url}/admin.html"
message_html = f"<p><strong>Message:</strong> {message}</p>" if message else ""
subject = f"Golf Game invite request from {requester_name}"
html = f"""
<h2>New Invite Request</h2>
<p><strong>Name:</strong> {requester_name}</p>
<p><strong>Email:</strong> {requester_email}</p>
{message_html}
<p><a href="{admin_url}">Review in Admin Panel</a></p>
"""
return await self._send_email(to, subject, html)
async def send_invite_approved_email(
self,
to: str,
name: str,
invite_code: str,
) -> Optional[str]:
"""Notify requester that their invite was approved."""
if not self.is_configured():
logger.info(f"Email not configured. Would send invite approval to {to}")
return None
signup_url = f"{self.base_url}/?invite={invite_code}"
subject = "Your Golf Game invite is ready!"
html = f"""
<h2>You're In, {name}!</h2>
<p>Your request to join Golf Game has been approved.</p>
<p>Use this link to create your account:</p>
<p><a href="{signup_url}">{signup_url}</a></p>
<p>Or sign up manually with invite code: <strong>{invite_code}</strong></p>
<p>This invite is single-use and expires in 7 days.</p>
"""
return await self._send_email(to, subject, html)
async def send_invite_denied_email(
self,
to: str,
name: str,
) -> Optional[str]:
"""Notify requester that their invite was denied."""
if not self.is_configured():
logger.info(f"Email not configured. Would send invite denial to {to}")
return None
subject = "Golf Game invite request update"
html = f"""
<h2>Hi {name},</h2>
<p>Thanks for your interest in Golf Game. Unfortunately, we're not able to approve your invite request at this time.</p>
<p>We may open up registrations in the future — stay tuned!</p>
"""
return await self._send_email(to, subject, html)
async def _send_email(
self,
to: str,

14
server/stores/user_store.py
View File

@@ -133,6 +133,20 @@ CREATE TABLE IF NOT EXISTS invite_codes (
is_active BOOLEAN DEFAULT TRUE
);
-- Invite requests table
CREATE TABLE IF NOT EXISTS invite_requests (
id BIGSERIAL PRIMARY KEY,
name VARCHAR(100) NOT NULL,
email VARCHAR(255) NOT NULL,
message TEXT,
status VARCHAR(20) DEFAULT 'pending',
ip_address INET,
created_at TIMESTAMPTZ DEFAULT NOW(),
reviewed_at TIMESTAMPTZ,
reviewed_by UUID REFERENCES users_v2(id),
invite_code_id BIGINT REFERENCES invite_codes(id)
);
-- Player stats table (extended for V2 leaderboards)
CREATE TABLE IF NOT EXISTS player_stats (
id BIGSERIAL PRIMARY KEY,