fix(sign-in): Fix redirect correct org after accepting invite

[priscilawebdev]

closes #43745
closes #67690

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #82005      +/-   ##
==========================================
+ Coverage   84.95%   87.57%   +2.62%     
==========================================
  Files        9487     9420      -67     
  Lines      539524   535697    -3827     
  Branches    21177    20799     -378     
==========================================
+ Hits       458357   469152   +10795     
+ Misses      80726    66150   -14576     
+ Partials      441      395      -46     

[markstory]

Doesn't this bypass the membership invite acceptance views? We would also be skipping important steps of that process like enforcing MFA and SSO.

[priscilawebdev]

Doesn't this bypass the membership invite acceptance views?

No, it doesn't. If the user is not logged in and clicks on the invitation, they will first see the invitation view, where they can either "Create a new account" or "Login using an existing account."

Currently, after submitting the form to create a new account, the invitation is accepted, and the user is redirected to the organization associated with the invite. However, this doesn't happen when the user chooses to login using an existing account. This is what this PR is trying to fix

[priscilawebdev]

We would also be skipping important steps of that process like enforcing MFA and SSO.

I’ve moved the code to what I believe is a more appropriate location, and I was wondering if we have existing tests for the use cases you mentioned. The only tests I could find are these, which are still passing.

Could you confirm if these cover the scenarios we need?

[mifu67]

I just pulled your branch and tested things out. I think that we do bypass some of the member invite acceptance views by taking the user directly to the org. What I think should happen instead is that after the user logs in, they are redirected back to the initial member invite screen, where they have an active session and can accept the invitation with their currently signed-in account.

We're planning to implement this new member invite flow as part of our upcoming refactor of the authentication system.

[markstory]

The scenario I'm thinking of is:

1. An existing sentry user is invited to a new org.
2. The user visits the organization login page
3. If the user logs in, they'll implicitly accept the membership invite (via these changes) and bypass SSO setup and MFA setup requirements to gain membership.

[getsantry]

This pull request has gone three weeks without activity. In another week, I will close it.

But! If you comment or otherwise update it, I will reset the clock, and if you add the label WIP, I will leave it alone unless WIP is removed ... forever!

---

"A weed is but an unloved flower." ― Ella Wheeler Wilcox 🥀

[priscilawebdev]

Hi @markstory and @mifu67 . Thanks for the valuable feedback! 🙏 I've updated the code to check if the user is not already a member of a specific organization and has an invitation link. If both conditions are met, they are redirected to the invitation page to explicitly accept the invite. Would this work until we get everything refactored? The tests are passing now