- IEmailService in Domain/Interfaces for membership notifications
- StubEmailService in Infrastructure/Services logs instead of sending
- TODO comments for future SMTP implementation
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- ClubInvitation: Token, ExpiresAt, MaxUses, UsedCount
- Unique index on Token
- DbSet + EF Configuration
- Migration applied
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Summary of all fixes
3 files changed:
1. src/Koogle.Application/Services/UserService.cs:140-171
- GetByIdentityUserIdAsync now includes .Include(p => p.Clubs) and maps ClubMemberships
2. src/Koogle.Web/Store/AuthState/AuthEffects.cs:53-73
- Merges club-specific roles from ClubMemberships into AuthState roles
3. src/Koogle.Infrastructure/Security/ClubRoleRequirement.cs:17-114
- Changed ClubRoleHandler to extend AuthorizationHandler<ClubRoleRequirement> (no resource)
- Reads current_club_id from claims to determine club context
- Added ClubRoleResourceHandler for resource-based auth (explicit clubId)
4. src/Koogle.Infrastructure/DependencyInjection.cs:72
- Registered ClubRoleResourceHandler
The [Authorize(Policy = "ClubViewer")] attribute now uses current_club_id claim set during login to check club roles.
beo3000