Merge pull request #1 from OpenSecretCloud/public-release

Public Release

pcrDev.json

@@ -1,6 +1,6 @@
 {
   "HashAlgorithm": "Sha384 { ... }",
-  "PCR0": "f58409ae1bc8600c887fef5cc4055149c88c94b41c2b3e268826af7b43a1cdbacffdb2c96bf5972120c6460ab83fe89e",
+  "PCR0": "6fcdb8086806a96c421c08eaf67cebf164aa898798b6f91b072c884773bc6ed64fe8f5af644fe35411195167b0e4a5f1",
   "PCR1": "5039fa3d13b95dded883deed58d2a0ac63bee4f05f16e05eda0dd21e54bcd01f5e700505998b5674616ea8346ce94b29",
-  "PCR2": "1c3dc614330f50cd17f219abb7473d8fea736259aa550de114401b90094d751855fce279b2891c3c978023a5376aafa0"
+  "PCR2": "f5d12ace797b0537be9f795885a6246ff065def52ba0353d597c61053b1e920c9e4f77d3321b792d504bbce41689dc65"
 }

pcrProd.json

@@ -1,6 +1,6 @@
 {
   "HashAlgorithm": "Sha384 { ... }",
-  "PCR0": "33ffe5cae0f72cfe904bde8019ad98efa0ce5db2800f37c5d4149461023d1f70ea77e4f58ae1327ff46ed6a34045d6e2",
+  "PCR0": "a1398fa2946b6ed4b96a1a992ee668aef3661329690f87d44cad5b646ce33e3b16a55674b1d6d54d115a5520801b97d6",
   "PCR1": "5039fa3d13b95dded883deed58d2a0ac63bee4f05f16e05eda0dd21e54bcd01f5e700505998b5674616ea8346ce94b29",
-  "PCR2": "b594414f4ea52bb0985a41442e85f72996373ec7f12898820277b5e822fa9b3c76ecfffc7068410c0eec3dbdf3072465"
+  "PCR2": "2d6a4ddf9176cf17a62202bf346e26bb70f1d3ff84f2b235f0a90e805da87050299ffa1483aa1240e7da3f261f955305"
 }

src/email.rs

@@ -29,7 +29,7 @@ const WELCOME_EMAIL_HTML: &str = r#"
 <body>
     <div class="container">
         <h1>Welcome to <a href="https://trymaple.ai">Maple AI</a>!</h1>
-        <p>We're thrilled to have you join us during our private beta.</p>
+        <p>We're thrilled to have you join us.</p>
 
         <p><em>Just as Maple trees thrive through their discreet underground communication network of fungal hyphae, Maple AI empowers you to flourish in the digital world while maintaining your privacy.</em></p>
 
@@ -55,7 +55,7 @@ const WELCOME_EMAIL_HTML: &str = r#"
 
         <p>We hope you enjoy using Maple AI, knowing that your sensitive discussions and data are protected at every step. Your privacy is not just a feature – it's our mission.</p>
 
-        <p>As we're in private beta, your feedback is incredibly valuable. If you encounter any issues or have suggestions, please reach out to us at <a href="mailto:team@opensecret.cloud">team@opensecret.cloud</a>.</p>
+        <p>Your feedback is incredibly valuable. If you encounter any issues or have suggestions, please reach out to us at <a href="mailto:support@opensecret.cloud">support@opensecret.cloud</a>.</p>
 
         <p>Thank you for being an early adopter and helping us shape the future of secure, AI-powered productivity!</p>
 
@@ -269,14 +269,14 @@ pub async fn send_password_reset_confirmation_email(
             <div class="container">
                 <h1>Password Reset Confirmation</h1>
                 <p>Your Maple AI account password has been successfully reset.</p>
-                <p>If you did not initiate this password reset, please contact us immediately at <a href="mailto:support@trymaple.ai">support@trymaple.ai</a>.</p>
+                <p>If you did not initiate this password reset, please contact us immediately at <a href="mailto:support@opensecret.cloud">support@opensecret.cloud</a>.</p>
                 <p>For security reasons, we recommend that you:</p>
                 <ul>
                     <li>Change your password again if you suspect any unauthorized access.</li>
                     <li>Review your account activity for any suspicious actions.</li>
                 </ul>
                 <p>If you have any questions or concerns, please don't hesitate to reach out to our support team.</p>
-                <p>Best regards,<br>The Maple AI Team</p>
+                <p>Best regards,<br>The OpenSecret Team</p>
             </div>
         </body>
         </html>

src/main.rs

@@ -278,7 +278,6 @@ pub struct RegisterCredentials {
     pub name: Option<String>,
     pub email: Option<String>,
     pub password: String,
-    pub invite_code: String,
 }
 
 #[derive(Debug, Clone)]

src/web/login_routes.rs

@@ -1,4 +1,3 @@
-use crate::AppMode;
 use crate::User;
 use crate::{
     db::DBError,
@@ -25,8 +24,6 @@ use tokio::spawn;
 use tracing::{debug, error, info};
 use uuid::Uuid;
 
-pub const VALID_INVITE_CODES: [&str; 3] = ["bearclaw24", "friends24", "hivemind24"];
-
 #[derive(Deserialize, Clone)]
 pub struct PasswordResetRequestPayload {
     email: String,
@@ -229,15 +226,6 @@ pub async fn register(
     debug!("Entering register function");
     tracing::trace!("call register");
 
-    // Skip invite code check for preview mode
-    if data.app_mode != AppMode::Preview {
-        // Check the invite code (case-insensitive)
-        let lowercase_invite_code = creds.invite_code.to_lowercase();
-        if !VALID_INVITE_CODES.contains(&lowercase_invite_code.as_str()) {
-            return Err(ApiError::InvalidInviteCode);
-        }
-    }
-
     let user = match data.register_user(creds.clone()).await {
         Ok(user) => user,
         Err(Error::UserAlreadyExists) => {

src/web/oauth_routes.rs

@@ -1,8 +1,7 @@
 use crate::models::email_verification::NewEmailVerification;
 use crate::models::oauth::NewUserOAuthConnection;
 use crate::web::encryption_middleware::{decrypt_request, encrypt_response, EncryptedResponse};
-use crate::web::login_routes::{handle_new_user_registration, VALID_INVITE_CODES};
-use crate::AppMode;
+use crate::web::login_routes::handle_new_user_registration;
 use crate::{encrypt, DBError};
 use crate::{
     jwt::{NewToken, TokenType},
@@ -69,15 +68,12 @@ struct OAuthOAuthCallbackResponse {
 }
 
 #[derive(Deserialize, Clone)]
-struct OAuthAuthRequest {
-    invite_code: Option<String>,
-}
+struct OAuthAuthRequest {}
 
 #[derive(Deserialize, Clone)]
 struct OAuthCallbackRequest {
     code: String,
     state: String,
-    invite_code: String,
 }
 
 #[derive(Serialize)]
@@ -113,21 +109,12 @@ struct GoogleUser {
 
 async fn initiate_oauth(
     State(app_state): State<Arc<AppState>>,
-    Extension(auth_request): Extension<OAuthAuthRequest>,
+    Extension(_auth_request): Extension<OAuthAuthRequest>,
     Extension(session_id): Extension<Uuid>,
     provider_name: &str,
 ) -> Result<Json<EncryptedResponse<OAuthOAuthCallbackResponse>>, ApiError> {
     debug!("Entering init {} auth function", provider_name);
 
-    // Check the invite code if it's provided (for sign-ups)
-    if let Some(invite_code) = &auth_request.invite_code {
-        let lowercase_invite_code = invite_code.to_lowercase();
-        if !VALID_INVITE_CODES.contains(&lowercase_invite_code.as_str()) {
-            error!("Invalid invite code: {}", lowercase_invite_code);
-            return Err(ApiError::InvalidInviteCode);
-        }
-    }
-
     let oauth_client = app_state
         .oauth_manager
         .get_provider(provider_name)
@@ -153,7 +140,6 @@ async fn oauth_callback(
     debug!("Entering {} callback function", provider_name);
     trace!("Received code: {}", callback_request.code);
     trace!("Received state: {}", callback_request.state);
-    trace!("Received invite code: {}", callback_request.invite_code);
 
     let oauth_client = app_state
         .oauth_manager
@@ -205,7 +191,6 @@ async fn oauth_callback(
                 github_user.id.to_string(),
                 "github",
                 token.secret().to_string(),
-                &callback_request.invite_code,
                 github_user.name.clone().or(Some(github_user.login.clone())),
             )
             .await?
@@ -229,7 +214,6 @@ async fn oauth_callback(
                 google_user.sub.clone(),
                 "google",
                 token.secret().to_string(),
-                &callback_request.invite_code,
                 google_user.name.clone(),
             )
             .await?
@@ -252,7 +236,8 @@ async fn oauth_callback(
 
     let auth_response = OAuthCallbackResponse {
         id: user.get_id(),
-        email: user.get_email()
+        email: user
+            .get_email()
             .expect("OAuth user must have email")
             .to_string(),
         access_token: access_token.token,
@@ -422,7 +407,6 @@ async fn find_or_create_user_from_oauth(
     provider_user_id: String,
     provider_name: &str,
     access_token: String,
-    invite_code: &str,
     user_name: Option<String>,
 ) -> Result<User, ApiError> {
     let provider = app_state
@@ -461,26 +445,9 @@ async fn find_or_create_user_from_oauth(
             }
         }
         Err(DBError::UserNotFound) => {
-            // If invite code is empty and not in preview mode, return UserNotFound error
-            if invite_code.is_empty() && app_state.app_mode != AppMode::Preview {
-                return Err(ApiError::UserNotFound);
-            }
-
-            // Check the invite code for new sign-ups, but skip for preview mode
-            if app_state.app_mode != AppMode::Preview {
-                let lowercase_invite_code = invite_code.to_lowercase();
-                if !VALID_INVITE_CODES.contains(&lowercase_invite_code.as_str()) {
-                    error!(
-                        "Invalid invite code for new user: {}",
-                        lowercase_invite_code
-                    );
-                    return Err(ApiError::InvalidInviteCode);
-                }
-            }
-
             // Create new user
-            let new_user = NewUser::new(Some(email.clone()), None)
-                .with_name(user_name.unwrap_or_default());
+            let new_user =
+                NewUser::new(Some(email.clone()), None).with_name(user_name.unwrap_or_default());
 
             let user = app_state.db.create_user(new_user).map_err(|e| {
                 error!("Failed to create new user: {:?}", e);