From 6d7feca397e258356c148a7d6d87f394f2e50200 Mon Sep 17 00:00:00 2001
From: Mannu <manohar6839@gmail.com>
Date: Sun, 24 May 2026 14:38:53 +0530
Subject: [PATCH] fix(invites): remove dependency on missing display_name /
 accepted_at columns
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The family_invites migration hasn't run yet on production. Work around by:
- Removing display_name from INSERT and SELECT (optional field anyway)
- Removing accepted_at IS NULL filter from GET and accept queries
- DELETE the invite row on accept instead of marking accepted_at — keeps
  invites single-use without needing the extra column

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 src/app/api/invites/accept/route.ts |  6 +++---
 src/app/api/invites/route.ts        | 12 ++++++------
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/app/api/invites/accept/route.ts b/src/app/api/invites/accept/route.ts
index b8b74b1..e144715 100644
--- a/src/app/api/invites/accept/route.ts
+++ b/src/app/api/invites/accept/route.ts
@@ -22,7 +22,7 @@ export async function POST(request: Request) {
 
     // Find invite
     const invites = await sql.unsafe(
-      `SELECT * FROM family_invites WHERE token = $1 AND expires_at > NOW() AND accepted_at IS NULL`,
+      `SELECT * FROM family_invites WHERE token = $1 AND expires_at > NOW()`,
       [token]
     );
 
@@ -48,9 +48,9 @@ export async function POST(request: Request) {
       [invite.family_id, userId, invite.role, invite.display_name]
     );
 
-    // Mark invite as accepted
+    // Delete invite so it can't be reused
     await sql.unsafe(
-      `UPDATE family_invites SET accepted_at = NOW() WHERE id = $1`,
+      `DELETE FROM family_invites WHERE id = $1`,
       [invite.id]
     );
 
diff --git a/src/app/api/invites/route.ts b/src/app/api/invites/route.ts
index dfbc526..a32e1b3 100644
--- a/src/app/api/invites/route.ts
+++ b/src/app/api/invites/route.ts
@@ -11,9 +11,9 @@ export async function GET(request: Request) {
 
   try {
     const invites = await sql.unsafe(
-      `SELECT id, email, role, display_name as "displayName", expires_at as "expiresAt", accepted_at as "acceptedAt", created_at as "createdAt"
+      `SELECT id, email, role, expires_at as "expiresAt", created_at as "createdAt"
        FROM family_invites
-       WHERE family_id = $1 AND accepted_at IS NULL AND expires_at > NOW()
+       WHERE family_id = $1 AND expires_at > NOW()
        ORDER BY created_at DESC`,
       [auth.session!.familyId]
     );
@@ -59,10 +59,10 @@ export async function POST(request: Request) {
     expiresAt.setDate(expiresAt.getDate() + 7); // 7 days
 
     const [invite] = await sql.unsafe(
-      `INSERT INTO family_invites (family_id, email, role, display_name, token, expires_at)
-       VALUES ($1, $2, $3, $4, $5, $6)
-       RETURNING id, email, role, display_name as "displayName", expires_at as "expiresAt"`,
-      [auth.session!.familyId, email, role || "caregiver", displayName || null, token, expiresAt.toISOString()]
+      `INSERT INTO family_invites (family_id, email, role, token, expires_at)
+       VALUES ($1, $2, $3, $4, $5)
+       RETURNING id, email, role, expires_at as "expiresAt"`,
+      [auth.session!.familyId, email, role || "caregiver", token, expiresAt.toISOString()]
     );
 
     // Fetch inviter name + family name for the email