User.email and implementation

packages/backend/drizzle/0027_volatile_otto_octavius.sql

@@ -0,0 +1,4 @@
+ALTER TABLE "User" ADD COLUMN "email" varchar(255);--> statement-breakpoint
+UPDATE "User" SET "email" = 'user_' || id || '@placeholder.local' WHERE "email" IS NULL;--> statement-breakpoint
+ALTER TABLE "User" ALTER COLUMN "email" SET NOT NULL;--> statement-breakpoint
+ALTER TABLE "User" ADD CONSTRAINT "User_email_unique" UNIQUE("email");

packages/backend/drizzle/meta/_journal.json

@@ -190,6 +190,13 @@
       "when": 1769615487574,
       "tag": "0026_stale_shocker",
       "breakpoints": true
+    },
+    {
+      "idx": 27,
+      "version": "7",
+      "when": 1769635016079,
+      "tag": "0027_volatile_otto_octavius",
+      "breakpoints": true
     }
   ]
 }

packages/backend/scripts/db-seed.ts

@@ -97,15 +97,15 @@ const issueComments = [
 
 const passwordHash = await hashPassword("a");
 const users = [
-    { name: "user 1", username: "u1", passwordHash, avatarURL: null },
-    { name: "user 2", username: "u2", passwordHash, avatarURL: null },
+    { name: "user 1", username: "u1", email: "user1@example.com", passwordHash, avatarURL: null },
+    { name: "user 2", username: "u2", email: "user2@example.com", passwordHash, avatarURL: null },
     // anything past here is just to have more users to assign issues to
-    { name: "user 3", username: "u3", passwordHash, avatarURL: null },
-    { name: "user 4", username: "u4", passwordHash, avatarURL: null },
-    { name: "user 5", username: "u5", passwordHash, avatarURL: null },
-    { name: "user 6", username: "u6", passwordHash, avatarURL: null },
-    { name: "user 7", username: "u7", passwordHash, avatarURL: null },
-    { name: "user 8", username: "u8", passwordHash, avatarURL: null },
+    { name: "user 3", username: "u3", email: "user3@example.com", passwordHash, avatarURL: null },
+    { name: "user 4", username: "u4", email: "user4@example.com", passwordHash, avatarURL: null },
+    { name: "user 5", username: "u5", email: "user5@example.com", passwordHash, avatarURL: null },
+    { name: "user 6", username: "u6", email: "user6@example.com", passwordHash, avatarURL: null },
+    { name: "user 7", username: "u7", email: "user7@example.com", passwordHash, avatarURL: null },
+    { name: "user 8", username: "u8", email: "user8@example.com", passwordHash, avatarURL: null },
 ];
 
 async function seed() {

packages/backend/src/db/queries/users.ts

@@ -5,10 +5,14 @@ import { db } from "../client";
 export async function createUser(
     name: string,
     username: string,
+    email: string,
     passwordHash: string,
     avatarURL?: string | null,
 ) {
-    const [user] = await db.insert(User).values({ name, username, passwordHash, avatarURL }).returning();
+    const [user] = await db
+        .insert(User)
+        .values({ name, username, email, passwordHash, avatarURL })
+        .returning();
     return user;
 }
 
@@ -22,6 +26,11 @@ export async function getUserByUsername(username: string) {
     return user;
 }
 
+export async function getUserByEmail(email: string) {
+    const [user] = await db.select().from(User).where(eq(User.email, email));
+    return user;
+}
+
 export async function updateById(
     id: number,
     updates: {

packages/backend/src/routes/auth/register.ts

@@ -2,6 +2,7 @@ import { RegisterRequestSchema } from "@sprint/shared";
 import type { BunRequest } from "bun";
 import { buildAuthCookie, generateToken, hashPassword } from "../../auth/utils";
 import { createSession, createUser, getUserByUsername } from "../../db/queries";
+import { getUserByEmail } from "../../db/queries/users";
 import { errorResponse, parseJsonBody } from "../../validation";
 
 export default async function register(req: BunRequest) {
@@ -12,15 +13,20 @@ export default async function register(req: BunRequest) {
     const parsed = await parseJsonBody(req, RegisterRequestSchema);
     if ("error" in parsed) return parsed.error;
 
-    const { name, username, password, avatarURL } = parsed.data;
+    const { name, username, email, password, avatarURL } = parsed.data;
 
-    const existing = await getUserByUsername(username);
-    if (existing) {
+    const existingUsername = await getUserByUsername(username);
+    if (existingUsername) {
         return errorResponse("username already taken", "USERNAME_TAKEN", 400);
     }
 
+    const existingEmail = await getUserByEmail(email);
+    if (existingEmail) {
+        return errorResponse("email already registered", "EMAIL_TAKEN", 400);
+    }
+
     const passwordHash = await hashPassword(password);
-    const user = await createUser(name, username, passwordHash, avatarURL);
+    const user = await createUser(name, username, email, passwordHash, avatarURL);
     if (!user) {
         return errorResponse("failed to create user", "USER_CREATE_ERROR", 500);
     }

packages/backend/src/routes/subscription/create-checkout-session.ts

@@ -39,10 +39,8 @@ async function handler(req: AuthedRequest) {
         const quantity = Math.max(1, totalMembers - 5);
         const priceId = billingPeriod === "annual" ? STRIPE_PRICE_ANNUAL : STRIPE_PRICE_MONTHLY;
 
-        // build customer data - use username as email if no email field exists
-        const customerEmail = user.username.includes("@")
-            ? user.username
-            : `${user.username}@localhost.local`;
+        // use the user's email from the database
+        const customerEmail = user.email;
 
         const session = await stripe.checkout.sessions.create({
             customer_email: customerEmail,