Phase 3.4: customers.display_name nullable + identity-only social scope

Drop NOT NULL on customers.display_name so phone-OTP and social signups can land before the user picks a name; frontend then routes them to /auth/set-name. Google sign-in no longer requests the name claim and Apple SDK scope is trimmed to email only. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 13:43:37 +08:00
parent 6801001b64
commit 6de541848c
3 changed files with 10 additions and 4 deletions
--- a/backend/src/services/auth.service.js
+++ b/backend/src/services/auth.service.js
@@ -112,16 +112,18 @@ export const signInWithGoogle = async ({ idToken, anonymousCustomerId, deviceInf
  if (existing) {
    customer = existing
  } else if (anonymousCustomerId) {
+    // Preserve the anonymous display_name; we don't pull name from Google.
    customer = await upgradeCustomerIdentity(anonymousCustomerId, {
      google_sub: google.sub,
      email: google.email,
-      display_name: google.name,
    })
  } else {
+    // No anonymous bootstrap → display_name is null; frontend routes to
+    // the set-display-name screen.
    customer = await createCustomerWithIdentity({
      google_sub: google.sub,
      email: google.email,
-      display_name: google.name,
+      display_name: null,
    })
  }