Account Member Flow Plan

Purpose

Lock the scope for the first real member-account milestone so signup and profile work do not sprawl into billing, production email, or broad OAuth before the foundations are stable.

Pass 1

Ship these now:

• Email/password Community signup
• Public member profile page
• Member-name creation with Base_0000 style suffix assignment
• Member-name rename flow with plan-based cooldowns
• Member password change flow
• Password hashing for stored member credentials
• Email-verification fields and API seams, with localhost/dev bypass enabled
• Keep seeded Community, Pro, and Business accounts for testing all tiers

Pass 1 Guardrails

Do not add these in this milestone:

• Billing provider integration
• Real paid-plan checkout
• Public Pro or Business self-signup
• Real email delivery or production verification links
• OAuth sign-in providers
• Account linking between email/password and OAuth identities
• Full org/team management
• Subscription management UI

Pass 2

Layer these on after Pass 1 is stable:

• Upgrade flow from Community to Pro or Business
• Billing/subscription handoff
• Real email verification delivery and return-link consume flow
• OAuth sign-in providers such as Google and GitHub
• Account linking and merge rules

Member Name Rules

• Input base name allows letters, numbers, and underscores only
• The visible canonical member name is Base_####
• Multiple people may share the same base name
• The suffix must be unique for the full canonical value
• If a generated suffix collides, reroll until unique or fail after a bounded retry cap

Cooldowns

• Community: 180 days
• Pro: 90 days
• Business: 7 days

Security Notes

• Email is the primary public signup identifier
• Admin accounts remain environment-created and separate from public signup
• Stored passwords must be hashed before public signup is relied on
• The cloud member surface remains metadata-oriented and must not move Harbor Node's connector-secret boundary into the cloud