feat: add invite code feature (create, validate, referrer tracking)

backend/src/v1/auth/gateway.py

@@ -39,10 +39,13 @@ class SupabaseAuthGateway(AuthServiceGateway):
     async def create_verification(
         self, request: VerificationCreateRequest
     ) -> VerificationCreateResponse:
+        metadata: dict[str, Any] = {"username": request.username}
+        if request.invite_code:
+            metadata["invite_code"] = request.invite_code
         payload: dict[str, Any] = {
             "email": request.email,
             "password": request.password,
-            "data": {"username": request.username},
+            "data": metadata,
         }
         if request.redirect_to:
             payload["options"] = {"email_redirect_to": request.redirect_to}

backend/src/v1/auth/schemas.py

@@ -1,13 +1,21 @@
 from __future__ import annotations
 
-from pydantic import BaseModel, EmailStr, Field
+from pydantic import BaseModel, ConfigDict, EmailStr, Field
 
 
 class VerificationCreateRequest(BaseModel):
+    model_config = ConfigDict(extra="forbid")
+
     username: str = Field(min_length=3, max_length=30)
     email: EmailStr
     password: str = Field(min_length=6)
     redirect_to: str | None = None
+    invite_code: str | None = Field(
+        default=None,
+        min_length=8,
+        max_length=8,
+        pattern=r"^[ABCDEFGHJKMNPQRSTUVWXYZ23456789]{8}$",
+    )
 
 
 class VerificationResendRequest(BaseModel):
@@ -65,7 +73,3 @@ class PasswordResetConfirmRequest(BaseModel):
     email: EmailStr
     token: str = Field(pattern=r"^\d{6}$")
     new_password: str = Field(min_length=6)
-
-
-class PasswordResetResponse(BaseModel):
-    message: str = "Password reset email sent"