Referral Link Service
Component Detail
Description
Backend service that generates server-side signed short invite URLs encoding the referrer user ID and organization tenant context, persisting each invite record in referral_invites. Enforces per-org link policy (single-use vs multi-use, expiry duration) read from module_configurations, signs tokens to prevent forgery, and exposes a mobile API for the current user's active invite.
referral-link-service
Sources & reasoning
Core business logic component mandated by the blueprint. Server-side generation with token signing is necessary to prevent link forgery and preserve attribution integrity between referrer and recruit. Single-use vs multi-use and expiry behavior are per-org configuration requirements from the implementation notes.
No source references — this artifact was included based on reasoning alone (see above).
Responsibilities
- Generate signed invite URLs with referrer user ID and tenant context embedded
- Persist invite records to referral_invites with expiry and usage policy
- Validate token signatures on incoming deep links to ensure attribution integrity
- Read per-org invite policy from module_configurations (single-use, expiry)
- Expose GET endpoint for the mobile app to fetch the active invite link for the authenticated user
Interfaces
generateInviteLink(userId: String, orgId: String) -> ReferralLink
getActiveInviteLink(userId: String) -> ReferralLink?
validateInviteToken(token: String) -> ReferralInvite?
markInviteUsed(inviteId: String)
getInviteStats(userId: String) -> InviteStats
rotateInviteLink(userId: String) -> ReferralLink
Relationships
Dependencies (2)
Components this component depends on
Dependents (2)
Components that depend on this component