feat: Guest email authentication (#1088)

* feat: API endpoints for email signin

* fix: After testing

* Initial signin flow working

* move shared middleware

* feat: Add guest signin toggle, obey on endpoints

* feat: Basic email signin when enabled

* Improve guest signin email
Disable double signin with JWT

* fix: Simple rate limiting

* create placeholder users in db

* fix: Give invited users default avatar
add invited users to people settings

* test

* add transaction

* tmp: test CI

* derp

* md5

* urgh

* again

* test: pass

* test

* fix: Remove usage of data values

* guest signin page

* Visually separator 'Invited' from other people tabs

* fix: Edge case attempting SSO signin for guest email account

* fix: Correctly set email auth method to cookie

* Improve rate limit error display

* lint: cleanup / comments

* Improve invalid token error display

* style tweaks

* pass guest value to subdomain

* Restore copy link option

* feat: Allow invite revoke from people management

* fix: Incorrect users email schema does not allow for user deletion

* lint

* fix: avatarUrl for deleted user failure

* change default to off for guest invites

* fix: Changing security settings wipes subdomain

* fix: user delete permissioning

* test: Add user.invite specs

server/middlewares/methodOverride.js

@@ -0,0 +1,19 @@
+// @flow
+import queryString from 'query-string';
+import { type Context } from 'koa';
+
+export default function methodOverride() {
+  return async function methodOverrideMiddleware(
+    ctx: Context,
+    next: () => Promise<*>
+  ) {
+    if (ctx.method === 'POST') {
+      // $FlowFixMe
+      ctx.body = ctx.request.body;
+    } else if (ctx.method === 'GET') {
+      ctx.method = 'POST'; // eslint-disable-line
+      ctx.body = queryString.parse(ctx.querystring);
+    }
+    return next();
+  };
+}