Improve expired invite experience

[Shrinks99]

Context

Invites expire after a set amount of time for security reasons, but some users don't get around to them in time. How can we ensure that folks who miss their invite link still get to the org they intended to?

Requirements

• Users who miss their invite should be taken to a page telling them their invite expired and to contact their org admin
• Admins should see a list of invitations that have expired in the members panel alongside pending and users
  • Expired invites table should list emails, the expiry date, and the role they were to be given (as a dropdown).
  • Expired invites table should have two actions, one to delete the invite and another to resend it.

[emma-sg]

Backend/DB todos

• Set InvitePending#created in backend explicitly, rather than relying on frontend
• Implement TTL check from InvitePending#created field on every invite access/get

For initial user re-invites

• Endpoint to re-create an invite from an existing invite (only if org for original invite has zero users)
• Add "initial user"/"can re-create expired invites" boolean to endpoints used on initial render of invite accept page

For multi-user orgs

• Endpoint to get expired invites
• Endpoint to recreate existing invite using admin auth

[ikreymer]

[ ] Set InvitePending#created in backend explicitly, rather than relying on frontend
[ ] Implement TTL check from InvitePending#created field on every invite access/get

This is already set on https://github.com/webrecorder/browsertrix/blob/main/backend/btrixcloud/invites.py#L198
There is also an expiring index so that the invites auto-expire: https://github.com/webrecorder/browsertrix/blob/main/backend/btrixcloud/invites.py#L54

• Users who miss their invite should be taken to a page telling them their invite expired and to contact their org admin

• Admins should see a list of invitations that have expired in the members panel alongside pending and users

  • Expired invites table should list emails, the expiry date, and the role they were to be given (as a dropdown).
  • Expired invites table should have two actions, one to delete the invite and another to resend it.

This isn't something that we need at this point, as the invite system is something that is used fairly rarely.

We just want to improve the error message, so if an invite is invalid, we should just say something like: 'This invite is not valid. If you've received this invite a while ago, it may have expired. If you believe this may have happened. Please contact support / your Browsertrix Admin to request a new invite'

I think that's the extent of what we should do now to address this issue.

[ikreymer]

For clarity, closing this issue in favor of #1912 which provides additional details on improvements + bug.