Auto-verify admin-created users and fix seed idempotency

[jakebromberg]

Problem

The after-hook on /admin/create-user sends a verification email instead of auto-verifying. Combined with requireEmailVerification: true, admin-created users can't log in until they click the verification link — which breaks E2E tests and the expected admin workflow.

Additionally, the seed ON CONFLICT clause doesn't update email_verified or role, so re-seeding can't repair users stuck with email_verified = false.

Root Causes

1. After-hook sends verification email — auth.definition.ts calls auth.api.sendVerificationEmail() in the after-hook for /admin/create-user. Admin creation is inherently trusted and should auto-verify.

2. Seed ON CONFLICT incomplete — seed_db.sql only updates dj_name, real_name, updated_at on conflict. Missing email_verified and role.

Fix

1. Replace sendVerificationEmail with direct db.update(user).set({ emailVerified: true }) using the already-imported Drizzle db, user table, and eq operator.

2. Add email_verified = EXCLUDED.email_verified and role = EXCLUDED.role to the ON CONFLICT clause.

Files Changed

• shared/authentication/src/auth.definition.ts
• dev_env/seed_db.sql

Related

• Fix E2E test infrastructure: 25 test failures across 5 root causes dj-site#269