update

backend/app/database.py

@@ -224,6 +224,7 @@ class UnipileAccount(Base):
 
     id = Column(Integer, primary_key=True, index=True)
     tenant_id = Column(Integer, ForeignKey("tenants.id"), nullable=True, index=True)
+    user_id = Column(Integer, ForeignKey("users.id"), nullable=True, index=True)
     label = Column(String, default="")
     provider = Column(String, default="LINKEDIN")
     unipile_account_id = Column(String, index=True)
@@ -239,6 +240,7 @@ class LinkedinCampaign(Base):
 
     id = Column(Integer, primary_key=True, index=True)
     tenant_id = Column(Integer, ForeignKey("tenants.id"), nullable=True, index=True)
+    user_id = Column(Integer, ForeignKey("users.id"), nullable=True, index=True)
     name = Column(String, index=True)
     status = Column(String, default="draft")  # draft | generated | running | completed | failed
     unipile_account_ref_id = Column(Integer, ForeignKey("unipile_accounts.id"), nullable=False, index=True)
@@ -251,6 +253,20 @@ class LinkedinCampaign(Base):
     executed_at = Column(DateTime, nullable=True)
 
 
+class UnipileHostedAuthState(Base):
+    __tablename__ = "unipile_hosted_auth_states"
+
+    id = Column(Integer, primary_key=True, index=True)
+    tenant_id = Column(Integer, ForeignKey("tenants.id"), nullable=True, index=True)
+    user_id = Column(Integer, ForeignKey("users.id"), nullable=True, index=True)
+    token = Column(String, unique=True, index=True)
+    provider = Column(String, default="LINKEDIN")
+    label = Column(String, default="")
+    expires_at = Column(DateTime, nullable=True)
+    used_at = Column(DateTime, nullable=True)
+    created_at = Column(DateTime, default=datetime.utcnow)
+
+
 def run_migrations(connection_engine):
     """Add tenant_id to legacy SQLite tables and attach rows to the default tenant."""
     from sqlalchemy import inspect, text
@@ -266,6 +282,7 @@ def run_migrations(connection_engine):
         "smartlead_runs",
         "unipile_accounts",
         "linkedin_campaigns",
+        "unipile_hosted_auth_states",
     )
 
     with connection_engine.begin() as conn:
@@ -371,6 +388,18 @@ def run_migrations(connection_engine):
                     )
                 )
 
+        insp = inspect(connection_engine)
+        if insp.has_table("unipile_accounts"):
+            uacols = [c["name"] for c in insp.get_columns("unipile_accounts")]
+            if "user_id" not in uacols:
+                conn.execute(text("ALTER TABLE unipile_accounts ADD COLUMN user_id INTEGER"))
+
+        insp = inspect(connection_engine)
+        if insp.has_table("linkedin_campaigns"):
+            lccols = [c["name"] for c in insp.get_columns("linkedin_campaigns")]
+            if "user_id" not in lccols:
+                conn.execute(text("ALTER TABLE linkedin_campaigns ADD COLUMN user_id INTEGER"))
+
 
 # Create tables then migrate legacy SQLite schemas
 Base.metadata.create_all(bind=engine)

backend/app/main.py

@@ -36,6 +36,7 @@ from .database import (
     CrmDeal,
     UnipileAccount,
     LinkedinCampaign,
+    UnipileHostedAuthState,
 )
 from pydantic import ValidationError
 
@@ -54,6 +55,7 @@ from .models import (
     ContactPatchRequest,
     WonBillingPayload,
     UnipileConnectRequest,
+    UnipileHostedLinkRequest,
     LinkedinCampaignCreateRequest,
     LinkedinCampaignGenerateRequest,
     LinkedinCampaignExecuteRequest,
@@ -103,6 +105,7 @@ UPLOAD_DIR = Path("/data/uploads")
 UPLOAD_DIR.mkdir(parents=True, exist_ok=True)
 UNIPILE_API_BASE = os.getenv("UNIPILE_API_BASE", "").rstrip("/")
 UNIPILE_API_KEY = os.getenv("UNIPILE_API_KEY", "")
+FRONTEND_ORIGIN = os.getenv("FRONTEND_ORIGIN", "").rstrip("/")
 
 # ---- API ----
 def _safe_str(value):
@@ -984,7 +987,11 @@ async def upload_csv(file: UploadFile = File(...), t: TenantContext = Depends(ge
 async def list_unipile_linkedin_accounts(t: TenantContext = Depends(get_tenant_context)):
     rows = (
         t.db.query(UnipileAccount)
-        .filter(UnipileAccount.tenant_id == t.tenant_id, UnipileAccount.provider == "LINKEDIN")
+        .filter(
+            UnipileAccount.tenant_id == t.tenant_id,
+            UnipileAccount.user_id == t.user_id,
+            UnipileAccount.provider == "LINKEDIN",
+        )
         .order_by(UnipileAccount.created_at.desc(), UnipileAccount.id.desc())
         .all()
     )
@@ -1004,6 +1011,114 @@ async def list_unipile_linkedin_accounts(t: TenantContext = Depends(get_tenant_c
     }
 
 
+@app.post("/api/unipile/linkedin/hosted-link")
+async def create_unipile_linkedin_hosted_link(
+    body: UnipileHostedLinkRequest,
+    t: TenantContext = Depends(get_tenant_context),
+):
+    if not FRONTEND_ORIGIN:
+        raise HTTPException(
+            status_code=400,
+            detail="FRONTEND_ORIGIN is required to use UniPile Hosted Auth redirect flow.",
+        )
+    token = str(uuid.uuid4())
+    expires_at = datetime.utcnow() + timedelta(minutes=20)
+    state = UnipileHostedAuthState(
+        tenant_id=t.tenant_id,
+        user_id=t.user_id,
+        token=token,
+        provider="LINKEDIN",
+        label=(body.label or "LinkedIn Account").strip(),
+        expires_at=expires_at,
+    )
+    t.db.add(state)
+    t.db.commit()
+
+    payload = {
+        "type": "create",
+        "providers": ["LINKEDIN"],
+        "api_url": UNIPILE_API_BASE,
+        "expiresOn": expires_at.isoformat() + "Z",
+        "notify_url": f"{FRONTEND_ORIGIN}/api/unipile/linkedin/hosted-callback",
+        "success_redirect_url": f"{FRONTEND_ORIGIN}/?tab=linkedin-connected",
+        "failure_redirect_url": f"{FRONTEND_ORIGIN}/?tab=linkedin-connect-failed",
+        "name": token,
+    }
+    response = _unipile_request("POST", "/api/v1/hosted/accounts/link", payload)
+    hosted_url = _safe_str(response.get("url") if isinstance(response, dict) else "")
+    if not hosted_url:
+        raise HTTPException(status_code=400, detail="UniPile did not return hosted auth URL")
+    return {"url": hosted_url}
+
+
+@app.post("/api/unipile/linkedin/hosted-callback")
+async def unipile_linkedin_hosted_callback(request: Request, db: Session = Depends(get_db)):
+    """
+    UniPile Hosted Auth notify_url callback.
+    No session is available on this route (server-to-server call), so we map by stored token in `name`.
+    """
+    try:
+        body = await request.json()
+    except Exception:
+        raise HTTPException(status_code=400, detail="Expected JSON body")
+
+    name_token = _safe_str((body or {}).get("name"))
+    unipile_account_id = _safe_str((body or {}).get("account_id"))
+    status = _safe_str((body or {}).get("status") or "connected")
+    if not name_token:
+        raise HTTPException(status_code=400, detail="Missing name token")
+    if not unipile_account_id:
+        return {"ok": True, "ignored": True, "reason": "missing_account_id"}
+
+    state = (
+        db.query(UnipileHostedAuthState)
+        .filter(
+            UnipileHostedAuthState.token == name_token,
+            UnipileHostedAuthState.provider == "LINKEDIN",
+        )
+        .first()
+    )
+    if not state:
+        return {"ok": True, "ignored": True, "reason": "unknown_token"}
+    if state.used_at is not None:
+        return {"ok": True, "ignored": True, "reason": "token_already_used"}
+    if state.expires_at and state.expires_at < datetime.utcnow():
+        return {"ok": True, "ignored": True, "reason": "token_expired"}
+
+    existing = (
+        db.query(UnipileAccount)
+        .filter(
+            UnipileAccount.tenant_id == state.tenant_id,
+            UnipileAccount.user_id == state.user_id,
+            UnipileAccount.provider == "LINKEDIN",
+            UnipileAccount.unipile_account_id == unipile_account_id,
+        )
+        .first()
+    )
+    if existing:
+        existing.label = state.label or existing.label
+        existing.status = status or existing.status
+        existing.auth_mode = "hosted"
+        existing.metadata_json = body
+        existing.updated_at = datetime.utcnow()
+    else:
+        db.add(
+            UnipileAccount(
+                tenant_id=state.tenant_id,
+                user_id=state.user_id,
+                label=state.label or "LinkedIn account",
+                provider="LINKEDIN",
+                unipile_account_id=unipile_account_id,
+                status=status or "connected",
+                auth_mode="hosted",
+                metadata_json=body,
+            )
+        )
+    state.used_at = datetime.utcnow()
+    db.commit()
+    return {"ok": True}
+
+
 @app.post("/api/unipile/linkedin/connect")
 async def connect_unipile_linkedin(
     body: UnipileConnectRequest,
@@ -1038,6 +1153,7 @@ async def connect_unipile_linkedin(
 
     db_row = UnipileAccount(
         tenant_id=t.tenant_id,
+        user_id=t.user_id,
         label=(body.label or "LinkedIn account").strip(),
         provider="LINKEDIN",
         unipile_account_id=account_id,
@@ -1066,7 +1182,12 @@ async def list_linkedin_campaigns(t: TenantContext = Depends(get_tenant_context)
     rows = (
         t.db.query(LinkedinCampaign, UnipileAccount)
         .join(UnipileAccount, UnipileAccount.id == LinkedinCampaign.unipile_account_ref_id)
-        .filter(LinkedinCampaign.tenant_id == t.tenant_id)
+        .filter(
+            LinkedinCampaign.tenant_id == t.tenant_id,
+            LinkedinCampaign.user_id == t.user_id,
+            UnipileAccount.tenant_id == t.tenant_id,
+            UnipileAccount.user_id == t.user_id,
+        )
         .order_by(LinkedinCampaign.created_at.desc(), LinkedinCampaign.id.desc())
         .all()
     )
@@ -1096,7 +1217,11 @@ async def create_linkedin_campaign(
 ):
     account = (
         t.db.query(UnipileAccount)
-        .filter(UnipileAccount.tenant_id == t.tenant_id, UnipileAccount.id == body.unipile_account_ref_id)
+        .filter(
+            UnipileAccount.tenant_id == t.tenant_id,
+            UnipileAccount.user_id == t.user_id,
+            UnipileAccount.id == body.unipile_account_ref_id,
+        )
         .first()
     )
     if not account:
@@ -1106,6 +1231,7 @@ async def create_linkedin_campaign(
         raise HTTPException(status_code=400, detail="Campaign name is required")
     row = LinkedinCampaign(
         tenant_id=t.tenant_id,
+        user_id=t.user_id,
         name=name,
         status="draft",
         unipile_account_ref_id=body.unipile_account_ref_id,
@@ -1125,7 +1251,11 @@ async def upload_linkedin_campaign_csv(
     db = t.db
     campaign = (
         db.query(LinkedinCampaign)
-        .filter(LinkedinCampaign.tenant_id == t.tenant_id, LinkedinCampaign.id == campaign_id)
+        .filter(
+            LinkedinCampaign.tenant_id == t.tenant_id,
+            LinkedinCampaign.user_id == t.user_id,
+            LinkedinCampaign.id == campaign_id,
+        )
         .first()
     )
     if not campaign:
@@ -1196,7 +1326,11 @@ async def generate_linkedin_campaign_sequences(
     db = t.db
     campaign = (
         db.query(LinkedinCampaign)
-        .filter(LinkedinCampaign.tenant_id == t.tenant_id, LinkedinCampaign.id == campaign_id)
+        .filter(
+            LinkedinCampaign.tenant_id == t.tenant_id,
+            LinkedinCampaign.user_id == t.user_id,
+            LinkedinCampaign.id == campaign_id,
+        )
         .first()
     )
     if not campaign:
@@ -1257,7 +1391,11 @@ async def get_linkedin_campaign_sequences(campaign_id: int, t: TenantContext = D
     db = t.db
     campaign = (
         db.query(LinkedinCampaign)
-        .filter(LinkedinCampaign.tenant_id == t.tenant_id, LinkedinCampaign.id == campaign_id)
+        .filter(
+            LinkedinCampaign.tenant_id == t.tenant_id,
+            LinkedinCampaign.user_id == t.user_id,
+            LinkedinCampaign.id == campaign_id,
+        )
         .first()
     )
     if not campaign:
@@ -1307,14 +1445,22 @@ async def execute_linkedin_campaign(
     db = t.db
     campaign = (
         db.query(LinkedinCampaign)
-        .filter(LinkedinCampaign.tenant_id == t.tenant_id, LinkedinCampaign.id == campaign_id)
+        .filter(
+            LinkedinCampaign.tenant_id == t.tenant_id,
+            LinkedinCampaign.user_id == t.user_id,
+            LinkedinCampaign.id == campaign_id,
+        )
         .first()
     )
     if not campaign:
         raise HTTPException(status_code=404, detail="Campaign not found")
     account = (
         db.query(UnipileAccount)
-        .filter(UnipileAccount.tenant_id == t.tenant_id, UnipileAccount.id == campaign.unipile_account_ref_id)
+        .filter(
+            UnipileAccount.tenant_id == t.tenant_id,
+            UnipileAccount.user_id == t.user_id,
+            UnipileAccount.id == campaign.unipile_account_ref_id,
+        )
         .first()
     )
     if not account:

backend/app/models.py

@@ -243,6 +243,10 @@ class UnipileConnectRequest(BaseModel):
     ip: Optional[str] = None
 
 
+class UnipileHostedLinkRequest(BaseModel):
+    label: str = "LinkedIn Account"
+
+
 class LinkedinCampaignCreateRequest(BaseModel):
     name: str
     unipile_account_ref_id: int

frontend/src/components/campaigns/LinkedinCampaignsTab.jsx

@@ -13,11 +13,6 @@ export default function LinkedinCampaignsTab() {
 
     const [connectForm, setConnectForm] = useState({
         label: 'LinkedIn Account',
-        auth_mode: 'cookie',
-        access_token: '',
-        user_agent: '',
-        username: '',
-        password: '',
     });
     const [createForm, setCreateForm] = useState({
         name: '',
@@ -62,29 +57,15 @@ export default function LinkedinCampaignsTab() {
     const connectAccount = async () => {
         setBusy(true);
         try {
-            const payload =
-                connectForm.auth_mode === 'cookie'
-                    ? {
-                          label: connectForm.label,
-                          auth_mode: 'cookie',
-                          access_token: connectForm.access_token,
-                          user_agent: connectForm.user_agent,
-                      }
-                    : {
-                          label: connectForm.label,
-                          auth_mode: 'credentials',
-                          username: connectForm.username,
-                          password: connectForm.password,
-                      };
-            const res = await apiFetch('/api/unipile/linkedin/connect', {
+            const res = await apiFetch('/api/unipile/linkedin/hosted-link', {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify(payload),
+                body: JSON.stringify({ label: connectForm.label }),
             });
             const data = await res.json().catch(() => ({}));
-            if (!res.ok) throw new Error(data.detail || 'Could not connect LinkedIn account');
-            await refreshAll();
-            alert('LinkedIn account connected.');
+            if (!res.ok) throw new Error(data.detail || 'Could not start LinkedIn connect flow');
+            if (!data.url) throw new Error('Hosted auth URL missing');
+            window.location.href = data.url;
         } catch (e) {
             alert(e.message || 'Could not connect account');
         } finally {
@@ -199,42 +180,9 @@ export default function LinkedinCampaignsTab() {
                         value={connectForm.label}
                         onChange={(e) => setConnectForm((s) => ({ ...s, label: e.target.value }))}
                     />
-                    <select
-                        className="h-10 rounded-md border border-slate-200 px-3 text-sm"
-                        value={connectForm.auth_mode}
-                        onChange={(e) => setConnectForm((s) => ({ ...s, auth_mode: e.target.value }))}
-                    >
-                        <option value="cookie">Cookie (li_at)</option>
-                        <option value="credentials">Username / Password</option>
-                    </select>
-                    {connectForm.auth_mode === 'cookie' ? (
-                        <>
-                            <Input
-                                placeholder="li_at access token"
-                                value={connectForm.access_token}
-                                onChange={(e) => setConnectForm((s) => ({ ...s, access_token: e.target.value }))}
-                            />
-                            <Input
-                                placeholder="User-Agent (recommended)"
-                                value={connectForm.user_agent}
-                                onChange={(e) => setConnectForm((s) => ({ ...s, user_agent: e.target.value }))}
-                            />
-                        </>
-                    ) : (
-                        <>
-                            <Input
-                                placeholder="LinkedIn username/email"
-                                value={connectForm.username}
-                                onChange={(e) => setConnectForm((s) => ({ ...s, username: e.target.value }))}
-                            />
-                            <Input
-                                type="password"
-                                placeholder="LinkedIn password"
-                                value={connectForm.password}
-                                onChange={(e) => setConnectForm((s) => ({ ...s, password: e.target.value }))}
-                            />
-                        </>
-                    )}
+                    <div className="rounded-md border border-slate-200 bg-slate-50 px-3 py-2 text-sm text-slate-600">
+                        Redirect-based Hosted Auth (no plaintext credentials in this app).
+                    </div>
                 </div>
                 <div className="mt-4">
                     <Button onClick={connectAccount} disabled={busy}>