phase G: data minimisation + passwordless auth + DeepSeek-first LLM
Server no longer holds portfolios. Holdings live in the browser (localStorage); the server publishes an anonymous ticker_universe and a gzipped /api/universe payload identical for every authenticated user, so access patterns can't betray which tickers a user holds. AI commentary is generated ephemerally from the browser-supplied pie and the cost ledger row records no positions. Migrations 0009-0011 added the universe table and dropped positions / portfolio_snapshots / portfolios. Authentication is now e-mail OTP only. Migration 0010 dropped password_hash and email_verified (every active session is by construction proof of email control). The /signup endpoint is gone; signup and login share a single email-entry page. Email rendering is HTML+plain-text multipart with a shared brand palette (app/branding.py) asserted in sync with the CSS by a drift-detection test. LLM provider defaults to DeepSeek-direct (cheaper, api.deepseek.com) with OpenRouter as automatic fallback if DeepSeek fails. ai_log_job and indicator_summary_job now iterate the two tones (NOVICE, INTERMEDIATE) per cycle so the dashboard's tone toggle is instant; PROMPT_VERSION bumped to 6 with an educational anti-TA / anti-gambling stance baked into _CORE. NOVICE mode renders a curated glossary inline (CBOE VIX, yield curve, HY OAS, etc.) with JS-positioned tooltips that survive viewport edges and sticky bars. Model name and tokens hidden from the user UI; still recorded in StrategicLog.model and AICall for admin. Layout adds a sticky top nav, a sticky bottom markets bar (one chip per exchange with status LED + headline index + 1d change), and Phase H feedback reporting is queued in tasks/todo.md. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
480fd311c5
commit
6e7f57c6b2
54 changed files with 5005 additions and 916 deletions
|
|
@ -6,6 +6,9 @@ from __future__ import annotations
|
|||
from pathlib import Path
|
||||
|
||||
from fastapi.templating import Jinja2Templates
|
||||
from markupsafe import Markup, escape
|
||||
|
||||
from app.services.glossary import wrap_glossary
|
||||
|
||||
|
||||
TEMPLATE_DIR = Path(__file__).resolve().parent / "templates"
|
||||
|
|
@ -39,7 +42,24 @@ def _fmt_money(v: float | None) -> str:
|
|||
return f"{v:,.2f}"
|
||||
|
||||
|
||||
def _glossary_filter(value, tone: str | None = None):
|
||||
"""Wrap glossary terms in NOVICE-mode AI content. Returns Markup so
|
||||
Jinja won't re-escape the inserted <span> tags. Plain-text inputs are
|
||||
HTML-escaped first; already-Markup inputs (e.g. log.content_html) are
|
||||
treated as HTML and passed through wrap_glossary unchanged."""
|
||||
if value is None:
|
||||
return Markup("")
|
||||
if isinstance(value, Markup):
|
||||
html = str(value)
|
||||
else:
|
||||
html = str(escape(value))
|
||||
if (tone or "").upper() != "NOVICE":
|
||||
return Markup(html)
|
||||
return Markup(wrap_glossary(html, tone=tone))
|
||||
|
||||
|
||||
templates = Jinja2Templates(directory=str(TEMPLATE_DIR))
|
||||
templates.env.filters["price"] = _fmt_price
|
||||
templates.env.filters["signed"] = _fmt_signed
|
||||
templates.env.filters["money"] = _fmt_money
|
||||
templates.env.filters["glossary"] = _glossary_filter
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue