phase D milestones 1+2: referral system + paid-access gate
Lays the billing-prep spine before Paddle lands in D.3.
D.1 — referrals
- users.referral_code: unique 8-char URL-safe code (alphabet excludes the
ambiguous 0/O/1/I/L). Generated lazily on first /settings hit so existing
accounts pick one up without a backfill migration.
- users.referred_by_user_id + new referrals audit table (referrer,
referred, created_at, converted_at, credited_at). converted_at /
credited_at stay null until D.3 fills them via the Paddle webhook.
- POST /login accepts ?ref=<code>; the code rides on the signed
pending-verify cookie so it survives the GET → POST → /verify hop.
- /settings page: email, tier badge, referral code chip + invite link
with one-click copy, pending/converted/active-credits stats grid.
Settings nav link added to the top bar.
Reward shape: when the referred user makes their first paid Paddle
subscription, both they and the referrer get 50% off for 3 months.
(D.3 wires the actual credit application via the Paddle webhook.)
D.2 — paid-access gate
- users.credit_until: timestamp until which a free-tier account has
paid-tier access. Null = no credit. Populated by admin CLI now and the
D.3 webhook later.
- app.services.access exposes paid_status(user) → PaidStatus dataclass
(active / source / expires_at / days_remaining), is_paid_active() with
admin-bearer-token bypass, and a require_paid FastAPI dependency that
raises 402 Payment Required for free-tier callers.
- POST /api/analyze (portfolio AI commentary) gated behind require_paid.
- Settings page surfaces credit window when active ("free · credit · N
day(s) remaining (expires YYYY-MM-DD)") and the upgrade hint when not.
- Admin CLI: python -m app.cli {grant-credit,revoke-credit,show-status}.
grant-credit is idempotent — extends from max(now, current expiry) so
re-running the command never erodes an existing grant.
Migrations 0013 (referrals) and 0014 (credit_until). Tests cover the
paid-status truth table, code generation + normalisation, CLI argument
parsing, and the pending-cookie ref roundtrip (29 new tests).
This commit is contained in:
parent
2013bfa8cc
commit
9759080134
18 changed files with 1159 additions and 21 deletions
|
|
@ -42,6 +42,7 @@ from app.db import get_session, utcnow
|
|||
from app.logging import get_logger
|
||||
from app.models import Quote, QuoteDaily
|
||||
from app.services import fx, portfolio_analysis, ticker_universe
|
||||
from app.services.access import require_paid
|
||||
from app.services.csv_import import CSVImportError, parse_t212_csv
|
||||
from app.services.instrument_map import resolve_slice
|
||||
from app.services.market import fetch as market_fetch
|
||||
|
|
@ -310,7 +311,7 @@ async def parse_portfolio(
|
|||
# ---------------------------------------------------------------------------
|
||||
|
||||
|
||||
@router.post("/analyze")
|
||||
@router.post("/analyze", dependencies=[Depends(require_paid)])
|
||||
async def analyze_portfolio(
|
||||
request: Request,
|
||||
session: AsyncSession = Depends(get_session),
|
||||
|
|
@ -318,7 +319,10 @@ async def analyze_portfolio(
|
|||
"""Generate AI commentary for the supplied pie. The pie is held in
|
||||
memory only for the duration of the LLM call; nothing about holdings
|
||||
is persisted. The ai_calls ledger row records tokens + cost, never
|
||||
holdings."""
|
||||
holdings.
|
||||
|
||||
Gated behind ``require_paid`` (Phase D.2): free-tier users get 402.
|
||||
Admin bearer-token bypasses the gate for testing."""
|
||||
# Read JSON body manually so we can enforce a hard size cap. FastAPI's
|
||||
# default body limit is generous; we want tighter control here.
|
||||
body = await request.body()
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue