phase D milestones 1+2: referral system + paid-access gate

Lays the billing-prep spine before Paddle lands in D.3. D.1 — referrals - users.referral_code: unique 8-char URL-safe code (alphabet excludes the ambiguous 0/O/1/I/L). Generated lazily on first /settings hit so existing accounts pick one up without a backfill migration. - users.referred_by_user_id + new referrals audit table (referrer, referred, created_at, converted_at, credited_at). converted_at / credited_at stay null until D.3 fills them via the Paddle webhook. - POST /login accepts ?ref=<code>; the code rides on the signed pending-verify cookie so it survives the GET → POST → /verify hop. - /settings page: email, tier badge, referral code chip + invite link with one-click copy, pending/converted/active-credits stats grid. Settings nav link added to the top bar. Reward shape: when the referred user makes their first paid Paddle subscription, both they and the referrer get 50% off for 3 months. (D.3 wires the actual credit application via the Paddle webhook.) D.2 — paid-access gate - users.credit_until: timestamp until which a free-tier account has paid-tier access. Null = no credit. Populated by admin CLI now and the D.3 webhook later. - app.services.access exposes paid_status(user) → PaidStatus dataclass (active / source / expires_at / days_remaining), is_paid_active() with admin-bearer-token bypass, and a require_paid FastAPI dependency that raises 402 Payment Required for free-tier callers. - POST /api/analyze (portfolio AI commentary) gated behind require_paid. - Settings page surfaces credit window when active ("free · credit · N day(s) remaining (expires YYYY-MM-DD)") and the upgrade hint when not. - Admin CLI: python -m app.cli {grant-credit,revoke-credit,show-status}. grant-credit is idempotent — extends from max(now, current expiry) so re-running the command never erodes an existing grant. Migrations 0013 (referrals) and 0014 (credit_until). Tests cover the paid-status truth table, code generation + normalisation, CLI argument parsing, and the pending-cookie ref roundtrip (29 new tests).
2026-05-21 23:25:35 +01:00 · 2026-05-21 23:25:35 +01:00 · 9759080134
commit 9759080134
parent 2013bfa8cc
18 changed files with 1159 additions and 21 deletions
--- a/tests/test_referral.py
+++ b/tests/test_referral.py
@ -0,0 +1,80 @@
+"""Unit tests for the deterministic half of referral_service: code
+generation, normalisation, and lookup helpers. DB-backed linkage logic
+is exercised manually via the dev container."""
+from __future__ import annotations
+
+import pytest
+
+from app.services.referral_service import (
+    _ALPHABET,
+    _CODE_LEN,
+    generate_code,
+    normalise_code,
+)
+
+
+# ---------------------------------------------------------------------------
+# Code generation
+# ---------------------------------------------------------------------------
+
+
+def test_generate_code_length():
+    code = generate_code()
+    assert len(code) == _CODE_LEN
+
+
+def test_generate_code_alphabet():
+    """Every character must come from the unambiguous alphabet."""
+    for _ in range(50):
+        code = generate_code()
+        for ch in code:
+            assert ch in _ALPHABET, f"unexpected char {ch!r} in {code!r}"
+
+
+def test_generate_code_no_ambiguous_chars():
+    """0, O, 1, I, L are excluded to avoid dictation errors."""
+    for _ in range(200):
+        code = generate_code()
+        assert not (set(code) & set("01IOL"))
+
+
+def test_generate_code_diversity():
+    """Two consecutive generations should almost never collide
+    (sanity check on the RNG)."""
+    a, b = generate_code(), generate_code()
+    assert a != b
+
+
+# ---------------------------------------------------------------------------
+# normalise_code
+# ---------------------------------------------------------------------------
+
+
+def test_normalise_uppercases():
+    assert normalise_code("abcdefgh") == "ABCDEFGH"
+
+
+def test_normalise_strips_disallowed_chars():
+    """Users may paste with spaces / dashes / quotes — strip those."""
+    assert normalise_code(" ABCD-EFGH ") == "ABCDEFGH"
+    assert normalise_code('"ABCDEFGH"') == "ABCDEFGH"
+
+
+def test_normalise_rejects_wrong_length():
+    """If too short / too long after cleaning, return None — bogus."""
+    assert normalise_code("ABC") is None
+    assert normalise_code("ABCDEFGHX") is None
+    # Long enough but ambiguous chars stripped → still wrong length:
+    assert normalise_code("ABCDEFG0") is None    # 0 stripped → 7 chars
+
+
+def test_normalise_rejects_none_and_empty():
+    assert normalise_code(None) is None
+    assert normalise_code("") is None
+    assert normalise_code("   ") is None
+
+
+def test_normalise_preserves_valid_code():
+    """A code that's already canonical should pass through unchanged."""
+    code = generate_code()
+    assert normalise_code(code) == code