public: landing + pricing + legal pages, apex-ready, lawyer-reviewed

Adds the unauthenticated surface that's needed to invite outsiders: - Landing (/) — dual-purpose root: dashboard for logged-in users, landing for everyone else. New maybe_current_user soft-auth helper in app/auth.py supports it without disturbing the per-route require_token deps on /news, /log, /upload, /settings. - About, Pricing, Disclaimer, Terms, Privacy — own router (app/routers/public.py), no auth dep, shared public_base layout (brand link, thin nav, footer with legal links + ICO ref + date). - Editorial positioning: news aggregator with a macro brain; tagline "Understand markets. Don't gamble on them."; anti-trading-as-gambling stance carried through About and Landing. Legal pass following an independent lawyer-style review: - Privacy: explicit UK-GDPR Art. 6 lawful-basis section; Art. 22 automated-decision line; explicit consent for sessionStorage sync key (PECR); 30-day IP-log retention; Art. 21 objection right; Children clause; Art. 33/34 breach-notification clause; international-transfer mechanism (IDTA + UK Addendum). ICO registration ZC098928 surfaced at the top. - Pricing: paid-card AI-portfolio-analysis bullet rewritten to remove advice-shaped wording ("what would invalidate the posture" gone); added italic carve-out citing FSMA / FCA COBS. - Disclaimer: separate EU/EEA carve-out + MAR 596/2014 Art. 3(1)(34) commentator safe-harbour; "qualifies the Terms" line; hallucination wording fixed. - Terms: cl.4 explicit AI-training prohibition + harassment line; cl.5 CCR 2013 14-day cancellation; cl.7 softened AI copyright claim under CDPA s.9(3) ambiguity; cl.8 proportionate suspension + pro-rata refund for paid users; cl.10 CRA 2015 Pt 1 statutory-rights carve-out from the liability cap; cl.11 right to close account on material change; cl.12 non-exclusive jurisdiction + UK consumer local courts. Code-side enforcement of the Privacy claim: - openrouter.py: outbound OpenRouter calls now carry X-OR-Allow-Training: false. DeepSeek doesn't expose a per-request flag; the Privacy page discloses this caveat verbatim. Apex domain prep: - branding.APP_URL flipped to https://read.markets (was app.). DNS for the apex already resolves; pending operator NPM step is a cert that covers the bare apex + a 301 from app.read.markets. No hard-coded subdomain references remain in code (verified with grep). Nav + chrome: - app dropdown gains Pricing / Terms / Privacy / Disclaimer links. - login.html gains a small legal-links footer for the highest-leverage moment to surface them. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-24 00:08:02 +02:00 · 2026-05-24 00:08:02 +02:00 · f1903e1e61
commit f1903e1e61
parent 6f9a710726
17 changed files with 1436 additions and 10 deletions
--- a/app/auth.py
+++ b/app/auth.py
@ -161,6 +161,37 @@ async def require_auth(
    )


+async def maybe_current_user(
+    request: Request,
+    authorization: str | None = Header(default=None),
+) -> CurrentUser | None:
+    """Soft-auth: same resolution as `require_auth`, but returns None on
+    miss instead of raising. Used on dual-purpose routes (e.g. `/` where
+    a logged-in user sees the dashboard and a logged-out visitor sees the
+    landing page) and on the public marketing/legal pages, so their
+    templates can show a "Dashboard" link when a session is present."""
+    s = get_settings()
+
+    if s.CASSANDRA_TOKEN and authorization and authorization.lower().startswith("bearer "):
+        provided = authorization.split(" ", 1)[1].strip()
+        if secrets.compare_digest(provided.encode(), s.CASSANDRA_TOKEN.encode()):
+            principal = CurrentUser(is_admin=True, user=None)
+            request.state.current_user = principal
+            return principal
+
+    cookie = request.cookies.get(SESSION_COOKIE_NAME)
+    if cookie:
+        uid = verify_session(cookie)
+        if uid is not None:
+            async with get_session_factory()() as db_session:
+                user = await get_user(db_session, uid)
+                if user is not None:
+                    principal = CurrentUser(is_admin=False, user=user)
+                    request.state.current_user = principal
+                    return principal
+    return None
+
+
 def _raise_redirect_to_login(next_path: str = "/") -> None:
    # Some pages (login itself) are paths a redirect loop would be silly
    # to send back to. The auth router opts out of this dependency