public: landing + pricing + legal pages, apex-ready, lawyer-reviewed

Adds the unauthenticated surface that's needed to invite outsiders: - Landing (/) — dual-purpose root: dashboard for logged-in users, landing for everyone else. New maybe_current_user soft-auth helper in app/auth.py supports it without disturbing the per-route require_token deps on /news, /log, /upload, /settings. - About, Pricing, Disclaimer, Terms, Privacy — own router (app/routers/public.py), no auth dep, shared public_base layout (brand link, thin nav, footer with legal links + ICO ref + date). - Editorial positioning: news aggregator with a macro brain; tagline "Understand markets. Don't gamble on them."; anti-trading-as-gambling stance carried through About and Landing. Legal pass following an independent lawyer-style review: - Privacy: explicit UK-GDPR Art. 6 lawful-basis section; Art. 22 automated-decision line; explicit consent for sessionStorage sync key (PECR); 30-day IP-log retention; Art. 21 objection right; Children clause; Art. 33/34 breach-notification clause; international-transfer mechanism (IDTA + UK Addendum). ICO registration ZC098928 surfaced at the top. - Pricing: paid-card AI-portfolio-analysis bullet rewritten to remove advice-shaped wording ("what would invalidate the posture" gone); added italic carve-out citing FSMA / FCA COBS. - Disclaimer: separate EU/EEA carve-out + MAR 596/2014 Art. 3(1)(34) commentator safe-harbour; "qualifies the Terms" line; hallucination wording fixed. - Terms: cl.4 explicit AI-training prohibition + harassment line; cl.5 CCR 2013 14-day cancellation; cl.7 softened AI copyright claim under CDPA s.9(3) ambiguity; cl.8 proportionate suspension + pro-rata refund for paid users; cl.10 CRA 2015 Pt 1 statutory-rights carve-out from the liability cap; cl.11 right to close account on material change; cl.12 non-exclusive jurisdiction + UK consumer local courts. Code-side enforcement of the Privacy claim: - openrouter.py: outbound OpenRouter calls now carry X-OR-Allow-Training: false. DeepSeek doesn't expose a per-request flag; the Privacy page discloses this caveat verbatim. Apex domain prep: - branding.APP_URL flipped to https://read.markets (was app.). DNS for the apex already resolves; pending operator NPM step is a cert that covers the bare apex + a 301 from app.read.markets. No hard-coded subdomain references remain in code (verified with grep). Nav + chrome: - app dropdown gains Pricing / Terms / Privacy / Disclaimer links. - login.html gains a small legal-links footer for the highest-leverage moment to surface them. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-24 00:08:02 +02:00 · 2026-05-24 00:08:02 +02:00 · f1903e1e61
commit f1903e1e61
parent 6f9a710726
17 changed files with 1436 additions and 10 deletions
--- a/app/routers/pages.py
+++ b/app/routers/pages.py
@ -8,7 +8,7 @@ from fastapi.responses import HTMLResponse, RedirectResponse
 from sqlalchemy import desc, func, select
 from sqlalchemy.ext.asyncio import AsyncSession

-from app.auth import CurrentUser, require_auth, require_token
+from app.auth import CurrentUser, maybe_current_user, require_auth, require_token
 from app.config import get_settings, load_groups
 from app.db import get_session
 from app.models import Referral, StrategicLog, User
@ -16,26 +16,41 @@ from app.services.access import paid_status
 from app.services.referral_service import assign_code_if_missing
 from app.templates_env import templates

-router = APIRouter(dependencies=[Depends(require_token)])
+# Router-level auth removed in favour of per-route deps so that `/` can be
+# dual-purpose: logged-in users see the dashboard, logged-out visitors see
+# the landing page.
+router = APIRouter()


@router.get("/", response_class=HTMLResponse)
-async def dashboard(request: Request):
+async def root_page(
+    request: Request,
+    cu: CurrentUser | None = Depends(maybe_current_user),
+):
+    """Dual-purpose root: dashboard when authenticated, landing otherwise."""
+    if cu is None:
+        return templates.TemplateResponse(
+            request, "landing.html", {"cu": None},
+        )
    s = get_settings()
    groups = load_groups(s.BASELINE_TOML, s.PORTFOLIO_TOML)
    return templates.TemplateResponse(
        request,
        "dashboard.html",
-        {"groups": list(groups.keys()), "anchor": s.CASSANDRA_ANCHOR_DATE},
+        {"groups": list(groups.keys()), "anchor": s.CASSANDRA_ANCHOR_DATE, "cu": cu},
    )


-@router.get("/news", response_class=HTMLResponse)
+@router.get(
+    "/news",
+    response_class=HTMLResponse,
+    dependencies=[Depends(require_token)],
+)
 async def news_page(request: Request):
    return templates.TemplateResponse(request, "news.html", {})


-@router.get("/upload")
+@router.get("/upload", dependencies=[Depends(require_token)])
 async def upload_page(request: Request):
    """Legacy bookmark — the import widget now lives in /settings."""
    return RedirectResponse(url="/settings#import", status_code=302)
@ -69,7 +84,11 @@ def _log_page_context(target: date) -> dict:
    }


-@router.get("/log", response_class=HTMLResponse)
+@router.get(
+    "/log",
+    response_class=HTMLResponse,
+    dependencies=[Depends(require_token)],
+)
 async def log_page(
    request: Request,
    session: AsyncSession = Depends(get_session),
@ -78,7 +97,11 @@ async def log_page(
    return templates.TemplateResponse(request, "log.html", _log_page_context(target))


-@router.get("/log/{day}", response_class=HTMLResponse)
+@router.get(
+    "/log/{day}",
+    response_class=HTMLResponse,
+    dependencies=[Depends(require_token)],
+)
 async def log_page_day(
    request: Request,
    day: str,
--- a/app/routers/public.py
+++ b/app/routers/public.py
@ -0,0 +1,68 @@
+"""Unauthenticated marketing + legal pages.
+
+This router carries no auth dependency — every route is reachable to
+anonymous visitors and is also reachable to logged-in users (the
+templates branch off `cu` to flip the top-right CTA between
+"Sign in / sign up" and "Dashboard").
+
+The dual-purpose root (`/`) lives in `app/routers/pages.py` because it
+also has to render the dashboard when authenticated. Pure public-only
+pages live here.
+"""
+from __future__ import annotations
+
+from fastapi import APIRouter, Depends, Request
+from fastapi.responses import HTMLResponse
+
+from app.auth import CurrentUser, maybe_current_user
+from app.templates_env import templates
+
+
+router = APIRouter(tags=["public"])
+
+
+def _ctx(request: Request, cu: CurrentUser | None) -> dict:
+    """Minimal context every public template expects. `cu` is injected
+    into the template so the header CTA can flip between
+    'Sign in / sign up' and 'Dashboard'."""
+    return {"cu": cu}
+
+
+@router.get("/pricing", response_class=HTMLResponse)
+async def pricing_page(
+    request: Request,
+    cu: CurrentUser | None = Depends(maybe_current_user),
+):
+    return templates.TemplateResponse(request, "pricing.html", _ctx(request, cu))
+
+
+@router.get("/about", response_class=HTMLResponse)
+async def about_page(
+    request: Request,
+    cu: CurrentUser | None = Depends(maybe_current_user),
+):
+    return templates.TemplateResponse(request, "about.html", _ctx(request, cu))
+
+
+@router.get("/terms", response_class=HTMLResponse)
+async def terms_page(
+    request: Request,
+    cu: CurrentUser | None = Depends(maybe_current_user),
+):
+    return templates.TemplateResponse(request, "terms.html", _ctx(request, cu))
+
+
+@router.get("/privacy", response_class=HTMLResponse)
+async def privacy_page(
+    request: Request,
+    cu: CurrentUser | None = Depends(maybe_current_user),
+):
+    return templates.TemplateResponse(request, "privacy.html", _ctx(request, cu))
+
+
+@router.get("/disclaimer", response_class=HTMLResponse)
+async def disclaimer_page(
+    request: Request,
+    cu: CurrentUser | None = Depends(maybe_current_user),
+):
+    return templates.TemplateResponse(request, "disclaimer.html", _ctx(request, cu))