Giorgio Gilestro
410afe0078
Stripe is the merchant-on-record for read.markets after Polar/Paddle
both declined the financial-media category. This commit lands the
full subscription flow: an "Upgrade" button on /pricing now opens a
real Stripe-hosted Checkout, completes the subscription, and the
webhook flips user.tier to "paid" idempotently.
Endpoints
- POST /api/stripe/checkout (require_auth) — creates a hosted
Checkout Session in subscription mode, passes user.id as
client_reference_id + email as customer_email, returns the URL
for the page-side JS to redirect to. Reuses an existing
stripe_customer_id to avoid duplicate Stripe customers on repeat
checkouts. allow_promotion_codes=True so the referral-credit
redemption can attach a coupon at checkout once that flow ships.
- POST /api/stripe/portal (require_auth) — mints a Stripe Customer
Portal session. Used by /settings; returns 404 until the user has
a stripe_customer_id (i.e. completed at least one checkout).
- POST /api/stripe/webhook — signature-verified via
stripe.Webhook.construct_event. Idempotent via UNIQUE on
stripe_events.event_id. Event dispatch:
checkout.session.completed → grant paid, store IDs
customer.subscription.created → grant paid (active/trialing)
customer.subscription.updated → grant paid (active/trialing)
customer.subscription.deleted → drop to free, clear sub id
invoice.paid / failed → audit only
charge.refunded → audit only
Stripe-SDK objects don't expose dict.get(); we use the SDK for
signature verification then re-parse the JSON body for handler
dispatch — cleaner than reaching into StripeObject internals.
Schema (migration 0019)
- users.stripe_customer_id, users.stripe_subscription_id (nullable
String(64), UNIQUE on customer_id).
- stripe_events table mirroring polar_events: event_id (unique),
event_type, received_at, processed_at, error, raw payload
(truncated to 16 KiB).
Settings (.env)
- STRIPE_API_KEY (rk_test_… for dev, rk_live_… for GA)
- STRIPE_WEBHOOK_SECRET (whsec_… from the dashboard endpoint)
- STRIPE_PRICE_MONTHLY (price_xxx for £7/month)
- STRIPE_PRICE_ANNUAL (price_xxx for £70/year)
Pricing page
- Free tier CTA unchanged.
- Paid CTA branches three ways: paid → "Manage subscription" to
/settings; logged-in free → two buttons (£7/mo, £70/yr) that POST
to /api/stripe/checkout and redirect; anonymous → /login?next=/pricing.
- Inline JS intercepts the button click, calls the checkout
endpoint, redirects on success, surfaces errors via alert(). No
Stripe.js dep — we use the hosted-checkout URL directly.
Polar handler stays in place for berengar.io / flyroom.net which
still ship through Polar. polar_* and stripe_* columns coexist
independently on the User row.
Tests
- 9 in tests/test_stripe_billing.py covering: bad signature → 401,
missing signature → 400, checkout.session.completed flips tier +
stores IDs, subscription.updated active grants paid,
subscription.deleted drops to free with customer id preserved,
replayed event id is no-op (one row in stripe_events),
unknown event acked 200, checkout endpoint mocks the SDK and
returns the hosted URL, checkout requires login.
- Full suite: 221 passed, 5 skipped.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
259 lines
12 KiB
HTML
259 lines
12 KiB
HTML
{% extends "public_base.html" %}
|
|
{% block title %}{{ BRAND_NAME }} · Pricing{% endblock %}
|
|
|
|
{% block main %}
|
|
|
|
<section class="public-section">
|
|
<h1 class="public-section__head">Pricing</h1>
|
|
<p>
|
|
Two tiers. The core editorial is free today — a rolling
|
|
6-hour news feed, the cross-asset indicator panels, and a strategic
|
|
log refreshed every six hours. Paid stretches the news feed to a
|
|
full 24 hours, runs the strategic log hourly, unlocks the follow-up
|
|
chat against past logs, adds portfolio import with AI analysis, and
|
|
turns on the daily email digest on top of the Sunday recap everyone
|
|
gets.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="tier-grid">
|
|
|
|
<div class="tier-card">
|
|
<h2 class="tier-card__name">Free</h2>
|
|
<div class="tier-card__tagline">The core editorial — news, indicators, and a strategic log every 6 hours.</div>
|
|
<div class="tier-card__price">£0</div>
|
|
<div class="tier-card__price-hint">No card needed.</div>
|
|
<div class="tier-card__divider"></div>
|
|
<div class="tier-card__list-head">What you get</div>
|
|
<ul>
|
|
<li>News feed — <strong>headlines from the last 6 hours</strong>, auto-tagged by theme, click-to-filter</li>
|
|
<li>Cross-asset indicator panels (equities, rates, FX, commodities, credit, …) with a one-paragraph AI read on each tab</li>
|
|
<li>Strategic log — a single editorial interpretation of the day, <strong>refreshed every 6 hours</strong></li>
|
|
<li>Two reading levels: <em>Novice</em> (defines jargon) or <em>Intermediate</em> (terse, for fluent readers)</li>
|
|
<li><strong>Sunday weekly digest</strong> by email — week behind + week ahead, one-click unsubscribe</li>
|
|
</ul>
|
|
<div class="tier-card__more">
|
|
Need the full-day news feed, hourly strategic log, follow-up chat, daily digests, or portfolio analysis? See <strong>Paid</strong> →
|
|
</div>
|
|
<div class="tier-card__cta">
|
|
{% if cu and (cu.user or cu.is_admin) %}
|
|
<a class="btn-secondary btn-block" href="/">Open dashboard</a>
|
|
{% else %}
|
|
<a class="btn-primary btn-block" href="/login">Sign up free</a>
|
|
{% endif %}
|
|
</div>
|
|
</div>
|
|
|
|
<div class="tier-card tier-card--featured">
|
|
<div class="tier-card__badge">Best value</div>
|
|
<h2 class="tier-card__name">Paid</h2>
|
|
<div class="tier-card__tagline">Full-day news feed, hourly strategic log, follow-up chat, and AI portfolio analysis.</div>
|
|
<div class="tier-card__price">£7<span class="tier-card__price-unit"> / month</span></div>
|
|
<div class="tier-card__price-hint">
|
|
Or <strong>£70 / year</strong> — two months free.
|
|
Prices in GBP, VAT where applicable.
|
|
</div>
|
|
<div class="tier-card__divider"></div>
|
|
<div class="tier-card__list-head">Everything in Free, plus</div>
|
|
<ul>
|
|
<li><strong>News feed: headlines from the last 24 hours</strong> instead of 6 — a whole session in view, nothing rolls off</li>
|
|
<li><strong>Strategic log refreshed every hour</strong> instead of every six — track intraday moves as they unfold</li>
|
|
<li><strong>Follow-up chat on any past log</strong> — ask the model a question against the day’s full context</li>
|
|
<li><strong>Daily email digest</strong> (Mon–Sat) — ~600-word read of the session ahead, on top of the Sunday recap</li>
|
|
<li><strong>Portfolio import</strong> from a broker CSV (Trading 212 supported today; more brokers planned)</li>
|
|
<li><strong>AI portfolio read</strong> — diversification, sector and currency concentration, macro-regime fit on your holdings</li>
|
|
<li><strong>Optional encrypted cloud sync</strong> — PIN-derived encryption in your browser, second-layer wrap on the server, no plaintext holdings server-side</li>
|
|
</ul>
|
|
<p class="tier-card__more" style="font-style: italic;">
|
|
The portfolio feature does not produce buy, sell or hold
|
|
recommendations and does not consider your wider finances, debts,
|
|
tax position or objectives. It is not regulated investment advice
|
|
or a personal recommendation under FSMA / FCA COBS.
|
|
</p>
|
|
<div class="tier-card__cta">
|
|
{% if paid %}
|
|
<a class="btn-secondary btn-block" href="/settings">Manage subscription</a>
|
|
{% elif cu and cu.user %}
|
|
<button class="btn-primary btn-block" type="button"
|
|
data-stripe-checkout="monthly">Subscribe — £7/month</button>
|
|
<button class="btn-secondary btn-block" type="button"
|
|
data-stripe-checkout="annual"
|
|
style="margin-top:10px;">or £70/year (two months free)</button>
|
|
{% else %}
|
|
<a class="btn-primary btn-block" href="/login?next=/pricing">Sign in to subscribe</a>
|
|
{% endif %}
|
|
</div>
|
|
</div>
|
|
|
|
</section>
|
|
|
|
<script>
|
|
(function () {
|
|
// Wire the two upgrade buttons to /api/stripe/checkout. Stripe returns
|
|
// a hosted-checkout URL; we just redirect there. No Stripe.js needed.
|
|
document.querySelectorAll('[data-stripe-checkout]').forEach(function (btn) {
|
|
btn.addEventListener('click', async function () {
|
|
var cadence = btn.getAttribute('data-stripe-checkout');
|
|
btn.disabled = true;
|
|
var prev = btn.textContent;
|
|
btn.textContent = 'Opening checkout…';
|
|
try {
|
|
var r = await fetch('/api/stripe/checkout', {
|
|
method: 'POST',
|
|
headers: {'content-type': 'application/json'},
|
|
body: JSON.stringify({cadence: cadence}),
|
|
credentials: 'same-origin',
|
|
});
|
|
if (!r.ok) {
|
|
var detail = '';
|
|
try { detail = (await r.json()).detail || ''; } catch (e) {}
|
|
throw new Error('Checkout failed: ' + (detail || r.status));
|
|
}
|
|
var data = await r.json();
|
|
window.location.href = data.url;
|
|
} catch (e) {
|
|
alert(e.message || 'Could not start checkout. Please try again.');
|
|
btn.disabled = false;
|
|
btn.textContent = prev;
|
|
}
|
|
});
|
|
});
|
|
})();
|
|
</script>
|
|
|
|
<section class="public-section">
|
|
<h2 class="public-section__head">Free vs Paid at a glance</h2>
|
|
<table class="compare-table">
|
|
<thead>
|
|
<tr>
|
|
<th scope="col">Feature</th>
|
|
<th scope="col">Free</th>
|
|
<th scope="col">Paid</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<tr>
|
|
<th scope="row">News feed — headlines from the last…</th>
|
|
<td class="compare-table__free">6 hours</td>
|
|
<td class="compare-table__paid"><strong>24 hours</strong></td>
|
|
</tr>
|
|
<tr>
|
|
<th scope="row">Strategic log refresh</th>
|
|
<td class="compare-table__free">Every 6 hours</td>
|
|
<td class="compare-table__paid"><strong>Every hour</strong></td>
|
|
</tr>
|
|
<tr>
|
|
<th scope="row">Cross-asset indicator panels</th>
|
|
<td class="compare-table__free">✓</td>
|
|
<td class="compare-table__paid">✓</td>
|
|
</tr>
|
|
<tr>
|
|
<th scope="row">Follow-up chat on past logs</th>
|
|
<td class="compare-table__none">—</td>
|
|
<td class="compare-table__paid"><strong>Included</strong></td>
|
|
</tr>
|
|
<tr>
|
|
<th scope="row">Email digest</th>
|
|
<td class="compare-table__free">Sunday only</td>
|
|
<td class="compare-table__paid"><strong>Sunday + daily Mon–Sat</strong></td>
|
|
</tr>
|
|
<tr>
|
|
<th scope="row">Portfolio import (broker CSV)</th>
|
|
<td class="compare-table__none">—</td>
|
|
<td class="compare-table__paid"><strong>Included</strong></td>
|
|
</tr>
|
|
<tr>
|
|
<th scope="row">AI portfolio read</th>
|
|
<td class="compare-table__none">—</td>
|
|
<td class="compare-table__paid"><strong>Included</strong></td>
|
|
</tr>
|
|
<tr>
|
|
<th scope="row">Encrypted cloud sync</th>
|
|
<td class="compare-table__none">—</td>
|
|
<td class="compare-table__paid"><strong>Included</strong></td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</section>
|
|
|
|
<section class="invite-callout">
|
|
<div class="invite-callout__icon" aria-hidden="true">🎁</div>
|
|
<div class="invite-callout__body">
|
|
<div class="invite-callout__eyebrow">Invite a friend</div>
|
|
<div class="invite-callout__headline">Both of you get <strong>50% off for 3 months</strong></div>
|
|
<div class="invite-callout__sub">
|
|
Share your personal invite link from <a href="/settings">Settings</a>. The discount applies when they start a paid plan.
|
|
</div>
|
|
</div>
|
|
<button type="button" class="btn-secondary" id="invite-more">How it works</button>
|
|
</section>
|
|
|
|
<dialog id="invite-modal" class="text-modal" aria-label="How the referral works">
|
|
<button type="button" class="text-modal__close" aria-label="Close">×</button>
|
|
<h2 class="text-modal__title">Invite a friend</h2>
|
|
<p>
|
|
Every account gets an 8-character referral code and matching invite
|
|
link, both shown on your <a href="/settings">Settings</a> page. When
|
|
someone signs up through your link and starts a paid plan,
|
|
<strong>both of you get 50% off for the next three months</strong>.
|
|
</p>
|
|
<h3 class="text-modal__head">How it works</h3>
|
|
<ol class="text-modal__list">
|
|
<li><strong>Sign up.</strong> Your code and link go live in Settings.</li>
|
|
<li><strong>Share.</strong> Send the link, or read the code — the alphabet drops <code>0/O</code> and <code>1/I/L</code> so it dictates cleanly.</li>
|
|
<li><strong>They sign up.</strong> The referral is recorded against your account when they verify their email.</li>
|
|
<li><strong>They subscribe.</strong> The discount applies to their next bill and credits against yours.</li>
|
|
</ol>
|
|
<h3 class="text-modal__head">The fine print</h3>
|
|
<ul class="text-modal__list">
|
|
<li>One referral per new account — whichever link they used first.</li>
|
|
<li>No self-referral.</li>
|
|
<li>The credit ledger is live today; the cash value kicks in when paid checkout opens. Referrals logged in the meantime are honoured.</li>
|
|
<li>Credits aren’t refundable for cash — see <a href="/terms">Terms & Conditions § 6</a>.</li>
|
|
<li>Pending signups, conversions, and active credits are visible on the Settings page.</li>
|
|
</ul>
|
|
</dialog>
|
|
|
|
<script>
|
|
(function () {
|
|
var dlg = document.getElementById('invite-modal');
|
|
var open = document.getElementById('invite-more');
|
|
if (!dlg || !dlg.showModal || !open) return;
|
|
open.addEventListener('click', function () { dlg.showModal(); });
|
|
dlg.addEventListener('click', function (e) {
|
|
if (e.target === dlg) dlg.close();
|
|
});
|
|
dlg.querySelector('.text-modal__close').addEventListener('click', function () {
|
|
dlg.close();
|
|
});
|
|
})();
|
|
</script>
|
|
|
|
<section class="public-section">
|
|
<h2 class="public-section__head">How the data is handled</h2>
|
|
<p>
|
|
Your portfolio holdings live in your browser’s local storage by
|
|
default. The server only learns which Yahoo tickers appear across the
|
|
user base — an anonymous union, with no link back to any specific
|
|
user.
|
|
</p>
|
|
<p>
|
|
If you opt in to <strong>encrypted cloud sync</strong>, your pie is
|
|
encrypted in your browser with a PIN you choose, then sent to the
|
|
server. We add a second layer of encryption with a key only the
|
|
server holds. We never see your holdings as plaintext, and forgetting
|
|
the PIN means we can’t recover it for you. Full details on the
|
|
<a href="/privacy">privacy page</a>.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="public-section public-section--callout">
|
|
<p style="margin:0;">
|
|
<strong>Not investment advice.</strong> Every output here is an
|
|
interpretation of public data — not personalised advice, not a
|
|
recommendation, and not produced by a regulated entity. Read the full
|
|
<a href="/disclaimer">disclaimer</a> before relying on anything you see.
|
|
</p>
|
|
</section>
|
|
|
|
{% endblock %}
|