docs: update CLAUDE.md and add comprehensive membership system documentation
Updates: - CLAUDE.md: Reflect current v9c-dev status (enforcement disabled, history working) - CLAUDE.md: Document simple AI limit system currently active - CLAUDE.md: Update implementation status (admin UI complete, enforcement rolled back) New Documentation: - docs/MEMBERSHIP_SYSTEM.md: Complete v9c architecture documentation - Design decisions and rationale - Complete database schema (11 tables) - Backend API overview (7 routers, 30+ endpoints) - Frontend components (6 admin pages) - Feature enforcement rollback analysis - Lessons learned and next steps - Testing strategy - Deployment notes - Troubleshooting guide The new doc provides complete reference for: - Feature-Registry-Pattern implementation - Tier system architecture - Coupon system (3 types with stacking logic) - User-Override system - Access-Grant mechanics - What went wrong with enforcement attempt - Roadmap for v9d/v9e Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
e4f49c0351
commit
ef8008a75d
94
CLAUDE.md
94
CLAUDE.md
|
|
@ -71,17 +71,19 @@ mitai-jinkendo/
|
||||||
└── CLAUDE.md # Diese Datei
|
└── CLAUDE.md # Diese Datei
|
||||||
```
|
```
|
||||||
|
|
||||||
## Aktuelle Version: v9b
|
## Aktuelle Version: v9c-dev (März 2026)
|
||||||
|
|
||||||
### Was implementiert ist:
|
### Was implementiert ist:
|
||||||
- ✅ Multi-User mit E-Mail + Passwort Login (bcrypt)
|
- ✅ Multi-User mit E-Mail + Passwort Login (bcrypt)
|
||||||
- ✅ Auth-Middleware auf ALLE Endpoints (60+ Endpoints geschützt)
|
- ✅ Auth-Middleware auf ALLE Endpoints (60+ Endpoints geschützt)
|
||||||
- ✅ Rate Limiting (Login: 5/min, Reset: 3/min)
|
- ✅ Rate Limiting (Login: 5/min, Reset: 3/min)
|
||||||
- ✅ CORS konfigurierbar via ALLOWED_ORIGINS in .env
|
- ✅ CORS konfigurierbar via ALLOWED_ORIGINS in .env
|
||||||
- ✅ Admin/User Rollen, KI-Limits, Export-Berechtigungen
|
- ✅ Admin/User Rollen, KI-Limits (simple daily limits), Export-Berechtigungen
|
||||||
- ✅ Gewicht, Umfänge, Caliper (4 Formeln), Ernährung, Aktivität
|
- ✅ Gewicht, Umfänge, Caliper (4 Formeln), Ernährung, Aktivität
|
||||||
- ✅ FDDB CSV-Import (Ernährung), Apple Health CSV-Import (Aktivität)
|
- ✅ FDDB CSV-Import (Ernährung), Apple Health CSV-Import (Aktivität)
|
||||||
- ✅ KI-Analyse: 6 Einzel-Prompts + 3-stufige Pipeline (parallel)
|
- ✅ KI-Analyse: 6 Einzel-Prompts + 3-stufige Pipeline (parallel)
|
||||||
|
- ✅ **KI-Analyse Historisierung**: Alle Analysen werden gespeichert (nicht überschrieben)
|
||||||
|
- ✅ **Pipeline korrekt**: Speichert unter scope='pipeline', erscheint nur 1x in UI
|
||||||
- ✅ Konfigurierbare Prompts mit Template-Variablen (Admin kann bearbeiten)
|
- ✅ Konfigurierbare Prompts mit Template-Variablen (Admin kann bearbeiten)
|
||||||
- ✅ Verlauf mit 5 Tabs + Zeitraumfilter + KI pro Sektion
|
- ✅ Verlauf mit 5 Tabs + Zeitraumfilter + KI pro Sektion
|
||||||
- ✅ Dashboard mit Kennzahlen, Zielfortschritt, Combo-Chart
|
- ✅ Dashboard mit Kennzahlen, Zielfortschritt, Combo-Chart
|
||||||
|
|
@ -96,14 +98,26 @@ mitai-jinkendo/
|
||||||
- ✅ Automatische SQLite→PostgreSQL Migration bei Container-Start
|
- ✅ Automatische SQLite→PostgreSQL Migration bei Container-Start
|
||||||
- ✅ **Modulare Backend-Architektur**: 14 Router-Module, main.py von 1878→75 Zeilen (-96%)
|
- ✅ **Modulare Backend-Architektur**: 14 Router-Module, main.py von 1878→75 Zeilen (-96%)
|
||||||
|
|
||||||
|
### Aktuelles KI-Limit-System (Simple):
|
||||||
|
```sql
|
||||||
|
-- Tägliche Limits pro Profil
|
||||||
|
profiles.ai_enabled BOOLEAN -- KI an/aus
|
||||||
|
profiles.ai_limit_day INTEGER -- Tägliches Limit (NULL = unbegrenzt)
|
||||||
|
ai_usage (profile_id, date, count) -- Täglicher Counter
|
||||||
|
|
||||||
|
-- Funktionen in routers/insights.py:
|
||||||
|
check_ai_limit(pid) -- Prüft Limit vor KI-Call
|
||||||
|
inc_ai_usage(pid) -- Inkrementiert Counter nach Call
|
||||||
|
```
|
||||||
|
|
||||||
### Was in v9c kommt: Subscription & Coupon Management System
|
### Was in v9c kommt: Subscription & Coupon Management System
|
||||||
**Phase 1 (DB-Schema): ✅ DONE**
|
**Phase 1 (DB-Schema): ✅ DONE**
|
||||||
**Phase 2 (Backend API): ✅ DONE**
|
**Phase 2 (Backend API): ✅ DONE**
|
||||||
**Phase 3 (Frontend UI): ✅ DONE** (Feature Enforcement komplett, Self-Registration offen)
|
**Phase 3 (Admin Frontend): ✅ DONE**
|
||||||
|
**Phase 4 (Feature Enforcement): ⚠️ DEAKTIVIERT** (Rollback am 20.03.2026 - Bugs)
|
||||||
|
|
||||||
**Core Features (Backend):**
|
**Core Features (Backend & Admin-UI komplett):**
|
||||||
- ✅ DB-Schema (11 neue Tabellen, Feature-Registry Pattern)
|
- ✅ DB-Schema (11 neue Tabellen, Feature-Registry Pattern)
|
||||||
- ✅ **Feature-Access Enforcement** - Limits werden jetzt korrekt durchgesetzt!
|
|
||||||
- ✅ Flexibles Tier-System (free/basic/premium/selfhosted) - Admin-editierbar via API
|
- ✅ Flexibles Tier-System (free/basic/premium/selfhosted) - Admin-editierbar via API
|
||||||
- ✅ **Coupon-System** (3 Typen: single_use, period, wellpass)
|
- ✅ **Coupon-System** (3 Typen: single_use, period, wellpass)
|
||||||
- ✅ Coupon-Stacking-Logik (Pause + Resume bei Wellpass-Override)
|
- ✅ Coupon-Stacking-Logik (Pause + Resume bei Wellpass-Override)
|
||||||
|
|
@ -113,67 +127,35 @@ mitai-jinkendo/
|
||||||
- ✅ Individuelle User-Restrictions (Admin kann Limits pro User setzen)
|
- ✅ Individuelle User-Restrictions (Admin kann Limits pro User setzen)
|
||||||
- ✅ 7 neue Router, 30+ neue Endpoints (subscription, coupons, features, tiers, tier-limits, user-restrictions, access-grants)
|
- ✅ 7 neue Router, 30+ neue Endpoints (subscription, coupons, features, tiers, tier-limits, user-restrictions, access-grants)
|
||||||
|
|
||||||
**Frontend (Phase 3) - Status:**
|
**Admin-Frontend (vollständig implementiert):**
|
||||||
- ✅ **AdminFeaturesPage** - Feature-Konfiguration (sortierung, reset_period, limits, visibility)
|
- ✅ **AdminFeaturesPage** - Feature-Konfiguration (sortierung, reset_period, limits, visibility)
|
||||||
- ✅ **AdminTiersPage** - Tier-Verwaltung (CRUD, pricing monthly/yearly)
|
- ✅ **AdminTiersPage** - Tier-Verwaltung (CRUD, pricing monthly/yearly)
|
||||||
- ✅ **AdminTierLimitsPage** - Matrix-Editor (Tier x Feature, responsive mobile/desktop views)
|
- ✅ **AdminTierLimitsPage** - Matrix-Editor (Tier x Feature, responsive mobile/desktop views)
|
||||||
- ✅ **AdminCouponsPage** - Coupon-Manager (CRUD, 3 Typen, auto-generate codes, redemption history)
|
- ✅ **AdminCouponsPage** - Coupon-Manager (CRUD, 3 Typen, auto-generate codes, redemption history)
|
||||||
- ✅ **AdminUserRestrictionsPage** - User-Override-System (effektive Werte, auto-remove redundant overrides)
|
- ✅ **AdminUserRestrictionsPage** - User-Override-System (effektive Werte, auto-remove redundant overrides)
|
||||||
- ✅ **SubscriptionPage** - User Subscription-Info + Coupon-Einlösung (tier badge, limits, usage progress bars)
|
- ✅ **SubscriptionPage** - User Subscription-Info + Coupon-Einlösung (tier badge, limits, usage progress bars)
|
||||||
- ✅ **Feature Enforcement (März 2026)** - Backend + Frontend Feature Gates komplett implementiert
|
|
||||||
- ✅ Alle Routes in App.jsx registriert
|
- ✅ Alle Routes in App.jsx registriert
|
||||||
- 🔲 Selbst-Registrierung mit E-Mail-Verifizierung (Pflicht)
|
|
||||||
- 🔲 Trial-System UI (Countdown-Banner, auto-start nach E-Mail-Verifikation)
|
|
||||||
- 🔲 App-Settings Admin-Panel (globale Konfiguration: trial_days, allow_registration, etc.)
|
|
||||||
|
|
||||||
**✅ Feature Enforcement Implementation (20. März 2026):**
|
**⚠️ Feature Enforcement - ROLLBACK (20.03.2026):**
|
||||||
|
- Initial implementation broke core functionality (analysis history, export visibility, counters)
|
||||||
|
- Complete rollback to working state (commit 4fcde4a)
|
||||||
|
- Simple AI limit system (ai_enabled, ai_limit_day) now active
|
||||||
|
- v9c backend/admin UI remains functional but NOT enforcing limits
|
||||||
|
- Needs complete reimplementation with proper testing before re-enabling
|
||||||
|
|
||||||
**Backend - Feature Checks in Endpoints:**
|
**Noch NICHT implementiert:**
|
||||||
- ✅ **routers/insights.py** - KI-Analysen geschützt
|
- 🔲 Feature-Enforcement-System (needs redesign)
|
||||||
- `analyze_with_prompt()` - prüft 'ai_calls' feature, wirft HTTP 403/429 bei Limit
|
- 🔲 Selbst-Registrierung mit E-Mail-Verifizierung
|
||||||
- `run_pipeline()` - prüft 'ai_pipeline' feature
|
- 🔲 Trial-System UI (Countdown-Banner)
|
||||||
- Beide inkrementieren usage nach erfolgreicher Ausführung
|
- 🔲 App-Settings Admin-Panel (globale Konfiguration)
|
||||||
- ✅ **routers/exportdata.py** - Alle Export-Endpoints geschützt (CSV/JSON/ZIP)
|
|
||||||
- Prüft 'data_export' feature, wirft HTTP 403 bei deaktiviert/429 bei Limit
|
|
||||||
- Inkrementiert usage nach Export
|
|
||||||
- ✅ **routers/importdata.py** - ZIP-Import geschützt
|
|
||||||
- Prüft 'csv_import' feature vor Import
|
|
||||||
- ✅ **routers/nutrition.py** - FDDB CSV-Import geschützt
|
|
||||||
- Prüft 'csv_import' feature
|
|
||||||
- ✅ **routers/activity.py** - Apple Health CSV-Import geschützt
|
|
||||||
- Prüft 'csv_import' feature
|
|
||||||
|
|
||||||
**Frontend - Feature Gate System:**
|
**📚 Vollständige v9c Dokumentation:**
|
||||||
- ✅ **hooks/useFeatureAccess.js** - Custom Hook für Feature-Access-Prüfung
|
Siehe `/docs/MEMBERSHIP_SYSTEM.md` für:
|
||||||
- Ruft `/api/features/{slug}/check-access` auf
|
- Vollständige Architektur-Dokumentation
|
||||||
- Liefert: canUse, limit, used, remaining, reason, loading, error
|
- Datenbank-Schema Details
|
||||||
- Optimistic default (canUse=true) für bessere UX
|
- API-Endpoints Übersicht
|
||||||
- ✅ **components/FeatureGate.jsx** - Reusable Feature Gate Component
|
- Design-Entscheidungen und Rationale
|
||||||
- `<FeatureGate>` - versteckt children wenn Feature nicht verfügbar
|
- Lessons Learned vom Feature-Enforcement-Rollback
|
||||||
- `<FeatureBadge>` - zeigt Usage-Counter (z.B. "3/10") mit Farb-Codierung
|
|
||||||
- Upgrade-Prompt optional anzeigbar
|
|
||||||
- ✅ **pages/Analysis.jsx** - KI-Analysen Feature-Gates
|
|
||||||
- Pipeline-Button wrapped in `<FeatureGate feature="ai_pipeline">`
|
|
||||||
- Einzelanalysen wrapped in `<FeatureGate feature="ai_calls">`
|
|
||||||
- Usage-Counter in beiden Sektionen
|
|
||||||
- ✅ **pages/SettingsPage.jsx** - Export/Import Feature-Gates
|
|
||||||
- Export-Buttons wrapped in `<FeatureGate feature="data_export">`
|
|
||||||
- Import-Button wrapped in `<FeatureGate feature="csv_import">`
|
|
||||||
- Usage-Counter bei beiden
|
|
||||||
- ✅ **utils/api.js** - API-Funktion hinzugefügt
|
|
||||||
- `checkFeatureAccess(featureSlug)` für Frontend-Checks
|
|
||||||
|
|
||||||
**Verhalten:**
|
|
||||||
- Backend wirft HTTP 403 "Feature nicht verfügbar" bei deaktiviertem Feature
|
|
||||||
- Backend wirft HTTP 429 "Limit erreicht" bei überschrittenem Limit
|
|
||||||
- Frontend blendet Feature aus oder zeigt Upgrade-Prompt
|
|
||||||
- Usage-Counter zeigt aktuelle Nutzung (z.B. "5/10 AI-Calls")
|
|
||||||
- Farb-Codierung: Grün (0-70%), Orange (70-90%), Rot (90-100%)
|
|
||||||
|
|
||||||
**Noch NICHT geschützt (optional für v9d):**
|
|
||||||
- 🔲 **photos.py** - Feature-Check für Progress-Fotos Upload
|
|
||||||
- 🔲 **weight.py, circumference.py, caliper.py** - Entry-Limits prüfen (verhindert neue Einträge wenn Limit erreicht)
|
|
||||||
- 🔲 **nutrition.py, activity.py** - Entry-Limits prüfen (analog zu weight)
|
|
||||||
|
|
||||||
**E-Mail Templates (v9c):**
|
**E-Mail Templates (v9c):**
|
||||||
- 🔲 Registrierung + E-Mail-Verifizierung
|
- 🔲 Registrierung + E-Mail-Verifizierung
|
||||||
|
|
|
||||||
1058
docs/MEMBERSHIP_SYSTEM.md
Normal file
1058
docs/MEMBERSHIP_SYSTEM.md
Normal file
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user