|
|
c002cb1e54
|
feat: add feature-access middleware for v9c subscription system
Deploy Development / deploy (push) Successful in 55s
Build Test / lint-backend (push) Successful in 1s
Build Test / build-frontend (push) Has been cancelled
Implements flexible feature access control with 3-tier hierarchy:
1. User-specific restrictions (highest priority)
2. Tier limits
3. Feature defaults
New functions:
- get_effective_tier(profile_id) - Checks access_grants, falls back to profile.tier
- check_feature_access(profile_id, feature_id) - Complete access check
Returns: {allowed, limit, used, remaining, reason}
- increment_feature_usage(profile_id, feature_id) - Usage tracking
- _calculate_next_reset(reset_period) - Helper for daily/monthly resets
Supports:
- Boolean features (enabled/disabled)
- Count-based features with limits
- Automatic reset (daily/monthly/never)
- Unlimited (NULL) and disabled (0) states
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
2026-03-19 13:04:49 +01:00 |
|
|
|
d826524789
|
refactor: extract auth functions to auth.py
Deploy Development / deploy (push) Successful in 54s
Build Test / lint-backend (push) Successful in 0s
Build Test / build-frontend (push) Successful in 13s
Phase 1.2 - Authentication-Logik isolieren
NEUE DATEI:
- backend/auth.py: Auth-Funktionen mit Dokumentation
* hash_pin() - bcrypt + SHA256 legacy support
* verify_pin() - Password verification
* make_token() - Session token generation
* get_session() - Token validation
* require_auth() - FastAPI dependency
* require_auth_flexible() - Auth via header OR query
* require_admin() - Admin-only dependency
ÄNDERUNGEN:
- backend/main.py:
* Import from auth.py
* Removed 48 lines of auth code
* hashlib, secrets nicht mehr benötigt
KEINE funktionalen Änderungen.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
2026-03-19 09:51:25 +01:00 |
|
