alexei.dolgolyov/personal-ai-assistant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Phase 10: Per-User Rate Limits — messages + tokens, quota UI, admin usage

Browse Source 
Backend:
- max_ai_messages_per_day + max_ai_tokens_per_day on User model (nullable, override)
- Migration 008: add columns + seed default settings (100 msgs, 500K tokens)
- usage_service: count today's messages + tokens, check quota, get limits
- GET /chats/quota returns usage vs limits + reset time
- POST /chats/{id}/messages checks quota before streaming (429 if exceeded)
- Admin user schemas expose both limit fields
- GET /admin/usage returns per-user daily message + token counts
- admin_user_service allows updating both limit fields

Frontend:
- Chat header shows "X/Y messages · XK/YK tokens" with red highlight at limit
- Quota refreshes every 30s via TanStack Query
- Admin usage page with table: user, messages today, tokens today
- Route + sidebar entry for admin usage
- English + Russian translations

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Admin
2026-03-19 15:44:51 +03:00
parent bb53eeee8e
commit d86d53f473
17 changed files with 390 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
plans/phase-10-rate-limits.md Normal file
View File

@@ -0,0 +1,42 @@
# Phase 10: Per-User Rate Limits — Subplan
## Goal
Enforce per-user daily AI message limits with admin-configurable defaults, per-user overrides, usage tracking, and frontend quota visibility.
## Prerequisites
- Settings table + service, admin panel, chat/message system
---
## Tasks
- [x] **10.1** Add `max_ai_messages_per_day` nullable int to User model. Migration 008 (or 009).
- [x] **10.2** Seed `default_max_ai_messages_per_day` setting (default: 100).
- [x] **10.3** Create `backend/app/services/usage_service.py`: get_user_message_count_today, get_user_daily_limit.
- [x] **10.4** Enforce limit in `POST /chats/{id}/messages` before streaming (429 if exceeded).
- [x] **10.5** Add `GET /chats/quota` endpoint (used, limit, resets_at).
- [x] **10.6** Expose max_ai_messages_per_day in admin user schemas + service.
- [x] **10.7** Add `GET /admin/usage` stats endpoint (per-user daily counts).
- [x] **10.8** Frontend: show quota in chat header ("X/Y messages today").
- [x] **10.9** Frontend: admin usage page.
- [x] **10.10** Frontend: handle 429 in chat, routes, sidebar, i18n.
- [x] **10.11** Tests + verification.
---
## Acceptance Criteria
1. Sending at daily limit returns 429
2. Admin configures default limit via settings
3. Per-user override works (NULL = use default)
4. Chat header shows usage counter
5. Admin usage page shows per-user stats
6. All UI text in en/ru
---
## Status
**COMPLETED**

44
plans/phase-9-oauth.md Normal file
View File

@@ -0,0 +1,44 @@
# Phase 9: OAuth & Account Switching — Subplan
## Goal
Allow users to authenticate via Google OAuth, and switch between multiple logged-in accounts without re-entering credentials.
## Prerequisites
- Auth system with JWT tokens, User model with oauth_provider/oauth_provider_id columns
- Google Cloud OAuth 2.0 credentials
---
## Tasks
- [ ] **9.1** Add `GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`, `GOOGLE_REDIRECT_URI` to config.py + .env.example. Add `authlib` to pyproject.toml.
- [ ] **9.2** Create `backend/app/services/oauth_service.py`: register Google provider, get_authorization_url, handle_callback (fetch user info, create/link user, issue tokens).
- [ ] **9.3** Make `User.hashed_password` nullable (OAuth users have no password). Migration 008.
- [ ] **9.4** Add OAuth endpoints to auth.py: `GET /auth/oauth/{provider}/authorize`, `GET /auth/oauth/{provider}/callback`.
- [ ] **9.5** Add `POST /auth/switch` endpoint (accepts refresh token, returns full AuthResponse).
- [ ] **9.6** Update schemas: add oauth_provider to UserResponse.
- [ ] **9.7** Frontend: OAuth API functions, callback route component.
- [ ] **9.8** Frontend: OAuth buttons on login form ("Sign in with Google").
- [ ] **9.9** Frontend: extend auth-store with accounts array, switchAccount, addAccount.
- [ ] **9.10** Frontend: account switcher dropdown in header.
- [ ] **9.11** Update routes, i18n (en/ru).
- [ ] **9.12** Tests + verification.
---
## Acceptance Criteria
1. Google OAuth login works end-to-end
2. OAuth user created with oauth_provider="google"
3. Existing email users can link to Google
4. Multiple accounts stored; switching is instant
5. OAuth-only users cannot use password login
6. All UI text in en/ru
---
## Status
**NOT STARTED**