alexei.dolgolyov/personal-ai-assistant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d86d53f473b7ce43ea4d2df2834adf18637f0e14
personal-ai-assistant/plans/phase-9-oauth.md
dolgolyov.alexei d86d53f473 Phase 10: Per-User Rate Limits — messages + tokens, quota UI, admin usage 
Backend:
- max_ai_messages_per_day + max_ai_tokens_per_day on User model (nullable, override)
- Migration 008: add columns + seed default settings (100 msgs, 500K tokens)
- usage_service: count today's messages + tokens, check quota, get limits
- GET /chats/quota returns usage vs limits + reset time
- POST /chats/{id}/messages checks quota before streaming (429 if exceeded)
- Admin user schemas expose both limit fields
- GET /admin/usage returns per-user daily message + token counts
- admin_user_service allows updating both limit fields

Frontend:
- Chat header shows "X/Y messages · XK/YK tokens" with red highlight at limit
- Quota refreshes every 30s via TanStack Query
- Admin usage page with table: user, messages today, tokens today
- Route + sidebar entry for admin usage
- English + Russian translations

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 15:44:51 +03:00

45 lines
1.7 KiB
Markdown
Raw Blame History

# Phase 9: OAuth & Account Switching — Subplan
## Goal
Allow users to authenticate via Google OAuth, and switch between multiple logged-in accounts without re-entering credentials.
## Prerequisites
- Auth system with JWT tokens, User model with oauth_provider/oauth_provider_id columns
- Google Cloud OAuth 2.0 credentials
---
## Tasks
- [ ] **9.1** Add `GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`, `GOOGLE_REDIRECT_URI` to config.py + .env.example. Add `authlib` to pyproject.toml.
- [ ] **9.2** Create `backend/app/services/oauth_service.py`: register Google provider, get_authorization_url, handle_callback (fetch user info, create/link user, issue tokens).
- [ ] **9.3** Make `User.hashed_password` nullable (OAuth users have no password). Migration 008.
- [ ] **9.4** Add OAuth endpoints to auth.py: `GET /auth/oauth/{provider}/authorize`, `GET /auth/oauth/{provider}/callback`.
- [ ] **9.5** Add `POST /auth/switch` endpoint (accepts refresh token, returns full AuthResponse).
- [ ] **9.6** Update schemas: add oauth_provider to UserResponse.
- [ ] **9.7** Frontend: OAuth API functions, callback route component.
- [ ] **9.8** Frontend: OAuth buttons on login form ("Sign in with Google").
- [ ] **9.9** Frontend: extend auth-store with accounts array, switchAccount, addAccount.
- [ ] **9.10** Frontend: account switcher dropdown in header.
- [ ] **9.11** Update routes, i18n (en/ru).
- [ ] **9.12** Tests + verification.
---
## Acceptance Criteria
1. Google OAuth login works end-to-end
2. OAuth user created with oauth_provider="google"
3. Existing email users can link to Google
4. Multiple accounts stored; switching is instant
5. OAuth-only users cannot use password login
6. All UI text in en/ru
---
## Status
**NOT STARTED**
Reference in New Issue View Git Blame Copy Permalink