siftlode/backend/app
npeter83 d02b540c60 feat(m5b): optional YouTube write scope via incremental OAuth
Default login now requests read-only (youtube.readonly); write (unsubscribe,
later playlist export) is an explicit opt-in.

- auth.py: split READ_SCOPES / WRITE_SCOPES; new GET /auth/upgrade (incremental
  consent, prompt=consent); has_write_scope() helper
- /api/me exposes can_write
- youtube/client.py: delete_subscription (50 units, OAuth-only)
- DELETE /api/channels/{id}/subscription, gated on write scope (403 otherwise)
- UI: Settings - Account 'Playlist editing & YouTube export' enable button;
  per-channel 'Unsubscribe on YouTube' (with confirm) shown only when can_write

Browser-facing; develop/test locally until the public HTTPS login lands. Needs a
one-time Console step: add youtube.readonly to the OAuth consent screen scopes.
2026-06-11 23:27:11 +02:00
..
routes feat(m5b): optional YouTube write scope via incremental OAuth 2026-06-11 23:27:11 +02:00
static fix: default app UI language to English (login page) 2026-06-11 01:03:36 +02:00
sync feat(m5d): demand-driven deep backfill + per-user ETA 2026-06-11 23:07:09 +02:00
youtube feat(m5b): optional YouTube write scope via incremental OAuth 2026-06-11 23:27:11 +02:00
__init__.py feat: M1 foundation — compose stack, FastAPI, Google OAuth, encrypted tokens 2026-06-11 01:01:37 +02:00
auth.py feat(m5b): optional YouTube write scope via incremental OAuth 2026-06-11 23:27:11 +02:00
config.py fix: feedback round 2 — language, subscriptions, feed scope, UX 2026-06-11 03:28:45 +02:00
db.py feat: M1 foundation — compose stack, FastAPI, Google OAuth, encrypted tokens 2026-06-11 01:01:37 +02:00
main.py feat(m5a): channel manager, tabbed settings panel, per-user sync status 2026-06-11 20:45:48 +02:00
models.py feat(m5d): demand-driven deep backfill + per-user ETA 2026-06-11 23:07:09 +02:00
quota.py feat: M2 (part 1) — subscription import, YouTube client, quota guard 2026-06-11 01:22:07 +02:00
scheduler.py feat: sync status indicator, admin pause/resume, filtered video count 2026-06-11 04:15:25 +02:00
security.py feat: M1 foundation — compose stack, FastAPI, Google OAuth, encrypted tokens 2026-06-11 01:01:37 +02:00
state.py chore: structured timestamped logging across the backend 2026-06-11 04:26:18 +02:00