siftlode/backend/app/routes
npeter83 feb41f4514 feat(demo): hidden /auth/demo login + require_human guard
Whitelisted emails enter the shared demo user via /auth/demo (lazily
created, no OAuth token/scope), rate-limited per IP and answering
uniformly so it can't be hammered as an enumeration oracle. Add a
require_human dependency that blocks the demo account from quota-spending
sync endpoints and the OAuth upgrade flow, and surface is_demo on /api/me.
2026-06-16 09:17:21 +02:00
..
__init__.py feat: M1 foundation — compose stack, FastAPI, Google OAuth, encrypted tokens 2026-06-11 01:01:37 +02:00
admin.py feat(m5c): onboarding — DB invites, request-access, admin approval, email 2026-06-12 01:43:07 +02:00
channels.py feat(stats): per-user API quota attribution + admin usage page 2026-06-12 02:47:55 +02:00
feed.py feat(feed): Show chips in the toolbar + key+direction sort 2026-06-16 02:46:26 +02:00
health.py feat: M1 foundation — compose stack, FastAPI, Google OAuth, encrypted tokens 2026-06-11 01:01:37 +02:00
me.py feat(demo): hidden /auth/demo login + require_human guard 2026-06-16 09:17:21 +02:00
playlists.py feat(playlists): derive dirty from a synced-state fingerprint 2026-06-15 23:00:56 +02:00
quota.py feat(stats): per-user API quota attribution + admin usage page 2026-06-12 02:47:55 +02:00
sync.py feat(demo): hidden /auth/demo login + require_human guard 2026-06-16 09:17:21 +02:00
tags.py feat(m5a): channel manager, tabbed settings panel, per-user sync status 2026-06-11 20:45:48 +02:00
version.py feat(version): /api/version + build-time version/commit stamping 2026-06-15 00:06:57 +02:00