feat: add account management, email verification, AI fixes, and user guides

- Profile settings, account transfer, delete/leave account flows - Email verification with JWT tokens and Resend integration - AI assistant/copilot fixes: markdown rendering, shared RAG helpers, token tracking, input refocus, model_validate usage - User guides hub + detail pages with 13 topic guides - Sidebar and top bar navigation for guides Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 19:18:06 -05:00
parent 1aa60dada2
commit 8d6accaf60
45 changed files with 2255 additions and 126 deletions
--- a/backend/app/api/endpoints/accounts.py
+++ b/backend/app/api/endpoints/accounts.py
@@ -7,17 +7,20 @@ from fastapi import APIRouter, Depends, HTTPException, status, Query
 from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy import select

+from pydantic import BaseModel
 from app.core.database import get_db
 from app.core.subscriptions import get_account_subscription, get_plan_limits, get_account_usage
 from app.core.audit import log_audit
+from app.models.refresh_token import RefreshToken
 from app.core.email import EmailService
 from app.models.account import Account
 from app.models.account_invite import AccountInvite
 from app.models.subscription import Subscription
 from app.models.user import User
-from app.schemas.account import AccountResponse, AccountUpdate, AccountInviteCreate, AccountInviteResponse
+from app.schemas.account import AccountResponse, AccountUpdate, AccountInviteCreate, AccountInviteResponse, TransferOwnershipRequest
 from app.schemas.subscription import SubscriptionResponse, PlanLimitsResponse, UsageResponse, SubscriptionDetails
 from app.schemas.user import UserResponse, AccountRoleUpdate
+from app.core.security import verify_password
 from app.api.deps import get_current_active_user, require_account_owner

 router = APIRouter(prefix="/accounts", tags=["accounts"])
@@ -142,6 +145,58 @@ async def update_member_role(
    return user


+@router.post("/me/transfer-ownership", response_model=AccountResponse)
+async def transfer_ownership(
+    data: TransferOwnershipRequest,
+    db: Annotated[AsyncSession, Depends(get_db)],
+    current_user: Annotated[User, Depends(require_account_owner)]
+):
+    """Transfer account ownership to another member (owner only)."""
+    if not verify_password(data.current_password, current_user.password_hash):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Current password is incorrect"
+        )
+
+    if data.target_user_id == current_user.id:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Cannot transfer ownership to yourself"
+        )
+
+    result = await db.execute(
+        select(User).where(
+            User.id == data.target_user_id,
+            User.account_id == current_user.account_id
+        )
+    )
+    target_user = result.scalar_one_or_none()
+    if not target_user:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="User not found in your account"
+        )
+
+    # Swap roles
+    current_user.account_role = "engineer"
+    target_user.account_role = "owner"
+
+    # Update account owner
+    result = await db.execute(
+        select(Account).where(Account.id == current_user.account_id)
+    )
+    account = result.scalar_one()
+    account.owner_id = target_user.id
+
+    await log_audit(
+        db, current_user.id, "account.ownership_transfer", "account", account.id,
+        {"new_owner_id": str(target_user.id)}
+    )
+    await db.commit()
+    await db.refresh(account)
+    return account
+
+
@router.delete("/me/members/{user_id}", status_code=status.HTTP_204_NO_CONTENT)
 async def remove_member(
    user_id: UUID,
@@ -318,3 +373,95 @@ async def list_invites(
        .order_by(AccountInvite.created_at.desc())
    )
    return result.scalars().all()
+
+
+@router.post("/me/leave")
+async def leave_account(
+    db: Annotated[AsyncSession, Depends(get_db)],
+    current_user: Annotated[User, Depends(get_current_active_user)]
+):
+    """Leave the current account (non-owners only). Creates a personal account."""
+    if current_user.account_role == "owner":
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Account owners cannot leave. Transfer ownership first."
+        )
+
+    # Create a personal account (same pattern as remove_member)
+    chars = string.ascii_uppercase + string.digits
+    display_code = ''.join(secrets.choice(chars) for _ in range(8))
+
+    new_account = Account(
+        name=f"{current_user.name}'s Account",
+        display_code=display_code,
+        owner_id=current_user.id,
+    )
+    db.add(new_account)
+    await db.flush()
+
+    new_sub = Subscription(
+        account_id=new_account.id,
+        plan="free",
+        status="active",
+    )
+    db.add(new_sub)
+
+    old_account_id = current_user.account_id
+    current_user.account_id = new_account.id
+    current_user.account_role = "owner"
+
+    await log_audit(db, current_user.id, "account.leave", "account", old_account_id)
+    await db.commit()
+
+    return {"message": "You have left the account"}
+
+
+class DeleteAccountRequest(BaseModel):
+    current_password: str
+
+
+@router.delete("/me")
+async def delete_account(
+    data: DeleteAccountRequest,
+    db: Annotated[AsyncSession, Depends(get_db)],
+    current_user: Annotated[User, Depends(require_account_owner)]
+):
+    """Delete the current account and soft-delete the user (owner only, no other members)."""
+    if not verify_password(data.current_password, current_user.password_hash):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Current password is incorrect"
+        )
+
+    # Check no other members
+    result = await db.execute(
+        select(User).where(
+            User.account_id == current_user.account_id,
+            User.id != current_user.id,
+            User.deleted_at.is_(None)
+        )
+    )
+    if result.scalars().first():
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Cannot delete account with other members. Remove them first."
+        )
+
+    # Soft-delete user
+    current_user.deleted_at = datetime.now(timezone.utc)
+    current_user.is_active = False
+
+    # Revoke all refresh tokens
+    rt_result = await db.execute(
+        select(RefreshToken).where(
+            RefreshToken.user_id == current_user.id,
+            RefreshToken.revoked_at.is_(None)
+        )
+    )
+    for rt in rt_result.scalars().all():
+        rt.revoked_at = datetime.now(timezone.utc)
+
+    await log_audit(db, current_user.id, "account.delete", "account", current_user.account_id)
+    await db.commit()
+
+    return {"message": "Account deleted"}