Launch PNA Assistant SaaS — Stripe + webhook + Docker

- Streamlit app: BYOK free tier + Pro/Institution tiers via Stripe
- Stripe Payment Links wired in (env vars with real fallbacks)
- FastAPI webhook: validates Stripe signatures, generates
PNA-PRO-XXXXX activation codes, emails via Amazon SES
- Docker Compose: 3 services (streamlit, webhook, nginx)
- Nginx: HTTPS termination + /webhook routing to FastAPI
- .gitignore: protects .env, assets/aequip_guide.md, codes.jsonl
- A-EQUIP RAG: FAISS + sentence-transformers on NHS OGL v3.0 content
- Exports: supervision notes + NMC CPD records as .docx (Pro only)

Deploy: docker compose up -d on t3.small EC2, eu-west-2
Live: pna.nursingcitizendevelopment.com

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

.env.example

@@ -0,0 +1,14 @@
+# PNA Assistant — Environment Variables
+# Copy to .env and fill in your values
+
+# Stripe Payment Links (create in Stripe Dashboard → Payment Links)
+STRIPE_PRO_LINK=https://buy.stripe.com/YOUR_PRO_LINK
+STRIPE_INSTITUTION=https://buy.stripe.com/YOUR_INSTITUTION_LINK
+
+# Optional: Platform Anthropic key (if you want to absorb API costs for users)
+# ANTHROPIC_API_KEY=sk-ant-api03-...
+
+# AWS (Phase 2 — Cognito auth)
+# AWS_REGION=eu-west-2
+# COGNITO_USER_POOL_ID=eu-west-2_XXXXXXX
+# COGNITO_CLIENT_ID=XXXXXXXXXXXXXXXX

.gitignore

@@ -0,0 +1,42 @@
+# Environment — never commit secrets
+.env
+.env.local
+.env.*.local
+
+# Python
+__pycache__/
+*.py[cod]
+*.pyo
+*.pyd
+.Python
+*.egg
+*.egg-info/
+dist/
+build/
+*.whl
+.venv/
+venv/
+env/
+
+# Streamlit
+.streamlit/secrets.toml
+
+# Assets (large guide file — copy manually on deploy)
+assets/aequip_guide.md
+
+# FAISS index (rebuilt at startup)
+*.faiss
+*.index
+*.pkl
+
+# OS / macOS
+.DS_Store
+Thumbs.db
+._*
+__MACOSX/
+
+# Docker
+*.log
+
+# Webhook codes log (contains customer data)
+codes.jsonl

Dockerfile

@@ -0,0 +1,30 @@
+FROM python:3.11-slim
+
+# System deps
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    gcc g++ curl \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /app
+
+# Install Python deps first (cached layer)
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy application
+COPY . .
+
+# Streamlit config
+RUN mkdir -p /app/.streamlit
+COPY .streamlit/config.toml /app/.streamlit/config.toml
+
+EXPOSE 8501
+
+# Health check
+HEALTHCHECK CMD curl --fail http://localhost:8501/_stcore/health || exit 1
+
+CMD ["streamlit", "run", "streamlit_app.py", \
+     "--server.port=8501", \
+     "--server.address=0.0.0.0", \
+     "--server.headless=true", \
+     "--browser.gatherUsageStats=false"]

Dockerfile.webhook

@@ -0,0 +1,17 @@
+FROM python:3.11-slim
+
+WORKDIR /app
+
+RUN pip install --no-cache-dir \
+    fastapi>=0.110.0 \
+    uvicorn[standard]>=0.29.0 \
+    boto3>=1.34.0
+
+COPY webhook.py .
+
+EXPOSE 8080
+
+HEALTHCHECK --interval=30s --timeout=10s --retries=3 \
+    CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8080/health')"
+
+CMD ["uvicorn", "webhook:app", "--host", "0.0.0.0", "--port", "8080"]

README.md

@@ -0,0 +1,106 @@
+# PNA Assistant — Professional Nurse Advocate AI
+
+AI-powered educational tool for the A-EQUIP model and restorative clinical supervision.
+
+**Stack:** Python · Streamlit · Claude claude-opus-4-6 · FAISS RAG · Stripe · FastAPI webhook · Docker · AWS EC2
+
+## Quick Start (local)
+
+```bash
+pip install -r requirements.txt
+
+# Copy the A-EQUIP guide into assets/
+cp "Professional nurse advocate A-EQUIP model Guide.md" assets/aequip_guide.md
+
+streamlit run streamlit_app.py
+```
+
+## AWS Deployment
+
+```bash
+# 1. Launch EC2 t3.small (Ubuntu 22.04, eu-west-2)
+# 2. SSH in and install Docker
+sudo apt update && sudo apt install -y docker.io docker-compose-plugin curl
+
+# 3. Clone repo
+git clone https://github.com/Clinical-Quality-Artifical-Intelligence/Professional-Nurse-Advocate-Assistant
+cd Professional-Nurse-Advocate-Assistant
+
+# 4. Set up env
+cp .env.example .env
+nano .env   # fill in Stripe keys + webhook secret
+
+# 5. Copy the A-EQUIP guide
+cp "Professional nurse advocate A-EQUIP model Guide.md" assets/aequip_guide.md
+
+# 6. Deploy
+docker compose up -d
+
+# 7. SSL with Let's Encrypt
+sudo apt install -y certbot
+sudo certbot certonly --standalone -d pna.nursingcitizendevelopment.com
+
+# 8. Restart with SSL
+docker compose restart nginx
+```
+
+## Stripe Webhook Setup (5 minutes)
+
+After deploying to EC2:
+
+1. Stripe Dashboard → **Developers** → **Webhooks** → **Add endpoint**
+2. Endpoint URL: `https://pna.nursingcitizendevelopment.com/webhook`
+3. Events to listen for: `checkout.session.completed`
+4. Click **Add endpoint**, then reveal the **Signing secret**
+5. Copy the signing secret (starts `whsec_...`)
+6. SSH into EC2 and update `.env`:
+   ```bash
+   nano .env
+   # Set: STRIPE_WEBHOOK_SECRET=whsec_your_real_secret
+   docker compose restart pna-webhook
+   ```
+
+When a customer pays, the webhook:
+- Generates a `PNA-PRO-XXXXX` activation code
+- Emails it to the customer via Amazon SES
+- Logs it to `/app/codes.jsonl` inside the container
+
+### Amazon SES Setup (for automated emails)
+
+```bash
+# Verify your sending domain in SES console (AWS Console → SES → Verified identities)
+# Then attach an IAM role to the EC2 instance with ses:SendEmail permission
+# No access keys needed — uses the instance role automatically
+```
+
+Or check codes manually until SES is configured:
+```bash
+docker exec pna-webhook cat /app/codes.jsonl
+```
+
+## Subscription Tiers
+
+| Tier | Price | Features |
+|------|-------|---------|
+| Free | £0 | Chat with BYOK API key, unlimited conversations |
+| Pro | £9.99/month | + Supervision notes (.docx), CPD logs, session history |
+| Institution | £99/month | + Multi-user, custom branding, bulk CPD |
+
+## Environment Variables
+
+| Variable | Description |
+|----------|-------------|
+| `STRIPE_PRO_LINK` | Stripe Payment Link for Pro plan |
+| `STRIPE_INSTITUTION` | Stripe Payment Link for Institution plan |
+| `STRIPE_PUBLISHABLE_KEY` | Stripe public key (for future Stripe.js use) |
+| `STRIPE_SECRET_KEY` | Stripe secret key (future server-side use) |
+| `STRIPE_WEBHOOK_SECRET` | Webhook signing secret (`whsec_...`) |
+| `AWS_REGION` | AWS region for SES (default: `eu-west-2`) |
+| `SES_FROM_EMAIL` | Verified SES sender email |
+
+## Copyright
+
+A-EQUIP model guide content — Contains public sector information licensed under the
+[Open Government Licence v3.0](https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/) — NHS England.
+
+Application code — Apache 2.0 — © 2026 Lincoln Gombedza

docker-compose.yml

@@ -0,0 +1,68 @@
+version: "3.9"
+
+services:
+
+  # ── Streamlit app ────────────────────────────────────────────────────────────
+  pna-assistant:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: pna-assistant
+    restart: unless-stopped
+    ports:
+      - "8501:8501"
+    environment:
+      - STRIPE_PRO_LINK=${STRIPE_PRO_LINK}
+      - STRIPE_INSTITUTION=${STRIPE_INSTITUTION}
+    volumes:
+      - ./assets:/app/assets:ro
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8501/_stcore/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 40s
+
+  # ── Stripe webhook handler ───────────────────────────────────────────────────
+  pna-webhook:
+    build:
+      context: .
+      dockerfile: Dockerfile.webhook
+    container_name: pna-webhook
+    restart: unless-stopped
+    ports:
+      - "8080:8080"
+    environment:
+      - STRIPE_WEBHOOK_SECRET=${STRIPE_WEBHOOK_SECRET}
+      - AWS_REGION=${AWS_REGION:-eu-west-2}
+      - SES_FROM_EMAIL=${SES_FROM_EMAIL:-lincoln@clinyqai.com}
+      # SES needs IAM role on EC2 (preferred) OR explicit credentials:
+      # - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
+      # - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
+    volumes:
+      - codes_data:/app   # persist codes.jsonl across restarts
+    healthcheck:
+      test: ["CMD", "python", "-c",
+             "import urllib.request; urllib.request.urlopen('http://localhost:8080/health')"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 20s
+
+  # ── Nginx reverse proxy ──────────────────────────────────────────────────────
+  nginx:
+    image: nginx:alpine
+    container_name: pna-nginx
+    restart: unless-stopped
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
+      - /etc/letsencrypt:/etc/letsencrypt:ro
+    depends_on:
+      - pna-assistant
+      - pna-webhook
+
+volumes:
+  codes_data:

nginx.conf

@@ -0,0 +1,44 @@
+server {
+    listen 80;
+    server_name pna.nursingcitizendevelopment.com;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name pna.nursingcitizendevelopment.com;
+
+    ssl_certificate     /etc/letsencrypt/live/pna.nursingcitizendevelopment.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/pna.nursingcitizendevelopment.com/privkey.pem;
+    ssl_protocols       TLSv1.2 TLSv1.3;
+
+    # ── Stripe webhook endpoint ──────────────────────────────────────────────
+    location /webhook {
+        proxy_pass         http://pna-webhook:8080/webhook;
+        proxy_http_version 1.1;
+        proxy_set_header   Host $host;
+        proxy_set_header   X-Real-IP $remote_addr;
+        proxy_read_timeout 30s;
+    }
+
+    # ── Streamlit WebSocket SSE stream ───────────────────────────────────────
+    location /_stcore/stream {
+        proxy_pass         http://pna-assistant:8501/_stcore/stream;
+        proxy_http_version 1.1;
+        proxy_set_header   Upgrade $http_upgrade;
+        proxy_set_header   Connection "upgrade";
+        proxy_read_timeout 86400s;
+    }
+
+    # ── Streamlit app (everything else) ─────────────────────────────────────
+    location / {
+        proxy_pass         http://pna-assistant:8501;
+        proxy_http_version 1.1;
+        proxy_set_header   Upgrade $http_upgrade;
+        proxy_set_header   Connection "upgrade";
+        proxy_set_header   Host $host;
+        proxy_set_header   X-Real-IP $remote_addr;
+        proxy_cache_bypass $http_upgrade;
+        proxy_read_timeout 300s;
+    }
+}

pna/__init__.py

@@ -0,0 +1 @@
+# PNA Assistant modules

pna/claude_client.py

@@ -0,0 +1,96 @@
+"""
+Claude API client for PNA Assistant.
+Uses claude-opus-4-6 with streaming and adaptive thinking.
+"""
+import anthropic
+from .prompts import SYSTEM_PROMPT, SUPERVISION_SUMMARY_PROMPT
+from datetime import date
+
+
+def build_messages(
+    history: list[dict],
+    user_message: str,
+    context: str = "",
+) -> list[dict]:
+    """Build message list from chat history + current message."""
+    messages = []
+
+    # Add history
+    for msg in history:
+        messages.append({"role": msg["role"], "content": msg["content"]})
+
+    # Build user turn — prepend RAG context if available
+    if context:
+        content = (
+            f"[Relevant A-EQUIP context from the guide]\n{context}\n\n"
+            f"[Nurse's message]\n{user_message}"
+        )
+    else:
+        content = user_message
+
+    messages.append({"role": "user", "content": content})
+    return messages
+
+
+def stream_response(
+    api_key: str,
+    history: list[dict],
+    user_message: str,
+    context: str = "",
+):
+    """
+    Stream a response from Claude.
+    Yields text chunks as strings.
+    Uses claude-opus-4-6 with adaptive thinking.
+    """
+    client = anthropic.Anthropic(api_key=api_key)
+    messages = build_messages(history, user_message, context)
+
+    with client.messages.stream(
+        model="claude-opus-4-6",
+        max_tokens=1024,
+        thinking={"type": "adaptive"},
+        system=SYSTEM_PROMPT,
+        messages=messages,
+    ) as stream:
+        for event in stream:
+            if event.type == "content_block_delta":
+                if event.delta.type == "text_delta":
+                    yield event.delta.text
+
+
+def generate_supervision_note(
+    api_key: str,
+    history: list[dict],
+) -> str:
+    """
+    Generate a structured supervision note from the conversation.
+    Returns the full note as a string.
+    """
+    client = anthropic.Anthropic(api_key=api_key)
+
+    # Build a summary of the conversation
+    conversation_text = "\n\n".join(
+        f"**{'Nurse' if m['role'] == 'user' else 'PNA Assistant'}:** {m['content']}"
+        for m in history
+    )
+
+    today = date.today().strftime("%d %B %Y")
+    prompt = (
+        f"Today's date: {today}\n\n"
+        f"Supervision conversation transcript:\n\n{conversation_text}\n\n"
+        f"{SUPERVISION_SUMMARY_PROMPT}"
+    )
+
+    response = client.messages.create(
+        model="claude-opus-4-6",
+        max_tokens=2000,
+        thinking={"type": "adaptive"},
+        messages=[{"role": "user", "content": prompt}],
+    )
+
+    for block in response.content:
+        if block.type == "text":
+            return block.text
+
+    return "Could not generate supervision note."

pna/export.py

@@ -0,0 +1,156 @@
+"""
+Export supervision notes and CPD logs to .docx format.
+"""
+from datetime import date
+from io import BytesIO
+
+HAS_DOCX = False
+try:
+    from docx import Document
+    from docx.shared import Pt, RGBColor, Inches
+    from docx.enum.text import WD_ALIGN_PARAGRAPH
+    HAS_DOCX = True
+except ImportError:
+    pass
+
+
+def build_supervision_docx(note_text: str, nurse_name: str = "") -> bytes | None:
+    """Build a formatted .docx supervision note."""
+    if not HAS_DOCX:
+        return None
+
+    doc = Document()
+
+    # Header
+    header_para = doc.add_paragraph()
+    header_para.alignment = WD_ALIGN_PARAGRAPH.CENTER
+    run = header_para.add_run("Professional Nurse Advocate Assistant")
+    run.bold = True
+    run.font.size = Pt(16)
+    run.font.color.rgb = RGBColor(0x1a, 0x24, 0x60)  # brand navy
+
+    sub = doc.add_paragraph()
+    sub.alignment = WD_ALIGN_PARAGRAPH.CENTER
+    sub.add_run("A-EQUIP Model Supervision Note").italic = True
+
+    doc.add_paragraph()
+
+    # Metadata
+    meta = doc.add_paragraph()
+    meta.add_run(f"Date: ").bold = True
+    meta.add_run(date.today().strftime("%d %B %Y"))
+
+    if nurse_name:
+        nurse_p = doc.add_paragraph()
+        nurse_p.add_run("Name: ").bold = True
+        nurse_p.add_run(nurse_name)
+
+    doc.add_paragraph()
+
+    # Note content — parse markdown-ish headings
+    for line in note_text.split("\n"):
+        line = line.strip()
+        if not line:
+            doc.add_paragraph()
+            continue
+
+        if line.startswith("## "):
+            h = doc.add_heading(line[3:], level=2)
+            for run in h.runs:
+                run.font.color.rgb = RGBColor(0x1a, 0x24, 0x60)
+        elif line.startswith("### "):
+            h = doc.add_heading(line[4:], level=3)
+            for run in h.runs:
+                run.font.color.rgb = RGBColor(0x0d, 0x94, 0x88)  # teal
+        elif line.startswith("**") and line.endswith("**"):
+            p = doc.add_paragraph()
+            p.add_run(line.strip("**")).bold = True
+        elif line.startswith("- "):
+            doc.add_paragraph(line[2:], style="List Bullet")
+        else:
+            doc.add_paragraph(line)
+
+    # Footer
+    doc.add_paragraph()
+    footer = doc.add_paragraph()
+    footer.alignment = WD_ALIGN_PARAGRAPH.CENTER
+    footer_run = footer.add_run(
+        "Contains public sector information licensed under the Open Government Licence v3.0 — NHS England.\n"
+        "This tool supports but does not replace clinical judgment or formal supervision documentation."
+    )
+    footer_run.font.size = Pt(8)
+    footer_run.font.color.rgb = RGBColor(0x6b, 0x72, 0x80)
+    footer_run.italic = True
+
+    buf = BytesIO()
+    doc.save(buf)
+    return buf.getvalue()
+
+
+def build_cpd_docx(note_text: str, nurse_name: str = "", hours: float = 1.0) -> bytes | None:
+    """Build NMC revalidation CPD record."""
+    if not HAS_DOCX:
+        return None
+
+    doc = Document()
+
+    header_para = doc.add_paragraph()
+    header_para.alignment = WD_ALIGN_PARAGRAPH.CENTER
+    run = header_para.add_run("NMC Revalidation — CPD Record")
+    run.bold = True
+    run.font.size = Pt(16)
+    run.font.color.rgb = RGBColor(0x1a, 0x24, 0x60)
+
+    doc.add_paragraph()
+
+    fields = [
+        ("Date", date.today().strftime("%d %B %Y")),
+        ("Name", nurse_name or "___________________"),
+        ("NMC PIN", "___________________"),
+        ("Activity Type", "Restorative Clinical Supervision (A-EQUIP Model)"),
+        ("Hours", f"{hours:.1f}"),
+        ("Method", "1:1 Supervision with AI-assisted preparation/reflection"),
+        ("NMC Standards",
+         "Platform 1 (Accountable professional), Platform 6 (Safety & quality)"),
+    ]
+
+    for label, value in fields:
+        p = doc.add_paragraph()
+        p.add_run(f"{label}: ").bold = True
+        p.add_run(value)
+
+    doc.add_paragraph()
+    doc.add_heading("Supervision Summary", level=2)
+
+    for line in note_text.split("\n"):
+        line = line.strip()
+        if not line:
+            continue
+        if line.startswith("### "):
+            doc.add_heading(line[4:], level=3)
+        elif line.startswith("- "):
+            doc.add_paragraph(line[2:], style="List Bullet")
+        elif not line.startswith("## ") and not line.startswith("**Date"):
+            doc.add_paragraph(line)
+
+    doc.add_paragraph()
+    sig_p = doc.add_paragraph()
+    sig_p.add_run("Nurse signature: ").bold = True
+    sig_p.add_run("_________________________")
+
+    conf_p = doc.add_paragraph()
+    conf_p.add_run("Confirming PNA/Supervisor: ").bold = True
+    conf_p.add_run("_________________________")
+
+    doc.add_paragraph()
+    footer = doc.add_paragraph()
+    footer.alignment = WD_ALIGN_PARAGRAPH.CENTER
+    fr = footer.add_run(
+        "Contains public sector information licensed under the Open Government Licence v3.0 — NHS England."
+    )
+    fr.font.size = Pt(8)
+    fr.italic = True
+
+    buf = BytesIO()
+    doc.save(buf)
+    return buf.getvalue()

pna/prompts.py

@@ -0,0 +1,93 @@
+"""
+System prompts for the PNA Assistant.
+All A-EQUIP framework content is used under OGL v3.0 — NHS England.
+"""
+
+SYSTEM_PROMPT = """You are an educational AI assistant supporting nursing professionals in understanding
+and applying the A-EQUIP (Advocating and Educating for QUality ImProvement) model of clinical supervision,
+and the Professional Nurse Advocate (PNA) role in England's NHS.
+
+## Your Role
+You are a knowledgeable, warm, and reflective educational guide. You help nurses:
+- Understand the four functions of the A-EQUIP model
+- Prepare for and facilitate restorative clinical supervision
+- Develop their PNA practice
+- Reflect on clinical experiences using structured frameworks
+- Build quality improvement skills
+
+## The A-EQUIP Framework (your core knowledge)
+The four functions you educate nurses about:
+1. **Restorative** — Emotional support, wellbeing, and psychological safety. The "heart" of clinical supervision.
+2. **Normative** — Quality assurance, professional standards, accountability, and safety.
+3. **Formative** — Learning, development, reflection, and skill building.
+4. **Personal Action for Quality Improvement (PAQI)** — Empowering nurses to drive positive change.
+
+## Communication Style
+- Warm, encouraging, and non-judgmental — like a trusted senior colleague
+- Use open-ended, Socratic questions to promote reflection rather than giving direct answers
+- Keep responses concise: maximum 3 short paragraphs OR 6 bullet points
+- Always invite further reflection at the end of your response
+- Use inclusive language that respects all nursing specialisms: acute, community, mental health,
+  learning disabilities, paediatrics, older people, primary care, and beyond
+- Use person-first, strengths-based language
+
+## Reflective Frameworks You Can Use
+- **Gibbs Reflective Cycle** (1988): Description → Feelings → Evaluation → Analysis → Conclusion → Action plan
+- **Driscoll's Model**: What? → So What? → Now What?
+- **Johns' Model of Structured Reflection**: Aesthetic, personal, ethical, empirical, reflexive knowing
+- **SBAR**: Situation → Background → Assessment → Recommendation
+
+## Supervision Session Support
+When helping a nurse prepare for or debrief from a supervision session:
+1. Start with the restorative — how is the nurse feeling?
+2. Explore the normative — professional and safety dimensions
+3. Move to formative — what can be learned?
+4. Identify PAQI — what positive action will they take?
+
+## Boundaries
+- You are for EDUCATIONAL purposes only — not clinical advice, diagnosis, or treatment decisions
+- If a nurse describes a patient safety concern requiring immediate action, direct them to their line manager or Trust's incident reporting system
+- If a nurse expresses significant personal distress, acknowledge it warmly and signpost to their PNA, occupational health, or NHS Talking Therapies
+- Do not complete academic assignments for nurses — guide their thinking instead
+- Stay within PNA/A-EQUIP scope. For other topics: "I'm here to support your PNA and A-EQUIP learning. For [topic], I'd suggest speaking with [relevant person]."
+- Never claim to be a real PNA or replace human supervision
+
+## Knowledge Source
+Your responses draw on the NHS England A-EQUIP model guide and related professional resources.
+
+---
+Contains public sector information licensed under the Open Government Licence v3.0 — NHS England.
+This tool supports but does not replace clinical judgment or human supervision.
+"""
+
+SUPERVISION_SUMMARY_PROMPT = """Based on this supervision conversation, generate a structured supervision note
+that the nurse can save for their NMC revalidation portfolio.
+
+Format as:
+## Supervision Session Note
+**Date:** [today's date]
+**Framework:** A-EQUIP Model
+
+### Restorative
+[Key themes from emotional/wellbeing discussion]
+
+### Normative
+[Professional standards or quality issues explored]
+
+### Formative
+[Learning identified and development goals]
+
+### Personal Action for Quality Improvement (PAQI)
+[Specific actions the nurse will take]
+
+### Reflection Summary
+[2-3 sentences summarising the session's key insights]
+
+### NMC Revalidation Evidence
+- Type of CPD: Restorative clinical supervision (A-EQUIP model)
+- Estimated hours: [derive from conversation length]
+- NMC Standards: Platform 1 (Being an accountable professional), Platform 6 (Improving safety and quality)
+
+---
+Contains public sector information licensed under the Open Government Licence v3.0 — NHS England.
+This note supports but does not replace formal supervision documentation required by your employer."""

pna/rag.py

@@ -0,0 +1,87 @@
+"""
+RAG (Retrieval-Augmented Generation) knowledge base for A-EQUIP guide.
+Uses sentence-transformers + FAISS for semantic search.
+Adapted from original knowledge_base.py — MIT Licensed.
+"""
+import os
+import re
+import numpy as np
+from pathlib import Path
+
+# Lazy imports — don't fail on import if not installed
+_encoder = None
+_faiss = None
+
+
+def _get_encoder():
+    global _encoder
+    if _encoder is None:
+        from sentence_transformers import SentenceTransformer
+        _encoder = SentenceTransformer("all-MiniLM-L6-v2", device="cpu")
+    return _encoder
+
+
+def _get_faiss():
+    global _faiss
+    if _faiss is None:
+        import faiss
+        _faiss = faiss
+    return _faiss
+
+
+class PNAKnowledgeBase:
+    """FAISS-backed semantic search over A-EQUIP model guide."""
+
+    def __init__(self, guide_path: str | None = None):
+        self.chunks: list[str] = []
+        self.index = None
+
+        if guide_path is None:
+            # Default: look relative to this file
+            here = Path(__file__).parent.parent
+            candidates = [
+                here / "assets" / "aequip_guide.md",
+                here / "Professional nurse advocate A-EQUIP model Guide.md",
+            ]
+            for c in candidates:
+                if c.exists():
+                    guide_path = str(c)
+                    break
+
+        if guide_path and os.path.exists(guide_path):
+            self._build_index(guide_path)
+            print(f"[RAG] Loaded {len(self.chunks)} chunks from {guide_path}")
+        else:
+            print("[RAG] No guide found — running without RAG context")
+
+    def _build_index(self, path: str):
+        with open(path, encoding="utf-8") as f:
+            content = f.read()
+
+        # Split on double newlines, keep chunks > 60 chars
+        raw = re.split(r"\n{2,}", content)
+        self.chunks = [c.strip() for c in raw if len(c.strip()) > 60]
+
+        if not self.chunks:
+            return
+
+        encoder = _get_encoder()
+        faiss = _get_faiss()
+
+        embeddings = encoder.encode(self.chunks, show_progress_bar=False)
+        dim = embeddings.shape[1]
+        self.index = faiss.IndexFlatL2(dim)
+        self.index.add(np.array(embeddings, dtype="float32"))
+
+    def search(self, query: str, top_k: int = 3) -> str:
+        """Return relevant context chunks for a query."""
+        if self.index is None or not self.chunks:
+            return ""
+
+        encoder = _get_encoder()
+        qvec = encoder.encode([query])
+        distances, indices = self.index.search(
+            np.array(qvec, dtype="float32"), top_k
+        )
+        results = [self.chunks[i] for i in indices[0] if i != -1]
+        return "\n\n---\n\n".join(results)

requirements.txt

@@ -0,0 +1,7 @@
+streamlit>=1.35.0
+anthropic>=0.40.0
+sentence-transformers>=3.0.0
+faiss-cpu>=1.8.0
+numpy>=1.26.0
+python-docx>=1.1.0
+python-dotenv>=1.0.0

streamlit_app.py

@@ -0,0 +1,398 @@
+"""
+Professional Nurse Advocate Assistant — SaaS Edition
+Powered by Claude claude-opus-4-6 | A-EQUIP Model | NHS OGL v3.0
+
+Architecture:
+- BYOK (Bring Your Own Key) — user enters Anthropic API key (Free tier)
+- Pro subscription via Stripe — unlocks session history, exports, and CPD logging
+- AWS-ready: runs in Docker on EC2, auth via Cognito (Phase 2)
+"""
+
+import streamlit as st
+from datetime import date
+import os
+
+from pna.rag import PNAKnowledgeBase
+from pna.claude_client import stream_response, generate_supervision_note
+from pna.export import build_supervision_docx, build_cpd_docx, HAS_DOCX
+
+# ─── Page config ─────────────────────────────────────────────────────────────
+
+st.set_page_config(
+    page_title="PNA Assistant | Professional Nurse Advocate",
+    page_icon="👨🏾‍⚕️",
+    layout="wide",
+    initial_sidebar_state="expanded",
+)
+
+# ─── Stripe config (replace with your real Stripe Payment Links) ──────────────
+
+STRIPE_PRO_LINK    = os.getenv("STRIPE_PRO_LINK",    "https://buy.stripe.com/14A28t0P99Qmdph8v68og00")
+STRIPE_INSTITUTION = os.getenv("STRIPE_INSTITUTION",  "https://buy.stripe.com/9B63cxfK3d2y3OHbHi8og01")
+
+# ─── Custom CSS ──────────────────────────────────────────────────────────────
+
+st.markdown("""
+<style>
+@import url('https://fonts.googleapis.com/css2?family=Fraunces:wght@600;700&family=Inter:wght@400;500;600&display=swap');
+
+html, body, [class*="css"] { font-family: 'Inter', sans-serif; }
+
+.hero-header {
+    background: linear-gradient(135deg, #1a2460 0%, #2d3da0 60%, #0d9488 100%);
+    padding: 2rem 2rem 1.5rem;
+    border-radius: 12px;
+    margin-bottom: 1.5rem;
+    color: white;
+}
+.hero-header h1 {
+    font-family: 'Fraunces', serif;
+    font-size: 2rem;
+    margin: 0 0 0.25rem 0;
+    color: white;
+}
+.hero-header p { margin: 0; opacity: 0.85; font-size: 1rem; }
+
+.pill {
+    display: inline-block;
+    background: rgba(255,255,255,0.15);
+    border: 1px solid rgba(255,255,255,0.25);
+    border-radius: 99px;
+    padding: 0.2rem 0.75rem;
+    font-size: 0.8rem;
+    margin-top: 0.75rem;
+}
+
+.tier-card {
+    border: 2px solid #e5e7eb;
+    border-radius: 12px;
+    padding: 1.25rem;
+    text-align: center;
+    background: white;
+}
+.tier-card.pro { border-color: #4f63d2; }
+
+.disclaimer {
+    background: #f8fafc;
+    border: 1px solid #e2e8f0;
+    border-radius: 8px;
+    padding: 0.75rem 1rem;
+    font-size: 0.8rem;
+    color: #64748b;
+    margin-top: 1rem;
+}
+
+.ogl-notice {
+    font-size: 0.7rem;
+    color: #94a3b8;
+    margin-top: 0.5rem;
+}
+
+[data-testid="stChatMessage"] { border-radius: 12px; }
+</style>
+""", unsafe_allow_html=True)
+
+# ─── Session state defaults ───────────────────────────────────────────────────
+
+defaults = {
+    "messages": [],
+    "api_key": "",
+    "subscription": "free",   # free | pro | institution
+    "nurse_name": "",
+    "session_started": None,
+    "rag_loaded": False,
+    "kb": None,
+}
+for k, v in defaults.items():
+    if k not in st.session_state:
+        st.session_state[k] = v
+
+# ─── Load RAG knowledge base (cached) ────────────────────────────────────────
+
+@st.cache_resource(show_spinner="Loading A-EQUIP knowledge base…")
+def load_knowledge_base():
+    return PNAKnowledgeBase()
+
+kb = load_knowledge_base()
+
+# ─── Sidebar ─────────────────────────────────────────────────────────────────
+
+with st.sidebar:
+    st.markdown("### 👨🏾‍⚕️ PNA Assistant")
+    st.caption("A-EQUIP Model | Restorative Supervision")
+    st.divider()
+
+    # ── API Key (BYOK) ────────────────────────────────────────────────────────
+    st.markdown("#### 🔑 Your Anthropic API Key")
+    api_key_input = st.text_input(
+        "Enter key to activate",
+        type="password",
+        value=st.session_state.api_key,
+        placeholder="sk-ant-api03-...",
+        help="Your key is used only for this session. Never stored."
+    )
+    if api_key_input:
+        st.session_state.api_key = api_key_input
+        st.success("✅ Key entered")
+
+    st.caption(
+        "[Get a free API key →](https://console.anthropic.com) "
+        "· Costs ~£0.01 per conversation"
+    )
+
+    st.divider()
+
+    # ── Subscription ───────────────────────────────���──────────────────────────
+    st.markdown("#### 💳 Subscription")
+    sub = st.session_state.subscription
+
+    if sub == "free":
+        st.info("**Free tier** — BYOK, unlimited chat")
+        st.markdown(
+            f"[⭐ Upgrade to Pro — £9.99/mo]({STRIPE_PRO_LINK})",
+            unsafe_allow_html=False,
+        )
+        with st.expander("What's in Pro?"):
+            st.markdown("""
+- 💾 Save session history
+- 📄 Download supervision notes (.docx)
+- 📋 NMC CPD log export (.docx)
+- 📧 Monthly PNA newsletter
+- 🏫 [Institution plan — £99/mo]({})
+""".format(STRIPE_INSTITUTION))
+        # Manual activation after Stripe payment
+        act_code = st.text_input("Activation code (from email after payment)")
+        if act_code and act_code.startswith("PNA-PRO-"):
+            st.session_state.subscription = "pro"
+            st.success("Pro activated! 🎉")
+            st.rerun()
+
+    elif sub in ("pro", "institution"):
+        label = "⭐ Pro" if sub == "pro" else "🏫 Institution"
+        st.success(f"{label} — Active")
+        if st.button("Manage subscription (Stripe)"):
+            st.markdown(f"[Open Stripe portal →]({STRIPE_PRO_LINK})")
+
+    st.divider()
+
+    # ── Nurse info (Pro only) ─────────────────────────────────────────────────
+    if sub in ("pro", "institution"):
+        st.markdown("#### 📋 Your Details")
+        st.session_state.nurse_name = st.text_input(
+            "Your name (for CPD records)",
+            value=st.session_state.nurse_name,
+            placeholder="Nurse Jane Smith",
+        )
+        cpd_hours = st.number_input(
+            "Session length (hours)", min_value=0.5, max_value=8.0,
+            value=1.0, step=0.5
+        )
+        st.divider()
+
+    # ── Session controls ──────────────────────────────────────────────────────
+    st.markdown("#### 🔄 Session")
+    col1, col2 = st.columns(2)
+    with col1:
+        if st.button("🗑️ Clear chat", use_container_width=True):
+            st.session_state.messages = []
+            st.session_state.session_started = None
+            st.rerun()
+    with col2:
+        if st.button("📋 New session", use_container_width=True):
+            st.session_state.messages = []
+            st.session_state.session_started = date.today().isoformat()
+            st.rerun()
+
+    # ── Exports (Pro only) ────────────────────────────────────────────────────
+    if sub in ("pro", "institution") and st.session_state.messages:
+        st.divider()
+        st.markdown("#### 📥 Export")
+
+        if st.button("📄 Generate supervision note", use_container_width=True):
+            if not st.session_state.api_key:
+                st.error("Please enter your API key first.")
+            else:
+                with st.spinner("Generating note with Claude…"):
+                    note = generate_supervision_note(
+                        st.session_state.api_key,
+                        st.session_state.messages,
+                    )
+                    st.session_state["last_note"] = note
+
+        if "last_note" in st.session_state:
+            note = st.session_state["last_note"]
+            st.text_area("Supervision note preview", note, height=200)
+
+            if HAS_DOCX:
+                docx_bytes = build_supervision_docx(
+                    note, st.session_state.nurse_name
+                )
+                if docx_bytes:
+                    st.download_button(
+                        "⬇️ Download as .docx",
+                        data=docx_bytes,
+                        file_name=f"PNA_Supervision_{date.today()}.docx",
+                        mime="application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+                        use_container_width=True,
+                    )
+
+                cpd_bytes = build_cpd_docx(
+                    note,
+                    st.session_state.nurse_name,
+                    cpd_hours if "cpd_hours" in dir() else 1.0,
+                )
+                if cpd_bytes:
+                    st.download_button(
+                        "⬇️ Download CPD Record (.docx)",
+                        data=cpd_bytes,
+                        file_name=f"NMC_CPD_{date.today()}.docx",
+                        mime="application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+                        use_container_width=True,
+                    )
+            else:
+                st.download_button(
+                    "⬇️ Download as .txt",
+                    data=note,
+                    file_name=f"PNA_Supervision_{date.today()}.txt",
+                    mime="text/plain",
+                    use_container_width=True,
+                )
+
+    st.divider()
+    st.markdown(
+        '<p class="ogl-notice">Contains public sector information licensed under the '
+        '<a href="https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/" '
+        'target="_blank">Open Government Licence v3.0</a> — NHS England.</p>',
+        unsafe_allow_html=True,
+    )
+
+# ─── Main content ─────────────────────────────────────────────────────────────
+
+# Hero header
+st.markdown("""
+<div class="hero-header">
+    <h1>👨🏾‍⚕️ Professional Nurse Advocate Assistant</h1>
+    <p>Your AI guide to the A-EQUIP model, restorative supervision, and quality improvement</p>
+    <span class="pill">🇬🇧 NHS England · A-EQUIP Model · NMC Standards</span>
+    <span class="pill">OGL v3.0</span>
+</div>
+""", unsafe_allow_html=True)
+
+# Welcome / quick start (only when no messages yet)
+if not st.session_state.messages:
+    col1, col2, col3 = st.columns(3)
+    with col1:
+        st.markdown("""
+**🌿 Restorative Supervision**
+Start a reflective conversation to process the emotional impact of your clinical work.
+""")
+    with col2:
+        st.markdown("""
+**📚 A-EQUIP Learning**
+Ask about any of the four A-EQUIP functions or explore the PNA role in depth.
+""")
+    with col3:
+        st.markdown("""
+**✅ PAQI Planning**
+Get support developing your Personal Action for Quality Improvement.
+""")
+
+    st.markdown("#### 💬 Try asking…")
+    examples = [
+        "What is the A-EQUIP model and why does it matter for nurses?",
+        "I've had a really difficult week on the ward. I don't know where to start.",
+        "How do I facilitate a restorative supervision session for the first time?",
+        "What does a PNA actually do day-to-day?",
+        "Help me reflect on a challenging patient interaction using Gibbs cycle.",
+        "What's the difference between the normative and formative functions?",
+    ]
+
+    cols = st.columns(2)
+    for i, ex in enumerate(examples):
+        with cols[i % 2]:
+            if st.button(ex, key=f"ex_{i}", use_container_width=True):
+                st.session_state.messages.append({"role": "user", "content": ex})
+                st.rerun()
+
+# ─── Chat history ─────────────────────────────────────────────────────────────
+
+for msg in st.session_state.messages:
+    with st.chat_message(msg["role"],
+                         avatar="👩‍⚕️" if msg["role"] == "user" else "👨🏾‍⚕️"):
+        st.markdown(msg["content"])
+
+# ─── Chat input ───────────────────────────────────────────────────────────────
+
+prompt = st.chat_input(
+    "Ask me about A-EQUIP, restorative supervision, or the PNA role…",
+    disabled=not st.session_state.api_key,
+)
+
+if not st.session_state.api_key:
+    st.info(
+        "👈 Enter your Anthropic API key in the sidebar to start chatting. "
+        "[Get a free key →](https://console.anthropic.com)"
+    )
+
+if prompt and st.session_state.api_key:
+    # Record session start time
+    if st.session_state.session_started is None:
+        st.session_state.session_started = date.today().isoformat()
+
+    # Add user message
+    st.session_state.messages.append({"role": "user", "content": prompt})
+    with st.chat_message("user", avatar="👩‍⚕️"):
+        st.markdown(prompt)
+
+    # Get RAG context
+    context = kb.search(prompt) if kb.index is not None else ""
+
+    # Stream response
+    with st.chat_message("assistant", avatar="👨🏾‍⚕️"):
+        response_placeholder = st.empty()
+        full_response = ""
+
+        try:
+            for chunk in stream_response(
+                api_key=st.session_state.api_key,
+                history=st.session_state.messages[:-1],
+                user_message=prompt,
+                context=context,
+            ):
+                full_response += chunk
+                response_placeholder.markdown(full_response + "▋")
+
+            response_placeholder.markdown(full_response)
+
+        except Exception as e:
+            err = str(e)
+            if "authentication" in err.lower() or "api_key" in err.lower():
+                full_response = "❌ Invalid API key. Please check your key in the sidebar."
+            elif "rate" in err.lower():
+                full_response = "⏳ Rate limit reached. Please wait a moment and try again."
+            else:
+                full_response = f"❌ An error occurred: {err}"
+            response_placeholder.error(full_response)
+
+    st.session_state.messages.append(
+        {"role": "assistant", "content": full_response}
+    )
+
+# ─── Footer ──────────���────────────────────────────────────────────────────────
+
+st.divider()
+st.markdown("""
+<div class="disclaimer">
+⚠️ <strong>Clinical Disclaimer:</strong> This tool is for educational purposes only.
+It does not provide clinical advice, diagnosis, or treatment recommendations.
+It is not a replacement for human supervision or your employer's formal clinical governance processes.
+If you are experiencing a clinical emergency or safeguarding concern, follow your Trust's protocols immediately.
+<br/><br/>
+<span class="ogl-notice">
+Contains public sector information licensed under the
+<a href="https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/" target="_blank">Open Government Licence v3.0</a> — NHS England.
+Built by <a href="https://nursingcitizendevelopment.com" target="_blank">Lincoln Gombedza</a> · CQAI ·
+<a href="https://github.com/Clinical-Quality-Artifical-Intelligence/Professional-Nurse-Advocate-Assistant" target="_blank">Open Source</a>
+</span>
+</div>
+""", unsafe_allow_html=True)

webhook.py

@@ -0,0 +1,230 @@
+"""
+PNA Assistant — Stripe Webhook Handler
+POST /webhook  →  Stripe sends checkout.session.completed events here
+                 →  We generate a PNA-PRO-XXXXX code and email it to the customer
+
+Run standalone:  uvicorn webhook:app --host 0.0.0.0 --port 8080
+In Docker:       separate service in docker-compose.yml
+"""
+
+import hashlib
+import hmac
+import json
+import logging
+import os
+import random
+import string
+from datetime import datetime, timezone
+from pathlib import Path
+
+import boto3
+from botocore.exceptions import ClientError
+from fastapi import FastAPI, HTTPException, Request
+from fastapi.responses import JSONResponse
+
+# ─── Config ──────────────────────────────────────────────────────────────────
+
+STRIPE_WEBHOOK_SECRET = os.getenv("STRIPE_WEBHOOK_SECRET", "")
+AWS_REGION            = os.getenv("AWS_REGION", "eu-west-2")
+SES_FROM_EMAIL        = os.getenv("SES_FROM_EMAIL", "lincoln@clinyqai.com")
+
+# Where we persist issued codes (append-only JSONL)
+CODES_LOG = Path("/app/codes.jsonl")
+
+logging.basicConfig(level=logging.INFO)
+log = logging.getLogger("pna-webhook")
+
+app = FastAPI(title="PNA Assistant Webhook", docs_url=None, redoc_url=None)
+
+# ─── Helpers ─────────────────────────────────────────────────────────────────
+
+def _generate_code(tier: str = "PRO") -> str:
+    """Generate a unique activation code e.g. PNA-PRO-A7K2M9"""
+    suffix = "".join(random.choices(string.ascii_uppercase + string.digits, k=6))
+    return f"PNA-{tier}-{suffix}"
+
+
+def _verify_stripe_signature(payload: bytes, sig_header: str, secret: str) -> bool:
+    """
+    Validate Stripe-Signature header.
+    Stripe uses HMAC-SHA256 with the raw request body.
+    """
+    if not secret:
+        log.warning("STRIPE_WEBHOOK_SECRET not set — skipping signature verification")
+        return True  # dev mode only; set the secret in production
+
+    try:
+        parts = {k: v for part in sig_header.split(",") for k, v in [part.split("=", 1)]}
+        timestamp = parts.get("t", "")
+        v1_sig    = parts.get("v1", "")
+        signed_payload = f"{timestamp}.".encode() + payload
+        expected = hmac.new(
+            secret.encode(),
+            signed_payload,
+            hashlib.sha256,
+        ).hexdigest()
+        return hmac.compare_digest(expected, v1_sig)
+    except Exception as exc:
+        log.error("Signature verification error: %s", exc)
+        return False
+
+
+def _log_code(email: str, code: str, plan: str, session_id: str) -> None:
+    """Append issued code to local JSONL log for admin audit trail."""
+    CODES_LOG.parent.mkdir(parents=True, exist_ok=True)
+    record = {
+        "ts":         datetime.now(timezone.utc).isoformat(),
+        "email":      email,
+        "code":       code,
+        "plan":       plan,
+        "session_id": session_id,
+    }
+    with CODES_LOG.open("a") as f:
+        f.write(json.dumps(record) + "\n")
+    log.info("Code issued: %s → %s (%s)", email, code, plan)
+
+
+def _send_activation_email(email: str, code: str, plan: str) -> bool:
+    """
+    Send activation code to customer via Amazon SES.
+    Returns True if sent, False on error.
+    """
+    label     = "Pro" if plan == "PRO" else "Institution"
+    price     = "£9.99/month" if plan == "PRO" else "£99/month"
+    body_html = f"""
+<!DOCTYPE html>
+<html>
+<body style="font-family:Inter,sans-serif;max-width:600px;margin:0 auto;padding:2rem;color:#1e293b">
+  <div style="background:linear-gradient(135deg,#1a2460,#0d9488);padding:2rem;border-radius:12px;margin-bottom:2rem">
+    <h1 style="color:white;font-size:1.5rem;margin:0">👨🏾‍⚕️ PNA Assistant</h1>
+    <p style="color:rgba(255,255,255,0.85);margin:0.5rem 0 0">
+      Professional Nurse Advocate AI — {label} Plan
+    </p>
+  </div>
+
+  <p>Thank you for subscribing to PNA Assistant <strong>{label}</strong> ({price}).</p>
+
+  <p>Your activation code is:</p>
+
+  <div style="background:#f0fdf4;border:2px solid #0d9488;border-radius:12px;padding:1.5rem;text-align:center;margin:1.5rem 0">
+    <span style="font-family:monospace;font-size:1.75rem;font-weight:700;color:#0d9488;letter-spacing:0.1em">
+      {code}
+    </span>
+  </div>
+
+  <p><strong>How to activate:</strong></p>
+  <ol>
+    <li>Go to <a href="https://pna.nursingcitizendevelopment.com">pna.nursingcitizendevelopment.com</a></li>
+    <li>Open the sidebar and find <em>Subscription</em></li>
+    <li>Paste your code in the <em>Activation code</em> box</li>
+    <li>Click Enter — your {label} features will unlock immediately</li>
+  </ol>
+
+  <p>Your {label} plan includes:</p>
+  <ul>
+    <li>📄 Download supervision notes (.docx)</li>
+    <li>📋 NMC revalidation CPD log export (.docx)</li>
+    <li>💾 Save and resume sessions</li>
+    <li>📧 Monthly PNA newsletter</li>
+    {"<li>🏫 Multi-user access</li><li>🎨 Custom branding</li>" if plan == "INST" else ""}
+  </ul>
+
+  <p style="font-size:0.875rem;color:#64748b">
+    If you have any questions, reply to this email or contact
+    <a href="mailto:lincoln@clinyqai.com">lincoln@clinyqai.com</a>.<br><br>
+    This tool is for educational purposes only and does not replace clinical supervision
+    or your employer's formal governance processes.<br><br>
+    Contains public sector information licensed under the
+    <a href="https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/">
+      Open Government Licence v3.0
+    </a> — NHS England.
+  </p>
+</body>
+</html>
+"""
+    body_text = (
+        f"Thank you for subscribing to PNA Assistant {label} ({price}).\n\n"
+        f"Your activation code is: {code}\n\n"
+        "To activate:\n"
+        "1. Go to pna.nursingcitizendevelopment.com\n"
+        "2. Open the sidebar → Subscription\n"
+        "3. Paste your code in the Activation code box\n\n"
+        "Questions? Email lincoln@clinyqai.com"
+    )
+
+    try:
+        ses = boto3.client("ses", region_name=AWS_REGION)
+        ses.send_email(
+            Source      = f"PNA Assistant <{SES_FROM_EMAIL}>",
+            Destination = {"ToAddresses": [email]},
+            Message     = {
+                "Subject": {"Data": f"Your PNA Assistant {label} activation code 🎉"},
+                "Body": {
+                    "Text": {"Data": body_text},
+                    "Html": {"Data": body_html},
+                },
+            },
+        )
+        log.info("Activation email sent to %s", email)
+        return True
+    except ClientError as exc:
+        log.error("SES send failed: %s", exc.response["Error"]["Message"])
+        return False
+    except Exception as exc:
+        log.error("Email error: %s", exc)
+        return False
+
+
+# ─── Routes ──────────────────────────────────────────────────────────────────
+
+@app.get("/health")
+async def health():
+    return {"status": "ok"}
+
+
+@app.post("/webhook")
+async def stripe_webhook(request: Request):
+    payload    = await request.body()
+    sig_header = request.headers.get("Stripe-Signature", "")
+
+    # 1. Verify Stripe signature
+    if not _verify_stripe_signature(payload, sig_header, STRIPE_WEBHOOK_SECRET):
+        log.warning("Invalid Stripe signature — rejected")
+        raise HTTPException(status_code=400, detail="Invalid signature")
+
+    # 2. Parse event
+    try:
+        event = json.loads(payload)
+    except json.JSONDecodeError:
+        raise HTTPException(status_code=400, detail="Invalid JSON")
+
+    event_type = event.get("type", "")
+    log.info("Received Stripe event: %s", event_type)
+
+    # 3. Handle checkout completion
+    if event_type == "checkout.session.completed":
+        session    = event["data"]["object"]
+        email      = session.get("customer_details", {}).get("email") or session.get("customer_email")
+        amount     = session.get("amount_total", 0)      # pence/cents
+        session_id = session.get("id", "unknown")
+
+        if not email:
+            log.warning("No email in session %s — cannot send code", session_id)
+            return JSONResponse({"received": True, "warning": "no_email"})
+
+        # Determine tier from amount (999 = £9.99, 9900 = £99.00)
+        tier  = "INST" if amount >= 9900 else "PRO"
+        code  = _generate_code(tier)
+
+        # 4. Log the code (always)
+        _log_code(email, code, tier, session_id)
+
+        # 5. Email the customer
+        sent = _send_activation_email(email, code, tier)
+        if not sent:
+            log.warning(
+                "SES send failed for %s — code %s logged to %s",
+                email, code, CODES_LOG,
+            )
+
+    return JSONResponse({"received": True})