Production hardening: JWT blacklist, TOTP, Pydantic schemas, Prometheus, SSRF fix, CSP, Redis auth, Celery backup β 35 items across P0-P5
131d826
AuthorBotcommited on
Enforce strict SuperAdmin vs Author panel separation.
6e276e0
AuthorBotCursorcommited on
Fix token display for unsubscribed authors and add SuperAdmin author removal.
cf196a9
AuthorBotCursorcommited on
Unify token tracking, smart links, and personality settings across admin and chat.
a825fee
AuthorBotCursorcommited on
fix: naive vs aware datetime error in grants/extend/embed-token, grant button loading state + 15s timeout + token display modal
7e0e662
AuthorBotcommited on
feat: Per-user auto embed token, full Token Management SA page, fix extend on expired subs, add /grants + /reset-tokens + /embed-token endpoints
8916c9a
AuthorBotcommited on
Fix 500 errors: analytics/funnel used non-existent event_type, analytics/intents used non-existent metadata_json. Add defensive JSON parsing to all API helpers to prevent 'Unexpected token' errors
8ef4618
AuthorBotcommited on
Phase 1.2+5.1+6.2+6.5: Book cover upload with resizing, conversion funnel analytics, intent distribution, backup system, CI/CD pipeline
e00a1e3
AuthorBotcommited on
Fix critical bugs: remove duplicate showModal/closeModal override, fix FastAPI route ordering conflicts (sessions/search before sessions/{id}, qa/import+export before qa/{id}), add missing visitor_name/turn_count to session list response
e759455
AuthorBotcommited on
Phase 1: Add Conversations Viewer, Custom Q&A Manager, Export Center β 15 new API endpoints, 3 new admin pages, CustomQA model, message annotations, flagging, search, CSV import/export
d09ea19
AuthorBotcommited on
Deep audit fix: add missing model columns (blocked, rating, tokens_used, out_of_scope_message, buy_url, preview_url), fix .get() calls, fix ingest doc creation, add track-click endpoint, add column migrations, fix email crash, fix audit log field names, enrich superadmin author list
868f634
AuthorBotcommited on
Wire all frontend features to real backend APIs: widget-config, profile, personality, notifications, smart-links, token-usage, grant-by-email, fix password endpoint
23cc545
AuthorBotcommited on
Fix: analytics uses AnalyticsEvent.timestamp not created_at; fix security import