alvis/oO
1
0
Fork 0
Code Issues 34 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: complete M0 — legal pages, consent, tip_views metrics, account deletion UI

Browse Source 
- /legal/terms and /legal/privacy pages (linked from sign-in)
- Consent (consentGiven=true) recorded on first Google sign-in
- tip_views table: one row per tip served — enables activation + reaction rate queries
- tip_views purged on account deletion
- Delete account button on /connect (confirm → revoke tokens → purge data → sign out)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
alvis
2026-04-15 09:09:08 +00:00
parent 888f8b9a99
commit f6c890213b
18 changed files with 438 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
services/api/src/db/schema.ts
View File

@@ -31,6 +31,14 @@ export const tipFeedback = sqliteTable('tip_feedback', {
createdAt: text('created_at').notNull(),
});
// Each row = one tip served. Join with tipFeedback on tipId to compute reaction rate + dwell.
export const tipViews = sqliteTable('tip_views', {
id: text('id').primaryKey(),
userId: text('user_id').notNull().references(() => users.id),
tipId: text('tip_id').notNull(),
servedAt: text('served_at').notNull(),
});
export const sessions = sqliteTable('sessions', {
id: text('id').primaryKey(),
userId: text('user_id').notNull().references(() => users.id),

2
services/api/src/routes/auth.ts
View File

@@ -103,7 +103,7 @@ router.get('/callback', async (req: Request, res: Response) => {
if (!user) {
const id = nanoid();
await db.insert(users).values({ id, email, name, image, googleId, createdAt: now });
await db.insert(users).values({ id, email, name, image, googleId, createdAt: now, consentGiven: true, consentAt: now });
[user] = await db.select().from(users).where(eq(users.id, id)).limit(1);
}

10
services/api/src/routes/recommender.ts
View File

@@ -1,7 +1,7 @@
import { type Router as ExpressRouter, Router, Response } from 'express';
import { nanoid } from 'nanoid';
import { db } from '../db/index.js';
import { integrationTokens, tipFeedback } from '../db/schema.js';
import { integrationTokens, tipFeedback, tipViews } from '../db/schema.js';
import { eq, and } from 'drizzle-orm';
import { requireAuth, AuthenticatedRequest } from '../middleware/session.js';
import type { Tip } from '@oo/shared-types';
@@ -72,6 +72,14 @@ router.post('/recommend', requireAuth, async (req: AuthenticatedRequest, res: Re
return;
}
// Record metric: tip served
await db.insert(tipViews).values({
id: nanoid(),
userId: req.userId!,
tipId: tip.id,
servedAt: new Date().toISOString(),
});
res.json({ tip });
});

3
services/api/src/routes/user.ts
View File

@@ -1,6 +1,6 @@
import { type Router as ExpressRouter, Router, Response } from 'express';
import { db } from '../db/index.js';
import { users, integrationTokens, tipFeedback, sessions } from '../db/schema.js';
import { users, integrationTokens, tipFeedback, tipViews, sessions } from '../db/schema.js';
import { eq } from 'drizzle-orm';
import { requireAuth, AuthenticatedRequest } from '../middleware/session.js';
@@ -54,6 +54,7 @@ router.delete('/me', requireAuth, async (req: AuthenticatedRequest, res: Respons
// Delete cascade
await db.delete(integrationTokens).where(eq(integrationTokens.userId, userId));
await db.delete(tipFeedback).where(eq(tipFeedback.userId, userId));
await db.delete(tipViews).where(eq(tipViews.userId, userId));
await db.delete(sessions).where(eq(sessions.userId, userId));
// Soft-delete user (GDPR: keep audit trail row without PII)