Keysat
0ae59f3550
Introduces RECAP_MODE=multi alongside single-mode self-host: - Tenant auth + accounts (magic-link via System SMTP), per-tenant credit pool, anonymous trial minting with per-IP/-64 caps - Self-serve Pro/Max purchase: inline Lightning (BTCPay) + card (Zaprite), prepaid 30-day periods, expiry-reminder emails - Core-decoupling: relay owns cloud tier/expiry keyed by Recaps user-id - SQLite (better-sqlite3) schema for multi-mode; filesystem unchanged for single - StartOS actions/versions through 0.2.155
14 lines
1.3 KiB
TypeScript
14 lines
1.3 KiB
TypeScript
import { VersionInfo } from '@start9labs/start-sdk'
|
|
|
|
export const v_0_2_104 = VersionInfo.of({
|
|
version: '0.2.104:0',
|
|
releaseNotes: {
|
|
en_US:
|
|
"Magic-link signup now reliably transfers anon credits even across cookie jars. The anon trial cookie is now captured server-side at /auth/request-link time and stored alongside the magic-link token in a new magic_link_tokens.trial_cookie_id column (added in-place on existing installs via migration). At /auth/verify the linker reads the trial cookie ID directly from the token row instead of from the verify request's cookies — so it doesn't matter if the magic-link click lands in Safari Private mode, an in-app email webview, or a different browser entirely. The cookie ID is never put in the URL (would leak to anyone who saw the email); only the random token is. The req.cookies path is kept as a fallback for old tokens from before this column existed and for any edge case where request-link didn't capture it. The manual 'Claim a previous purchase' UI from v0.2.103 stays as a belt-and-suspenders for users who clear cookies between request-link and verify, or whose purchase predates their signup intent entirely.",
|
|
},
|
|
migrations: {
|
|
up: async ({ effects }) => {},
|
|
down: async ({ effects }) => {},
|
|
},
|
|
})
|