orion

Files

Samir Boulahtit cff0af31be feat(hosting): signed preview URLs for POC sites

Replace the standalone POC viewer (duplicate rendering) with signed
JWT preview tokens that bypass StorefrontAccessMiddleware:

Architecture:
1. Admin clicks Preview → route generates signed JWT
2. Redirects to /storefront/{subdomain}/homepage?_preview=token
3. Middleware validates token signature + expiry + store_id
4. Sets request.state.is_preview = True, skips subscription check
5. Full storefront renders with HostWizard preview banner injected

New files:
- app/core/preview_token.py: create_preview_token/verify_preview_token

Changes:
- middleware/storefront_access.py: preview token bypass before sub check
- storefront/base.html: preview banner injection via is_preview state
- hosting/routes/pages/public.py: redirect with signed token (was direct render)
- hosting/routes/api/admin_sites.py: GET /sites/{id}/preview-url endpoint

Removed:
- hosting/templates/hosting/public/poc-viewer.html (replaced by storefront)

Benefits: one rendering path, all section types work, shareable 24h links.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-02 22:41:34 +02:00

__init__.py

…

build_info.py

feat: add build info (commit SHA + deploy timestamp) to health endpoint and admin sidebar

2026-03-18 22:35:01 +01:00

celery_config.py

fix(ops): rebalance container memory limits to prevent celery OOM kills

2026-03-01 22:15:35 +01:00

config.py

feat(config): add APP_BASE_URL setting for outbound link construction

2026-03-29 21:43:36 +02:00