Phase 4 Contributions (Agent Golf):
- Module auto-installation service (module_installer.rs)
- NATS subject pattern for module installation commands
- Companion agent contract documentation
- API endpoint: POST /api/modules/install
Phase 5 XO Direct Touch:
- Webstore subscription API (PayPal recurring billing)
* POST /api/webstore/subscription/create
* GET /api/webstore/subscription
* POST /api/webstore/subscription/cancel
* POST /api/webstore/subscription/webhook
- Store configuration API (CRUD for store settings)
* GET /api/webstore/config
* PUT /api/webstore/config
- Store category/item management APIs (multi-tenant CRUD)
* GET/POST/PUT/DELETE /api/webstore/categories
* GET/POST/PUT/DELETE /api/webstore/items
- Public store API (customer-facing, subdomain-scoped)
* GET /api/public-store/:subdomain
* GET /api/public-store/:subdomain/items
* POST /api/public-store/:subdomain/purchase
* POST /api/public-store/:subdomain/webhook
- Transaction history API
* GET /api/webstore/transactions
- Delivery system (NATS command execution on purchase)
- Migrations: payment_orders, webstore_subscriptions, store_config, store_items, store_transactions
Security:
- JWT auth + license_id scoping on admin endpoints
- Subdomain → license_id mapping on public endpoints
- Purchase limit enforcement
- Command injection prevention via placeholder replacement
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Build complete module activation and license-module binding system with
marketplace catalog, purchase tracking, and installation status monitoring.
Database schema (migration 009):
- modules table — Registry with pricing, features, plugin URLs
- module_purchases — License-module ownership with transaction logging
- module_installations — Deployment status tracking
- Seed data: Loot Manager module ($9.99)
Backend implementation:
- Domain models with rust_decimal pricing support
- 11 data access functions (catalog, ownership, purchases, installation)
- 5 REST endpoints with JWT auth and license scoping
- Multi-tenant enforcement via license_id from claims
Purchase flow stub:
- Immediate purchase recording without payment gateway
- PayPal integration deferred to XO's direct implementation
- Transaction ID and amount fields ready for real gateway
Module installation:
- Integration with ModuleInstaller service
- NATS-based deployment to companion agent
- Real-time status tracking via polling endpoint
All queries compile-time verified. Zero cross-tenant exposure.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
lettre defaults pull in native-tls which conflicts with tokio1-rustls-tls.
Explicitly list needed features with default-features = false.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Backend auth flow is now functional:
- services/auth.rs: Argon2id password hashing, JWT access/refresh tokens
- services/encryption.rs: AES-256-GCM encrypt/decrypt, hex token generation
- api/auth.rs: Login, register, refresh, logout, /me endpoints
- middleware/auth.rs: JWT Bearer token extractor (FromRequestParts)
- db/users.rs + licenses.rs: Full CRUD with runtime queries (no compile-time DB)
- main.rs: Bootstrap admin user on first run via ADMIN_EMAIL/ADMIN_PASSWORD env vars
- NATS connection now optional for dev (graceful fallback)
- Added hex and http crates to Cargo.toml
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Axum server entry point, AppConfig, AppState, ApiError, all model
structs (auth, license, server, wipe), and the PanelAdapter trait
that abstracts AMP/Pterodactyl/companion connections.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
