@lastbrain/module-auth 2.0.27 → 2.0.31

package/supabase/migrations/20251112000001_auto_profile_and_admin_view.sql

@@ -103,7 +103,9 @@ BEGIN
           au.raw_user_meta_data->>'avatar',
           fp.avatar_url
         ),
-        'avatar_sizes', au.raw_user_meta_data->'avatar_sizes',
+        'avatar_sizes', COALESCE(au.raw_user_meta_data->'avatar_sizes', '{}'::jsonb),
+        'raw_app_meta_data', COALESCE(au.raw_app_meta_data, '{}'::jsonb),
+        'raw_user_meta_data', COALESCE(au.raw_user_meta_data, '{}'::jsonb),
         'metadata', au.raw_user_meta_data,
         'profile', json_build_object(
           'first_name', fp.first_name,

package/supabase/migrations/20251127100000_rename_body_to_message.sql

@@ -1,9 +1,14 @@
 -- Migration: Add message column to user_notifications table
 -- message: short text summary (required)
 -- body: rich HTML content (optional)
-
 ALTER TABLE public.user_notifications
 ADD COLUMN IF NOT EXISTS message TEXT NOT NULL DEFAULT '';
 
--- If you have existing data, you might want to copy body to message:
--- UPDATE public.user_notifications SET message = COALESCE(body, title) WHERE message = '';
+CREATE UNIQUE INDEX IF NOT EXISTS idx_unique_signup_bonus_per_user ON public.user_token_ledger (owner_id)
+WHERE
+  type = 'signup_bonus';
+
+CREATE UNIQUE INDEX IF NOT EXISTS idx_unique_welcome_bonus_per_user ON public.user_token_ledger (owner_id)
+WHERE
+  type = 'gift'
+  AND meta->>'gift_type' = 'welcome_bonus';

package/supabase/migrations/20260120150001_add_user_storage.sql

@@ -0,0 +1,105 @@
+-- Migration pour ajouter la colonne stockage dans user_profil
+-- Date: 2026-01-22
+
+-- Ajouter la colonne stockage (en GB) avec une valeur par défaut de 2 GB
+ALTER TABLE public.user_profil 
+ADD COLUMN IF NOT EXISTS stockage DECIMAL(10,2) DEFAULT 2.00;
+
+-- Ajouter un commentaire pour documenter la colonne
+COMMENT ON COLUMN public.user_profil.stockage IS 'Espace de stockage alloué à l''utilisateur en gigaoctets (Go)';
+
+-- Créer une fonction RPC pour calculer l'espace de stockage utilisé
+CREATE OR REPLACE FUNCTION public.get_storage_usage(owner_id_param UUID)
+RETURNS JSON
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+DECLARE
+  allocated_gb DECIMAL(10,2);
+  allocated_bytes BIGINT;
+  used_bytes BIGINT := 0;
+  remaining_bytes BIGINT;
+  usage_percentage DECIMAL(5,2);
+  result JSON;
+BEGIN
+  -- Récupérer l'espace alloué depuis user_profil
+  SELECT stockage INTO allocated_gb
+  FROM public.user_profil 
+  WHERE owner_id = owner_id_param;
+  
+  -- Si l'utilisateur n'a pas de profil, utiliser la valeur par défaut
+  IF allocated_gb IS NULL THEN
+    allocated_gb := 2.00;
+  END IF;
+  
+  -- Convertir en bytes (1 GB = 1024^3 bytes)
+  allocated_bytes := (allocated_gb * 1024 * 1024 * 1024)::BIGINT;
+  
+  -- Calculer l'espace utilisé via l'API Storage de Supabase
+  -- Note: Cette partie nécessitera un appel HTTP depuis l'API Next.js
+  -- car nous ne pouvons pas faire d'appels HTTP depuis une fonction PostgreSQL
+  -- Pour l'instant, on retourne 0 et l'API se chargera du calcul réel
+  used_bytes := 0;
+  
+  -- Calculer l'espace restant
+  remaining_bytes := allocated_bytes - used_bytes;
+  
+  -- Calculer le pourcentage d'utilisation
+  IF allocated_bytes > 0 THEN
+    usage_percentage := (used_bytes * 100.0 / allocated_bytes)::DECIMAL(5,2);
+  ELSE
+    usage_percentage := 0;
+  END IF;
+  
+  -- Construire le résultat JSON
+  result := json_build_object(
+    'usedBytes', used_bytes,
+    'allocatedBytes', allocated_bytes,
+    'remainingBytes', remaining_bytes,
+    'allocatedGb', allocated_gb,
+    'usagePercentage', usage_percentage
+  );
+  
+  RETURN result;
+END;
+$$;
+
+-- Ajouter des commentaires sur la fonction
+COMMENT ON FUNCTION public.get_storage_usage(UUID) IS 'Récupère les statistiques d''utilisation de l''espace de stockage pour un utilisateur';
+
+-- Créer une fonction pour vérifier si l'espace de stockage est suffisant
+CREATE OR REPLACE FUNCTION public.check_storage_available(
+  owner_id_param UUID,
+  required_bytes_param BIGINT
+)
+RETURNS BOOLEAN
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+DECLARE
+  storage_info JSON;
+  remaining_bytes BIGINT;
+BEGIN
+  -- Récupérer les informations de stockage
+  storage_info := public.get_storage_usage(owner_id_param);
+  
+  -- Extraire l'espace restant
+  remaining_bytes := (storage_info->>'remainingBytes')::BIGINT;
+  
+  -- Retourner true si l'espace est suffisant
+  RETURN remaining_bytes >= required_bytes_param;
+END;
+$$;
+
+COMMENT ON FUNCTION public.check_storage_available(UUID, BIGINT) IS 'Vérifie si l''espace de stockage restant est suffisant pour une opération';
+
+-- Créer un index sur la colonne stockage pour optimiser les requêtes
+CREATE INDEX idx_user_profil_stockage ON public.user_profil(stockage);
+
+-- Politique de sécurité pour permettre aux utilisateurs de voir leur propre usage
+-- Supprimer d'abord la politique si elle existe
+DROP POLICY IF EXISTS "Users can view their own storage usage" ON public.user_profil;
+
+-- Créer la nouvelle politique
+CREATE POLICY "Users can view their own storage usage" ON public.user_profil
+  FOR SELECT USING (auth.uid() = owner_id);

package/supabase/migrations/20260122131200_add_global_addons_system.sql

@@ -0,0 +1,305 @@
+-- ============================================================================
+-- Migration: Global Addons System (Storage, etc.)
+-- Date: 2026-01-22
+-- ============================================================================
+-- This migration adds support for global addons (like storage) that can be:
+-- 1. Shared across all apps (FoodAndShare, Audit, etc.)
+-- 2. Purchased as subscription items alongside app-specific plans
+-- 3. Managed via Stripe subscription items (1 subscription, multiple items)
+-- ============================================================================
+
+-- ===========================================================================
+-- Table: public.global_addons
+-- Catalog of global addons (storage packs, etc.) that work across all apps
+-- ===========================================================================
+CREATE TABLE IF NOT EXISTS public.global_addons (
+  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+  
+  -- Addon identification
+  addon_key text UNIQUE NOT NULL, -- e.g., "storage_8gb", "storage_50gb"
+  name text NOT NULL, -- Display name (e.g., "Stockage 8 GB")
+  description text,
+  
+  -- Addon type (for future extensibility)
+  addon_type text NOT NULL DEFAULT 'storage' CHECK (addon_type IN ('storage', 'bandwidth', 'seats', 'other')),
+  
+  -- Quota configuration
+  -- For storage: value in GB (e.g., 8, 50, 100)
+  -- For other types: custom unit
+  quota_value numeric(10,2) NOT NULL,
+  quota_unit text NOT NULL DEFAULT 'GB', -- GB, TB, users, etc.
+  
+  -- Pricing display (flexible JSON for UI)
+  price_display jsonb DEFAULT '{"monthly": "4.90€/mois", "yearly": "Annuel -20%"}',
+  
+  -- Stripe integration
+  stripe_price_id text, -- Monthly price ID
+  stripe_price_id_yearly text, -- Yearly price ID (optional)
+  
+  -- Visibility
+  is_public boolean NOT NULL DEFAULT true,
+  is_active boolean NOT NULL DEFAULT true,
+  
+  -- Optional metadata
+  metadata jsonb DEFAULT '{}',
+  
+  -- Ordering
+  sort int NOT NULL DEFAULT 0,
+  
+  created_at timestamptz NOT NULL DEFAULT now(),
+  updated_at timestamptz NOT NULL DEFAULT now()
+);
+
+-- RLS for global_addons
+ALTER TABLE public.global_addons ENABLE ROW LEVEL SECURITY;
+
+-- Public read access to public/active addons
+DROP POLICY IF EXISTS global_addons_public_select ON public.global_addons;
+CREATE POLICY global_addons_public_select ON public.global_addons
+  FOR SELECT TO authenticated, anon
+  USING (is_public = true AND is_active = true);
+
+-- Admin full access (service_role bypasses RLS)
+GRANT SELECT, INSERT, UPDATE, DELETE ON public.global_addons TO service_role;
+
+-- Trigger updated_at
+DROP TRIGGER IF EXISTS set_global_addons_updated_at ON public.global_addons;
+CREATE TRIGGER set_global_addons_updated_at
+  BEFORE UPDATE ON public.global_addons
+  FOR EACH ROW EXECUTE FUNCTION public.set_updated_at();
+
+-- Indexes
+CREATE INDEX IF NOT EXISTS idx_global_addons_addon_key ON public.global_addons(addon_key);
+CREATE INDEX IF NOT EXISTS idx_global_addons_addon_type ON public.global_addons(addon_type);
+CREATE INDEX IF NOT EXISTS idx_global_addons_is_public ON public.global_addons(is_public);
+CREATE INDEX IF NOT EXISTS idx_global_addons_is_active ON public.global_addons(is_active);
+CREATE INDEX IF NOT EXISTS idx_global_addons_sort ON public.global_addons(sort);
+
+-- ===========================================================================
+-- Table: public.user_global_addons
+-- User activations of global addons with Stripe subscription item tracking
+-- ===========================================================================
+CREATE TABLE IF NOT EXISTS public.user_global_addons (
+  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+  
+  -- User reference
+  owner_id uuid NOT NULL REFERENCES auth.users(id) ON DELETE CASCADE,
+  
+  -- Addon reference
+  addon_id uuid NOT NULL REFERENCES public.global_addons(id) ON DELETE CASCADE,
+  
+  -- Quantity (for scalable addons, e.g., 2x 8GB packs = 16GB)
+  quantity int NOT NULL DEFAULT 1 CHECK (quantity > 0),
+  
+  -- Status
+  status text NOT NULL DEFAULT 'active' CHECK (status IN ('active', 'trialing', 'canceled', 'past_due', 'incomplete', 'incomplete_expired', 'unpaid')),
+  
+  -- Subscription period
+  current_period_start timestamptz,
+  current_period_end timestamptz,
+  
+  -- Stripe references (for multi-item subscriptions)
+  stripe_customer_id text,
+  stripe_subscription_id text NOT NULL, -- The parent subscription
+  stripe_subscription_item_id text NOT NULL UNIQUE, -- The specific item within the subscription
+  
+  -- Optional metadata
+  metadata jsonb DEFAULT '{}',
+  
+  -- Timestamps
+  created_at timestamptz NOT NULL DEFAULT now(),
+  updated_at timestamptz NOT NULL DEFAULT now(),
+  
+  -- Constraint: one addon per user (unless we allow multiple quantities via quantity field)
+  UNIQUE(owner_id, addon_id)
+);
+
+-- RLS for user_global_addons
+ALTER TABLE public.user_global_addons ENABLE ROW LEVEL SECURITY;
+
+-- Users can only see their own addon activations
+DROP POLICY IF EXISTS user_global_addons_owner_select ON public.user_global_addons;
+CREATE POLICY user_global_addons_owner_select ON public.user_global_addons
+  FOR SELECT TO authenticated
+  USING (owner_id = (SELECT auth.uid()));
+
+-- Only service_role can insert/update/delete (via webhooks)
+GRANT SELECT, INSERT, UPDATE, DELETE ON public.user_global_addons TO service_role;
+
+-- Trigger updated_at
+DROP TRIGGER IF EXISTS set_user_global_addons_updated_at ON public.user_global_addons;
+CREATE TRIGGER set_user_global_addons_updated_at
+  BEFORE UPDATE ON public.user_global_addons
+  FOR EACH ROW EXECUTE FUNCTION public.set_updated_at();
+
+-- Indexes
+CREATE INDEX IF NOT EXISTS idx_user_global_addons_owner_id ON public.user_global_addons(owner_id);
+CREATE INDEX IF NOT EXISTS idx_user_global_addons_addon_id ON public.user_global_addons(addon_id);
+CREATE INDEX IF NOT EXISTS idx_user_global_addons_status ON public.user_global_addons(status);
+CREATE INDEX IF NOT EXISTS idx_user_global_addons_stripe_subscription_id ON public.user_global_addons(stripe_subscription_id);
+CREATE INDEX IF NOT EXISTS idx_user_global_addons_stripe_subscription_item_id ON public.user_global_addons(stripe_subscription_item_id);
+
+-- ===========================================================================
+-- Function: get_user_limits
+-- Returns aggregated limits (storage, tokens, etc.) for a user
+-- Combines base limits + active addons + entitlements
+-- ===========================================================================
+CREATE OR REPLACE FUNCTION public.get_user_limits(owner_id_param UUID)
+RETURNS JSON
+LANGUAGE plpgsql
+SECURITY DEFINER
+SET search_path = public
+AS $$
+DECLARE
+  -- Base storage from user_profil
+  base_storage_gb DECIMAL(10,2);
+  
+  -- Extra storage from billing plan features
+  plan_storage_extra_gb DECIMAL(10,2) := 0;
+  
+  -- Storage from active addons
+  addon_storage_gb DECIMAL(10,2) := 0;
+  
+  -- Total storage
+  total_storage_gb DECIMAL(10,2);
+  total_storage_bytes BIGINT;
+  
+  -- Storage used (to be calculated by API)
+  storage_used_bytes BIGINT := 0;
+  
+  -- Tokens (if available)
+  tokens_balance INT := NULL;
+  
+  result JSON;
+BEGIN
+  -- 1. Get base storage from user_profil
+  SELECT COALESCE(stockage, 2.00) INTO base_storage_gb
+  FROM public.user_profil 
+  WHERE owner_id = owner_id_param;
+  
+  -- If no profile, use default
+  IF base_storage_gb IS NULL THEN
+    base_storage_gb := 2.00;
+  END IF;
+  
+  -- 2. Get extra storage from billing plan features
+  SELECT COALESCE(
+    (features->>'storage_extra')::DECIMAL(10,2),
+    0
+  ) INTO plan_storage_extra_gb
+  FROM public.user_entitlements
+  WHERE owner_id = owner_id_param
+    AND status IN ('active', 'trialing')
+  LIMIT 1;
+  
+  -- 3. Get storage from active global addons
+  SELECT COALESCE(
+    SUM(ga.quota_value * uga.quantity),
+    0
+  ) INTO addon_storage_gb
+  FROM public.user_global_addons uga
+  JOIN public.global_addons ga ON ga.id = uga.addon_id
+  WHERE uga.owner_id = owner_id_param
+    AND uga.status IN ('active', 'trialing')
+    AND ga.addon_type = 'storage'
+    AND ga.is_active = true;
+  
+  -- 4. Calculate total storage
+  total_storage_gb := base_storage_gb + plan_storage_extra_gb + addon_storage_gb;
+  total_storage_bytes := (total_storage_gb * 1024 * 1024 * 1024)::BIGINT;
+  
+  -- 5. Try to get tokens balance (if table exists)
+  BEGIN
+    SELECT COALESCE(balance, 0) INTO tokens_balance
+    FROM public.user_token_quotas
+    WHERE owner_id = owner_id_param
+    LIMIT 1;
+  EXCEPTION WHEN undefined_table THEN
+    tokens_balance := NULL;
+  END;
+  
+  -- 6. Build result JSON
+  result := json_build_object(
+    'storage_quota_gb', total_storage_gb,
+    'storage_quota_bytes', total_storage_bytes,
+    'storage_used_bytes', storage_used_bytes, -- Will be calculated by API
+    'storage_breakdown', json_build_object(
+      'base_gb', base_storage_gb,
+      'plan_extra_gb', plan_storage_extra_gb,
+      'addons_gb', addon_storage_gb
+    ),
+    'tokens_balance', tokens_balance
+  );
+  
+  RETURN result;
+END;
+$$;
+
+-- Grant execution to service_role and authenticated users
+GRANT EXECUTE ON FUNCTION public.get_user_limits(uuid) TO service_role, authenticated;
+
+-- Add comment
+COMMENT ON FUNCTION public.get_user_limits(uuid) IS 'Returns aggregated limits (storage, tokens) for a user including base + plan + addons';
+
+-- ===========================================================================
+-- Initial data: Create default storage addons catalog
+-- ===========================================================================
+INSERT INTO public.global_addons (addon_key, name, description, addon_type, quota_value, quota_unit, price_display, sort, is_public, is_active)
+VALUES 
+  ('storage_8gb', 'Stockage +8 GB', 'Ajoutez 8 GB d''espace de stockage à votre compte', 'storage', 8.00, 'GB', '{"monthly": "4.90€/mois", "yearly": "49.90€/an"}', 1, true, true),
+  ('storage_50gb', 'Stockage +50 GB', 'Ajoutez 50 GB d''espace de stockage à votre compte', 'storage', 50.00, 'GB', '{"monthly": "19.90€/mois", "yearly": "199.90€/an"}', 2, true, true),
+  ('storage_100gb', 'Stockage +100 GB', 'Ajoutez 100 GB d''espace de stockage à votre compte', 'storage', 100.00, 'GB', '{"monthly": "34.90€/mois", "yearly": "349.90€/an"}', 3, true, true)
+ON CONFLICT (addon_key) DO NOTHING;
+
+-- ===========================================================================
+-- Update get_storage_usage to use new get_user_limits function
+-- ===========================================================================
+CREATE OR REPLACE FUNCTION public.get_storage_usage(owner_id_param UUID)
+RETURNS JSON
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+DECLARE
+  limits_info JSON;
+  allocated_bytes BIGINT;
+  allocated_gb DECIMAL(10,2);
+  used_bytes BIGINT := 0;
+  remaining_bytes BIGINT;
+  usage_percentage DECIMAL(5,2);
+  result JSON;
+BEGIN
+  -- Get aggregated limits from new function
+  limits_info := public.get_user_limits(owner_id_param);
+  
+  -- Extract storage quota
+  allocated_gb := (limits_info->>'storage_quota_gb')::DECIMAL(10,2);
+  allocated_bytes := (limits_info->>'storage_quota_bytes')::BIGINT;
+  
+  -- used_bytes will be calculated by API (requires HTTP call to storage API)
+  used_bytes := 0;
+  
+  -- Calculate remaining
+  remaining_bytes := allocated_bytes - used_bytes;
+  
+  -- Calculate percentage
+  IF allocated_bytes > 0 THEN
+    usage_percentage := (used_bytes * 100.0 / allocated_bytes)::DECIMAL(5,2);
+  ELSE
+    usage_percentage := 0;
+  END IF;
+  
+  -- Build result
+  result := json_build_object(
+    'usedBytes', used_bytes,
+    'allocatedBytes', allocated_bytes,
+    'remainingBytes', remaining_bytes,
+    'allocatedGb', allocated_gb,
+    'usagePercentage', usage_percentage,
+    'breakdown', limits_info->'storage_breakdown'
+  );
+  
+  RETURN result;
+END;
+$$;
+
+COMMENT ON FUNCTION public.get_storage_usage(UUID) IS 'Récupère les statistiques d''utilisation de l''espace de stockage avec addons inclus';

package/supabase/migrations/20260123100000_enable_vector_extension.sql

@@ -0,0 +1,9 @@
+-- Enable pgvector extension for embedding operations
+-- This extension is required for recipe search functionality
+
+DO $$
+BEGIN
+  IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname = 'vector') THEN
+    RAISE NOTICE 'Extension vector not enabled (enable it in Supabase Dashboard)';
+  END IF;
+END $$;

package/supabase/migrations/20260123140000_module_auth_fix_get_user_limits_null.sql

@@ -0,0 +1,93 @@
+-- Fix get_user_limits function to handle NULL values in calculations
+-- Issue: When plan_storage_extra_gb is NULL, total becomes NULL (2 + NULL + 0 = NULL in SQL)
+
+CREATE OR REPLACE FUNCTION public.get_user_limits(owner_id_param UUID)
+RETURNS JSON
+LANGUAGE plpgsql
+SECURITY DEFINER
+SET search_path = public
+AS $$
+DECLARE
+  -- Base storage from user_profil
+  base_storage_gb DECIMAL(10,2);
+  
+  -- Extra storage from billing plan features
+  plan_storage_extra_gb DECIMAL(10,2) := 0;
+  
+  -- Storage from active addons
+  addon_storage_gb DECIMAL(10,2) := 0;
+  
+  -- Total storage
+  total_storage_gb DECIMAL(10,2);
+  total_storage_bytes BIGINT;
+  
+  -- Storage used (to be calculated by API)
+  storage_used_bytes BIGINT := 0;
+  
+  -- Tokens (if available)
+  tokens_balance INT := NULL;
+  
+  result JSON;
+BEGIN
+  -- 1. Get base storage from user_profil
+  SELECT COALESCE(stockage, 2.00) INTO base_storage_gb
+  FROM public.user_profil 
+  WHERE owner_id = owner_id_param;
+  
+  -- If no profile, use default
+  IF base_storage_gb IS NULL THEN
+    base_storage_gb := 2.00;
+  END IF;
+  
+  -- 2. Get extra storage from billing plan features
+  SELECT COALESCE(
+    (features->>'storage_extra')::DECIMAL(10,2),
+    0
+  ) INTO plan_storage_extra_gb
+  FROM public.user_entitlements
+  WHERE owner_id = owner_id_param
+    AND status IN ('active', 'trialing')
+  LIMIT 1;
+  
+  -- 3. Get storage from active global addons
+  SELECT COALESCE(
+    SUM(ga.quota_value * uga.quantity),
+    0
+  ) INTO addon_storage_gb
+  FROM public.user_global_addons uga
+  JOIN public.global_addons ga ON ga.id = uga.addon_id
+  WHERE uga.owner_id = owner_id_param
+    AND uga.status IN ('active', 'trialing')
+    AND ga.addon_type = 'storage'
+    AND ga.is_active = true;
+  
+  -- 4. Calculate total storage (handle NULLs with COALESCE)
+  total_storage_gb := COALESCE(base_storage_gb, 0) + COALESCE(plan_storage_extra_gb, 0) + COALESCE(addon_storage_gb, 0);
+  total_storage_bytes := (total_storage_gb * 1024 * 1024 * 1024)::BIGINT;
+  
+  -- 5. Try to get tokens balance (if table exists)
+  BEGIN
+    SELECT COALESCE(balance, 0) INTO tokens_balance
+    FROM public.user_token_quotas
+    WHERE owner_id = owner_id_param
+    LIMIT 1;
+  EXCEPTION WHEN undefined_table THEN
+    tokens_balance := NULL;
+  END;
+  
+  -- 6. Build result JSON
+  result := json_build_object(
+    'storage_quota_gb', total_storage_gb,
+    'storage_quota_bytes', total_storage_bytes,
+    'storage_used_bytes', storage_used_bytes, -- Will be calculated by API
+    'storage_breakdown', json_build_object(
+      'base_gb', base_storage_gb,
+      'plan_extra_gb', plan_storage_extra_gb,
+      'addons_gb', addon_storage_gb
+    ),
+    'tokens_balance', tokens_balance
+  );
+  
+  RETURN result;
+END;
+$$;

package/supabase/migrations/20260123145000_module_auth_fix_circular_storage_base.sql

@@ -0,0 +1,89 @@
+-- Migration pour corriger la boucle circulaire dans get_user_limits
+-- Le problème : user_profil.stockage contient le total, mais était utilisé comme base
+-- Solution : base_storage_gb est toujours 2.00 (constante)
+-- Date: 2026-01-23 14:50
+
+CREATE OR REPLACE FUNCTION public.get_user_limits(owner_id_param UUID)
+RETURNS JSON
+LANGUAGE plpgsql
+SECURITY DEFINER
+AS $$
+DECLARE
+  -- Base storage (constant)
+  base_storage_gb DECIMAL(10,2);
+  
+  -- Storage from billing plan
+  plan_storage_extra_gb DECIMAL(10,2);
+  
+  -- Storage from addons
+  addon_storage_gb DECIMAL(10,2);
+  
+  -- Total storage
+  total_storage_gb DECIMAL(10,2);
+  total_storage_bytes BIGINT;
+  
+  -- Storage used (to be calculated by API)
+  storage_used_bytes BIGINT := 0;
+  
+  -- Tokens (if available)
+  tokens_balance INT := NULL;
+  
+  result JSON;
+BEGIN
+  -- 1. Base storage is always 2 GB for all users (constant)
+  base_storage_gb := 2.00;
+  
+  -- 2. Get extra storage from billing plan features
+  SELECT COALESCE(
+    (features->>'storage_extra')::DECIMAL(10,2),
+    0
+  ) INTO plan_storage_extra_gb
+  FROM public.user_entitlements
+  WHERE owner_id = owner_id_param
+    AND status IN ('active', 'trialing')
+  LIMIT 1;
+  
+  -- 3. Get storage from active global addons (with quantity)
+  SELECT COALESCE(
+    SUM(ga.quota_value * uga.quantity),
+    0
+  ) INTO addon_storage_gb
+  FROM public.user_global_addons uga
+  JOIN public.global_addons ga ON ga.id = uga.addon_id
+  WHERE uga.owner_id = owner_id_param
+    AND uga.status IN ('active', 'trialing')
+    AND ga.addon_type = 'storage'
+    AND ga.is_active = true;
+  
+  -- 4. Calculate total storage (handle NULLs with COALESCE)
+  total_storage_gb := COALESCE(base_storage_gb, 0) + COALESCE(plan_storage_extra_gb, 0) + COALESCE(addon_storage_gb, 0);
+  total_storage_bytes := (total_storage_gb * 1024 * 1024 * 1024)::BIGINT;
+  
+  -- 5. Try to get tokens balance (if table exists)
+  BEGIN
+    SELECT COALESCE(balance, 0) INTO tokens_balance
+    FROM public.user_tokens
+    WHERE owner_id = owner_id_param;
+  EXCEPTION
+    WHEN undefined_table THEN
+      tokens_balance := NULL;
+  END;
+  
+  -- 6. Build result JSON
+  result := json_build_object(
+    'storage_quota_gb', total_storage_gb,
+    'storage_quota_bytes', total_storage_bytes,
+    'storage_used_bytes', storage_used_bytes,
+    'storage_breakdown', json_build_object(
+      'base_gb', base_storage_gb,
+      'plan_extra_gb', plan_storage_extra_gb,
+      'addons_gb', addon_storage_gb
+    ),
+    'tokens_balance', tokens_balance
+  );
+  
+  RETURN result;
+END;
+$$;
+
+COMMENT ON FUNCTION public.get_user_limits(UUID) IS 'Retourne les limites (storage, tokens) pour un utilisateur avec breakdown détaillé. Base storage est constant à 2 GB.';

package/supabase/migrations/20260129400000_add_username_to_user_profil.sql

@@ -0,0 +1,33 @@
+-- ============================================================================
+-- Add username column to user_profil with unique constraint
+-- Module: @lastbrain/module-auth
+-- ============================================================================
+
+-- Add username column
+ALTER TABLE public.user_profil
+ADD COLUMN IF NOT EXISTS username TEXT DEFAULT NULL;
+
+-- Create unique index on lowercase username (case-insensitive)
+CREATE UNIQUE INDEX IF NOT EXISTS idx_user_profil_username_unique 
+ON public.user_profil (LOWER(username))
+WHERE username IS NOT NULL;
+
+-- Add comment
+COMMENT ON COLUMN public.user_profil.username IS 'Unique username for public profile URL (case-insensitive)';
+
+-- Function to validate username format
+CREATE OR REPLACE FUNCTION validate_username(username_input TEXT)
+RETURNS BOOLEAN AS $$
+BEGIN
+  -- Username must be 3-30 characters, alphanumeric + underscore/dash only
+  RETURN username_input ~ '^[a-zA-Z0-9_-]{3,30}$';
+END;
+$$ LANGUAGE plpgsql IMMUTABLE;
+
+-- Add check constraint for username format
+ALTER TABLE public.user_profil
+DROP CONSTRAINT IF EXISTS check_username_format;
+
+ALTER TABLE public.user_profil
+ADD CONSTRAINT check_username_format 
+CHECK (username IS NULL OR validate_username(username));

package/dist/web/auth/dashboard.d.ts

@@ -1,2 +0,0 @@
-export declare function DashboardPage(): import("react/jsx-runtime").JSX.Element | null;
-//# sourceMappingURL=dashboard.d.ts.map

package/dist/web/auth/dashboard.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"dashboard.d.ts","sourceRoot":"","sources":["../../../src/web/auth/dashboard.tsx"],"names":[],"mappings":"AA8BA,wBAAgB,aAAa,mDAmM5B"}