karaoke-gen 0.99.3__py3-none-any.whl → 0.103.1__py3-none-any.whl

backend/api/routes/users.py

@@ -8,8 +8,28 @@ Handles:
 - Stripe checkout and webhooks
 - Admin user management
 """
+import hashlib
 import logging
 from typing import Optional, Tuple
+
+
+def _mask_email(email: str) -> str:
+    """Mask email for logging to avoid PII exposure.
+
+    Example: test@example.com -> te***@ex***.com
+    """
+    if not email or "@" not in email:
+        return "***"
+    local, domain = email.split("@", 1)
+    masked_local = local[:2] + "***" if len(local) > 2 else "***"
+    domain_parts = domain.split(".")
+    if len(domain_parts) >= 2:
+        masked_domain = domain_parts[0][:2] + "***." + domain_parts[-1]
+    else:
+        masked_domain = "***"
+    return f"{masked_local}@{masked_domain}"
+
+
 from fastapi import APIRouter, HTTPException, Depends, Request, Header
 from pydantic import BaseModel, EmailStr
 
@@ -33,6 +53,10 @@ from backend.services.user_service import get_user_service, UserService, USERS_C
 from backend.services.email_service import get_email_service, EmailService
 from backend.services.stripe_service import get_stripe_service, StripeService, CREDIT_PACKAGES
 from backend.services.theme_service import get_theme_service
+from backend.services.job_defaults_service import (
+    get_effective_distribution_settings,
+    resolve_cdg_txt_defaults,
+)
 from backend.api.dependencies import require_admin
 from backend.api.routes.file_upload import _prepare_theme_for_job
 from backend.services.auth_service import UserType
@@ -60,8 +84,8 @@ class CreateCheckoutResponse(BaseModel):
     message: str
 
 
-class DoneForYouCheckoutRequest(BaseModel):
-    """Request to create a done-for-you karaoke video order."""
+class MadeForYouCheckoutRequest(BaseModel):
+    """Request to create a made-for-you karaoke video order."""
     email: EmailStr
     artist: str
     title: str
@@ -112,7 +136,11 @@ async def send_magic_link(
 
     The user will receive an email with a link that logs them in.
     Links expire after 15 minutes and can only be used once.
+
+    For white-label tenants, validates email domain against tenant config.
     """
+    from backend.middleware.tenant import get_tenant_from_request, get_tenant_config_from_request
+
     # Check if email service is configured
     if not email_service.is_configured():
         logger.error("Email service not configured - cannot send magic links")
@@ -123,19 +151,39 @@ async def send_magic_link(
 
     email = request.email.lower()
 
+    # Get tenant context from middleware
+    tenant_id = get_tenant_from_request(http_request)
+    tenant_config = get_tenant_config_from_request(http_request)
+
+    # Validate email domain for tenant if configured
+    if tenant_config and tenant_config.auth.allowed_email_domains:
+        if not tenant_config.is_email_allowed(email):
+            logger.warning(f"Email domain not allowed for tenant {tenant_id}: {_mask_email(email)}")
+            # Return success anyway to prevent email enumeration
+            return SendMagicLinkResponse(
+                status="success",
+                message="If this email is registered, you will receive a sign-in link shortly."
+            )
+
     # Get client info for security logging
     ip_address = http_request.client.host if http_request.client else None
     user_agent = http_request.headers.get("user-agent")
 
-    # Create magic link token
+    # Create magic link token with tenant context
     magic_link = user_service.create_magic_link(
         email,
         ip_address=ip_address,
-        user_agent=user_agent
+        user_agent=user_agent,
+        tenant_id=tenant_id
     )
 
-    # Send email
-    sent = email_service.send_magic_link(email, magic_link.token)
+    # Get tenant-specific sender email
+    sender_email = None
+    if tenant_config:
+        sender_email = tenant_config.get_sender_email()
+
+    # Send email (with tenant-specific sender if configured)
+    sent = email_service.send_magic_link(email, magic_link.token, sender_email=sender_email)
 
     if not sent:
         logger.error(f"Failed to send magic link email to {email}")
@@ -159,18 +207,26 @@ async def verify_magic_link(
     Verify a magic link token and create a session.
 
     Returns a session token that should be stored and used for subsequent requests.
+    The session will be associated with the tenant from the magic link.
     """
+    # Reject empty tokens early to avoid invalid Firestore document paths
+    if not token or not token.strip():
+        raise HTTPException(status_code=401, detail="Invalid token")
+
     # Get client info
     ip_address = http_request.client.host if http_request.client else None
     user_agent = http_request.headers.get("user-agent")
 
     # Check if this is a first login BEFORE verification (which sets last_login_at)
     # We need to get the user's state before verify_magic_link updates it
+    # Also extract tenant_id from the magic link for session creation
     from backend.services.user_service import MAGIC_LINKS_COLLECTION
     magic_link_doc = user_service.db.collection(MAGIC_LINKS_COLLECTION).document(token).get()
     is_first_login = False
+    magic_link_tenant_id = None
     if magic_link_doc.exists:
         magic_link_data = magic_link_doc.to_dict()
+        magic_link_tenant_id = magic_link_data.get('tenant_id')
         pre_verify_user = user_service.get_user(magic_link_data.get('email', ''))
         if pre_verify_user:
             is_first_login = pre_verify_user.total_jobs_created == 0 and not pre_verify_user.last_login_at
@@ -181,18 +237,19 @@ async def verify_magic_link(
     if not success or not user:
         raise HTTPException(status_code=401, detail=message)
 
-    # Create session
+    # Create session with tenant context from the magic link
     session = user_service.create_session(
         user.email,
         ip_address=ip_address,
-        user_agent=user_agent
+        user_agent=user_agent,
+        tenant_id=magic_link_tenant_id
     )
 
     # Send welcome email to first-time users
     if is_first_login:
         email_service.send_welcome_email(user.email, user.credits)
 
-    # Return user info
+    # Return user info with tenant_id
     user_public = UserPublic(
         email=user.email,
         role=user.role,
@@ -200,6 +257,7 @@ async def verify_magic_link(
         display_name=user.display_name,
         total_jobs_created=user.total_jobs_created,
         total_jobs_completed=user.total_jobs_completed,
+        tenant_id=user.tenant_id,
     )
 
     return VerifyMagicLinkResponse(
@@ -340,13 +398,13 @@ async def create_checkout(
     )
 
 
-@router.post("/done-for-you/checkout", response_model=CreateCheckoutResponse)
-async def create_done_for_you_checkout(
-    request: DoneForYouCheckoutRequest,
+@router.post("/made-for-you/checkout", response_model=CreateCheckoutResponse)
+async def create_made_for_you_checkout(
+    request: MadeForYouCheckoutRequest,
     stripe_service: StripeService = Depends(get_stripe_service),
 ):
     """
-    Create a Stripe checkout session for a done-for-you karaoke video order.
+    Create a Stripe checkout session for a made-for-you karaoke video order.
 
     This is the full-service option where Nomad Karaoke handles everything:
     - Finding or processing the audio
@@ -360,7 +418,7 @@ async def create_done_for_you_checkout(
     if not stripe_service.is_configured():
         raise HTTPException(status_code=503, detail="Payment processing is not available")
 
-    success, checkout_url, message = stripe_service.create_done_for_you_checkout_session(
+    success, checkout_url, message = stripe_service.create_made_for_you_checkout_session(
         customer_email=request.email,
         artist=request.artist,
         title=request.title,
@@ -383,22 +441,28 @@ async def create_done_for_you_checkout(
 # Stripe Webhooks
 # =============================================================================
 
-# Admin email for done-for-you order notifications
-ADMIN_EMAIL = "andrew@nomadkaraoke.com"
+# Admin email for made-for-you order notifications
+ADMIN_EMAIL = "madeforyou@nomadkaraoke.com"
 
 
-async def _handle_done_for_you_order(
+async def _handle_made_for_you_order(
     session_id: str,
     metadata: dict,
     user_service: UserService,
     email_service: EmailService,
 ) -> None:
     """
-    Handle a completed done-for-you order by creating a job and notifying Andrew.
+    Handle a completed made-for-you order by creating a job and notifying Andrew.
+
+    The made-for-you flow:
+    1. Job is created with made_for_you=True, owned by admin during processing
+    2. For search orders: audio search runs, results stored, job pauses at AWAITING_AUDIO_SELECTION
+    3. Admin receives notification email with link to select audio source
+    4. Customer receives order confirmation email
+    5. Admin selects audio in UI, job proceeds through normal pipeline
+    6. On completion, ownership transfers to customer
 
-    For orders with a YouTube URL, the job is created and workers are triggered immediately.
-    For orders without a URL (search mode), the audio search flow is used to find and
-    download the best matching audio source automatically.
+    For orders with a YouTube URL, workers are triggered immediately (no search needed).
 
     Args:
         session_id: Stripe checkout session ID
@@ -427,7 +491,7 @@ async def _handle_done_for_you_order(
     notes = metadata.get("notes", "")
 
     logger.info(
-        f"Processing done-for-you order: {artist} - {title} for {customer_email} "
+        f"Processing made-for-you order: {artist} - {title} for {customer_email} "
         f"(session: {session_id}, source_type: {source_type})"
     )
 
@@ -440,32 +504,55 @@ async def _handle_done_for_you_order(
         theme_service = get_theme_service()
         effective_theme_id = theme_service.get_default_theme_id()
         if effective_theme_id:
-            logger.info(f"Applying default theme '{effective_theme_id}' for done-for-you order")
+            logger.info(f"Applying default theme '{effective_theme_id}' for made-for-you order")
+
+        # Get distribution defaults using centralized service
+        dist = get_effective_distribution_settings()
+
+        # Resolve CDG/TXT defaults based on theme (uses centralized service)
+        # This ensures made-for-you jobs get the same CDG/TXT defaults as regular jobs
+        resolved_cdg, resolved_txt = resolve_cdg_txt_defaults(effective_theme_id)
 
-        # Create job for the customer
-        # Note: done-for-you jobs should NOT be non_interactive - Andrew needs to review
+        # Create job with admin ownership during processing
+        # CRITICAL: made_for_you=True, user_email=ADMIN_EMAIL, customer_email for delivery
+        # auto_download=False to pause at audio selection for admin to choose
         job_create = JobCreate(
             url=youtube_url if youtube_url else None,
             artist=artist,
             title=title,
-            user_email=customer_email,  # Customer owns the job
+            user_email=ADMIN_EMAIL,  # Admin owns during processing
             theme_id=effective_theme_id,  # Apply default theme
-            non_interactive=False,  # Andrew will review lyrics/instrumental
-            # Set audio search fields for search-based orders
+            non_interactive=False,  # Admin will review lyrics/instrumental
+            # Made-for-you specific fields
+            made_for_you=True,  # Flag for ownership transfer on completion
+            customer_email=customer_email,  # Customer email for final delivery
+            customer_notes=notes if notes else None,  # Customer's special requests
+            # Audio search fields for search-based orders
             audio_search_artist=artist if not youtube_url else None,
             audio_search_title=title if not youtube_url else None,
-            auto_download=True,  # Auto-select best audio source
+            auto_download=False,  # Pause at audio selection for admin to choose
+            # CDG/TXT settings (resolved via centralized service)
+            enable_cdg=resolved_cdg,
+            enable_txt=resolved_txt,
+            # Distribution settings from centralized defaults
+            enable_youtube_upload=dist.enable_youtube_upload,
+            dropbox_path=dist.dropbox_path,
+            gdrive_folder_id=dist.gdrive_folder_id,
+            brand_prefix=dist.brand_prefix,
+            discord_webhook_url=dist.discord_webhook_url,
+            youtube_description=dist.youtube_description,
         )
-        job = job_manager.create_job(job_create)
+        # Made-for-you jobs are created by admin (via Stripe webhook) - bypass rate limits
+        job = job_manager.create_job(job_create, is_admin=True)
         job_id = job.job_id
 
-        logger.info(f"Created done-for-you job {job_id} for {customer_email}")
+        logger.info(f"Created made-for-you job {job_id} for {_mask_email(customer_email)} (owned by {_mask_email(ADMIN_EMAIL)})")
 
         # Prepare theme style assets for the job (same as audio_search endpoint)
         if effective_theme_id:
             try:
                 style_params_path, theme_style_assets, youtube_desc = _prepare_theme_for_job(
-                    job_id, effective_theme_id, None  # No color overrides for done-for-you
+                    job_id, effective_theme_id, None  # No color overrides for made-for-you
                 )
                 theme_update = {
                     'style_params_gcs_path': style_params_path,
@@ -474,9 +561,9 @@ async def _handle_done_for_you_order(
                 if youtube_desc:
                     theme_update['youtube_description_template'] = youtube_desc
                 job_manager.update_job(job_id, theme_update)
-                logger.info(f"Applied theme '{effective_theme_id}' to done-for-you job {job_id}")
+                logger.info(f"Applied theme '{effective_theme_id}' to made-for-you job {job_id}")
             except Exception as e:
-                logger.warning(f"Failed to prepare theme for done-for-you job {job_id}: {e}")
+                logger.warning(f"Failed to prepare theme for made-for-you job {job_id}: {e}")
 
         # Mark session as processed for idempotency
         # Note: Using internal method since this isn't a credit transaction
@@ -486,23 +573,27 @@ async def _handle_done_for_you_order(
             amount=0  # No credits, just tracking the session
         )
 
+        # Initialize search_results for later use in email notification
+        search_results = None
+
         # Handle based on whether we have a YouTube URL or need to search
         if youtube_url:
-            # URL provided - trigger workers directly
+            # URL provided - trigger workers directly (no audio selection needed)
             logger.info(f"Job {job_id}: YouTube URL provided, triggering workers")
             await asyncio.gather(
                 worker_service.trigger_audio_worker(job_id),
                 worker_service.trigger_lyrics_worker(job_id)
             )
         else:
-            # No URL - use audio search flow with auto_download
+            # No URL - use audio search flow, pause for admin selection
+            # Made-for-you jobs require admin to select audio source
             logger.info(f"Job {job_id}: No URL, using audio search for '{artist} - {title}'")
 
             # Update job with audio search fields
             job_manager.update_job(job_id, {
                 'audio_search_artist': artist,
                 'audio_search_title': title,
-                'auto_download': True,
+                'auto_download': False,  # Admin must select
             })
 
             # Transition to searching state
@@ -519,7 +610,8 @@ async def _handle_done_for_you_order(
             try:
                 search_results = audio_search_service.search(artist, title)
             except NoResultsError as e:
-                # No results found - transition to AWAITING_AUDIO_SELECTION so Andrew can handle manually
+                # No results found - still transition to AWAITING_AUDIO_SELECTION
+                # Admin can manually provide audio
                 logger.warning(f"Job {job_id}: No audio sources found for '{artist} - {title}'")
                 job_manager.transition_to_state(
                     job_id=job_id,
@@ -527,7 +619,6 @@ async def _handle_done_for_you_order(
                     progress=10,
                     message=f"No automatic audio sources found. Manual intervention required."
                 )
-                # Don't fail the job - Andrew can manually provide audio
                 search_results = None
             except AudioSearchError as e:
                 logger.error(f"Job {job_id}: Audio search failed: {e}")
@@ -540,7 +631,7 @@ async def _handle_done_for_you_order(
                 search_results = None
 
             if search_results:
-                # Store search results in state_data
+                # Store search results in state_data for admin to review
                 results_dicts = [r.to_dict() for r in search_results]
                 state_data_update = {
                     'audio_search_results': results_dicts,
@@ -550,225 +641,61 @@ async def _handle_done_for_you_order(
                     state_data_update['remote_search_id'] = audio_search_service.last_remote_search_id
                 job_manager.update_job(job_id, {'state_data': state_data_update})
 
-                # Auto-select best result and download
-                best_index = audio_search_service.select_best(search_results)
-                selected = results_dicts[best_index]
-
-                logger.info(f"Job {job_id}: Auto-selected result {best_index}: {selected.get('provider')} - {selected.get('title')}")
+                # Transition to AWAITING_AUDIO_SELECTION for admin to choose
+                # Do NOT auto-select or download - admin must review and select
+                logger.info(f"Job {job_id}: Found {len(results_dicts)} audio sources, awaiting admin selection")
 
-                # Transition to downloading state
+                # Transition to AWAITING_AUDIO_SELECTION for admin to choose
+                # Admin will select from results in the UI, then job proceeds
                 job_manager.transition_to_state(
                     job_id=job_id,
-                    new_status=JobStatus.DOWNLOADING_AUDIO,
+                    new_status=JobStatus.AWAITING_AUDIO_SELECTION,
                     progress=10,
-                    message=f"Downloading from {selected.get('provider')}: {selected.get('artist')} - {selected.get('title')}",
-                    state_data_updates={
-                        'selected_audio_index': best_index,
-                        'selected_audio_provider': selected.get('provider'),
-                    }
+                    message=f"Found {len(results_dicts)} audio sources. Awaiting admin selection."
                 )
 
-                # Download audio
-                try:
-                    is_torrent_source = selected.get('provider') in ['RED', 'OPS']
-                    is_remote_enabled = audio_search_service.is_remote_enabled()
-                    source_id = selected.get('source_id')
-                    source_name = selected.get('provider')
-                    target_file = selected.get('target_file')
-                    download_url = selected.get('url')
-                    remote_search_id = state_data_update.get('remote_search_id')
-
-                    if is_torrent_source and is_remote_enabled:
-                        # Remote torrent download - upload directly to GCS
-                        gcs_destination = f"uploads/{job_id}/audio/"
-
-                        if source_id and source_name:
-                            result = audio_search_service.download_by_id(
-                                source_name=source_name,
-                                source_id=source_id,
-                                output_dir="",
-                                target_file=target_file,
-                                download_url=download_url,
-                                gcs_path=gcs_destination,
-                            )
-                        else:
-                            result = audio_search_service.download(
-                                result_index=best_index,
-                                output_dir="",
-                                gcs_path=gcs_destination,
-                                remote_search_id=remote_search_id,
-                            )
-
-                        # Extract GCS path
-                        if result.filepath.startswith("gs://"):
-                            parts = result.filepath.replace("gs://", "").split("/", 1)
-                            audio_gcs_path = parts[1] if len(parts) == 2 else result.filepath
-                            filename = os.path.basename(result.filepath)
-                        else:
-                            filename = os.path.basename(result.filepath)
-                            audio_gcs_path = f"uploads/{job_id}/audio/{filename}"
-                    else:
-                        # Local download (YouTube or local torrent)
-                        temp_dir = tempfile.mkdtemp(prefix=f"audio_download_{job_id}_")
-                        import shutil
-
-                        try:
-                            if source_id and source_name and is_remote_enabled:
-                                result = audio_search_service.download_by_id(
-                                    source_name=source_name,
-                                    source_id=source_id,
-                                    output_dir=temp_dir,
-                                    target_file=target_file,
-                                    download_url=download_url,
-                                )
-                            elif source_name == 'YouTube' and download_url:
-                                # YouTube download
-                                from backend.workers.audio_worker import download_from_url
-                                local_path = await download_from_url(
-                                    download_url,
-                                    temp_dir,
-                                    selected.get('artist'),
-                                    selected.get('title')
-                                )
-                                if not local_path or not os.path.exists(local_path):
-                                    raise Exception(f"Failed to download from YouTube: {download_url}")
-
-                                class DownloadResult:
-                                    def __init__(self, filepath):
-                                        self.filepath = filepath
-                                result = DownloadResult(local_path)
-                            else:
-                                result = audio_search_service.download(
-                                    result_index=best_index,
-                                    output_dir=temp_dir,
-                                    remote_search_id=remote_search_id,
-                                )
-
-                            # Upload to GCS
-                            filename = os.path.basename(result.filepath)
-                            audio_gcs_path = f"uploads/{job_id}/audio/{filename}"
-
-                            with open(result.filepath, 'rb') as f:
-                                storage_service.upload_fileobj(f, audio_gcs_path, content_type='audio/flac')
-                        finally:
-                            # Always cleanup temp directory
-                            shutil.rmtree(temp_dir, ignore_errors=True)
-
-                    # Update job with GCS path
-                    job_manager.update_job(job_id, {
-                        'input_media_gcs_path': audio_gcs_path,
-                        'filename': filename,
-                    })
-
-                    # Transition to DOWNLOADING and trigger workers
-                    job_manager.transition_to_state(
-                        job_id=job_id,
-                        new_status=JobStatus.DOWNLOADING,
-                        progress=15,
-                        message="Audio downloaded, starting processing"
-                    )
-
-                    # Trigger workers
-                    await asyncio.gather(
-                        worker_service.trigger_audio_worker(job_id),
-                        worker_service.trigger_lyrics_worker(job_id)
-                    )
-
-                    logger.info(f"Job {job_id}: Audio downloaded and workers triggered")
-
-                except Exception as download_error:
-                    logger.error(f"Job {job_id}: Audio download failed: {download_error}")
-                    # Don't fail job - transition to awaiting selection so Andrew can handle
-                    job_manager.transition_to_state(
-                        job_id=job_id,
-                        new_status=JobStatus.AWAITING_AUDIO_SELECTION,
-                        progress=10,
-                        message=f"Auto-download failed: {download_error}. Manual intervention required."
-                    )
-
-        # Send confirmation email to customer
-        email_service.send_email(
+        # Get audio source count for admin notification
+        # (search_results may be set from the search flow above, or None for YouTube URL orders)
+        audio_source_count = len(search_results) if search_results else 0
+
+        # Generate admin login token for one-click email access (24hr expiry)
+        admin_login = user_service.create_admin_login_token(
+            email=ADMIN_EMAIL,
+            expiry_hours=24,
+        )
+
+        # Send confirmation email to customer using professional template
+        email_service.send_made_for_you_order_confirmation(
             to_email=customer_email,
-            subject=f"Your Karaoke Video Order: {artist} - {title}",
-            html_content=f"""
-            <h2>Thank you for your order!</h2>
-            <p>We've received your request for a karaoke video:</p>
-            <ul>
-                <li><strong>Artist:</strong> {artist}</li>
-                <li><strong>Title:</strong> {title}</li>
-                {f'<li><strong>Notes:</strong> {notes}</li>' if notes else ''}
-            </ul>
-            <p>Our team will review and create your video within <strong>24 hours</strong>.</p>
-            <p>You'll receive another email with download links when your video is ready.</p>
-            <p>If you have any questions, reply to this email or contact us at support@nomadkaraoke.com</p>
-            <p>Thanks for using Nomad Karaoke!</p>
-            """,
-            text_content=f"""
-Thank you for your order!
-
-We've received your request for a karaoke video:
-- Artist: {artist}
-- Title: {title}
-{f'- Notes: {notes}' if notes else ''}
-
-Our team will review and create your video within 24 hours.
-You'll receive another email with download links when your video is ready.
-
-If you have any questions, reply to this email or contact us at support@nomadkaraoke.com
-
-Thanks for using Nomad Karaoke!
-            """.strip(),
+            artist=artist,
+            title=title,
+            job_id=job_id,
+            notes=notes,
         )
 
-        # Send notification email to Andrew
-        email_service.send_email(
+        # Send notification email to admin using professional template
+        email_service.send_made_for_you_admin_notification(
             to_email=ADMIN_EMAIL,
-            subject=f"[Done For You Order] {artist} - {title}",
-            html_content=f"""
-            <h2>New Done-For-You Order</h2>
-            <p>A customer has ordered a karaoke video:</p>
-            <ul>
-                <li><strong>Customer:</strong> {customer_email}</li>
-                <li><strong>Artist:</strong> {artist}</li>
-                <li><strong>Title:</strong> {title}</li>
-                <li><strong>Source:</strong> {source_type}</li>
-                {f'<li><strong>YouTube URL:</strong> <a href="{youtube_url}">{youtube_url}</a></li>' if youtube_url else ''}
-                {f'<li><strong>Notes:</strong> {notes}</li>' if notes else ''}
-            </ul>
-            <p><strong>Job ID:</strong> {job_id}</p>
-            <p>View job in admin: <a href="https://gen.nomadkaraoke.com/admin/jobs/{job_id}">Admin Link</a></p>
-            <p>View job as customer: <a href="https://gen.nomadkaraoke.com/jobs/{job_id}">Customer Link</a></p>
-            <p><strong>Deadline:</strong> 24 hours from now</p>
-            """,
-            text_content=f"""
-New Done-For-You Order
-
-Customer: {customer_email}
-Artist: {artist}
-Title: {title}
-Source: {source_type}
-{f'YouTube URL: {youtube_url}' if youtube_url else ''}
-{f'Notes: {notes}' if notes else ''}
-
-Job ID: {job_id}
-Admin: https://gen.nomadkaraoke.com/admin/jobs/{job_id}
-Customer: https://gen.nomadkaraoke.com/jobs/{job_id}
-
-Deadline: 24 hours from now
-            """.strip(),
+            customer_email=customer_email,
+            artist=artist,
+            title=title,
+            job_id=job_id,
+            admin_login_token=admin_login.token,
+            notes=notes,
+            audio_source_count=audio_source_count,
         )
 
-        logger.info(f"Sent done-for-you order notifications for job {job_id}")
+        logger.info(f"Sent made-for-you order notifications for job {job_id}")
 
     except Exception as e:
-        logger.error(f"Error processing done-for-you order: {e}", exc_info=True)
+        logger.error(f"Error processing made-for-you order: {e}", exc_info=True)
         # Still try to notify Andrew of the failure
         try:
             email_service.send_email(
                 to_email=ADMIN_EMAIL,
-                subject=f"[FAILED] Done For You Order: {artist} - {title}",
+                subject=f"[FAILED] Made For You Order: {artist} - {title}",
                 html_content=f"""
-                <h2>Done-For-You Order Failed</h2>
+                <h2>Made-For-You Order Failed</h2>
                 <p>An error occurred processing this order:</p>
                 <ul>
                     <li><strong>Customer:</strong> {customer_email}</li>
@@ -779,7 +706,7 @@ Deadline: 24 hours from now
                 <p>Please manually create this job and notify the customer.</p>
                 """,
                 text_content=f"""
-Done-For-You Order Failed
+Made-For-You Order Failed
 
 Customer: {customer_email}
 Artist: {artist}
@@ -834,10 +761,10 @@ async def stripe_webhook(
             logger.info(f"Skipping already processed session: {session_id}")
             return {"status": "received", "type": event_type, "note": "already_processed"}
 
-        # Check if this is a done-for-you order
-        if metadata.get("order_type") == "done_for_you":
-            # Handle done-for-you order - create a job
-            await _handle_done_for_you_order(
+        # Check if this is a made-for-you order
+        if metadata.get("order_type") == "made_for_you":
+            # Handle made-for-you order - create a job
+            await _handle_made_for_you_order(
                 session_id=session_id,
                 metadata=metadata,
                 user_service=user_service,
@@ -896,6 +823,9 @@ async def enroll_beta_tester(
 
     Returns free credits and optionally a session token for new users.
     """
+    from backend.services.email_validation_service import get_email_validation_service
+    from backend.services.rate_limit_service import get_rate_limit_service
+
     # Check if email service is configured
     if not email_service.is_configured():
         logger.error("Email service not configured - cannot send beta welcome emails")
@@ -905,6 +835,52 @@ async def enroll_beta_tester(
         )
 
     email = request.email.lower()
+    email_validation = get_email_validation_service()
+    rate_limit_service = get_rate_limit_service()
+
+    # ----- ABUSE PREVENTION CHECKS -----
+
+    # 1. Validate email (disposable domain, blocked email checks)
+    is_valid, error_message = email_validation.validate_email_for_beta(email)
+    if not is_valid:
+        logger.warning(f"Beta enrollment rejected - email validation failed: {email} - {error_message}")
+        raise HTTPException(
+            status_code=400,
+            detail=error_message
+        )
+
+    # 2. Check IP blocking
+    ip_address = http_request.client.host if http_request.client else None
+    if ip_address and email_validation.is_ip_blocked(ip_address):
+        logger.warning(f"Beta enrollment rejected - IP blocked: {ip_address}")
+        raise HTTPException(
+            status_code=403,
+            detail="Access denied from this location"
+        )
+
+    # 3. Check IP-based enrollment rate limit (1 per 24h per IP)
+    if ip_address:
+        allowed, remaining, message = rate_limit_service.check_beta_ip_limit(ip_address)
+        if not allowed:
+            logger.warning(f"Beta enrollment rejected - IP rate limit: {ip_address} - {message}")
+            raise HTTPException(
+                status_code=429,
+                detail="Too many beta enrollments from your location. Please try again tomorrow."
+            )
+
+    # 4. Check for duplicate enrollment via normalized email
+    normalized_email = email_validation.normalize_email(email)
+    if normalized_email != email:
+        # Check if normalized version is already enrolled
+        normalized_user = user_service.get_user(normalized_email)
+        if normalized_user and normalized_user.is_beta_tester:
+            logger.warning(f"Beta enrollment rejected - normalized email already enrolled: {email} -> {normalized_email}")
+            raise HTTPException(
+                status_code=400,
+                detail="An account with this email address is already enrolled in the beta program"
+            )
+
+    # ----- END ABUSE PREVENTION CHECKS -----
 
     # Validate acceptance
     if not request.accept_corrections_work:
@@ -929,8 +905,7 @@ async def enroll_beta_tester(
             detail="You are already enrolled in the beta program"
         )
 
-    # Get client info
-    ip_address = http_request.client.host if http_request.client else None
+    # Get client info (ip_address already set above in abuse prevention)
     user_agent = http_request.headers.get("user-agent")
 
     # Enroll as beta tester
@@ -950,6 +925,13 @@ async def enroll_beta_tester(
         reason="beta_tester_enrollment",
     )
 
+    # Record IP enrollment for rate limiting
+    if ip_address:
+        try:
+            rate_limit_service.record_beta_enrollment(ip_address, email)
+        except Exception as e:
+            logger.warning(f"Failed to record beta IP enrollment: {e}")
+
     # Create session for the user (so they can start using the service immediately)
     session = user_service.create_session(email, ip_address=ip_address, user_agent=user_agent)