Milestone 5.2 — Auth preview and subscriptions
Status: Preview shipped (deployed on ehxlabs.xyz) — anonymous principal + link codes planned for removal in M5.8
Tracking: ehx-kb#12 · Checkout: ehx-web#4
Commits
| Repo | Commit |
|---|---|
| ehx-api | adf4f91, a4f1629 (linked browser metadata + unlink) |
| ehx-web | a01c86a, 1083ece (linked browsers UI + link-code UX) |
| ehx-kb | fd9aadd |
Shipped
Login-bound principals
| Piece | Behavior |
|---|---|
POST /api/v1/auth/signup | Create account, link browser principal, return session token |
POST /api/v1/auth/login | Email lookup (preview — no password when EHX_AUTH_EMAIL_LOGIN=1) |
GET /api/v1/auth/me | Account, linked principals, subscription |
POST /api/v1/auth/link-codes | 8-char code, 15 min (authenticated) |
POST /api/v1/auth/link-codes/redeem | Link new browser principal to account |
POST /api/v1/auth/principals/unlink | Revoke a linked browser principal (cannot unlink current session) |
GET /api/v1/auth/me principals | Each linked browser includes browser label, IP, country, user-agent summary, last_seen_at |
| Session | Authorization: Bearer or X-Ehx-Session + ehx_session cookie |
| Web | /account/login, session panel on /account, Linked browsers list (unlink), link device panel (Step 1 / Step 2 UX) |
Subscriptions (billing preview)
| Piece | Behavior |
|---|---|
subscriptions table | Active plan per account or principal |
| Checkout confirm | Upserts subscription (source: checkout_stub, 30-day period) |
| Entitlements | subscription beats checkout_stub when resolving tier |
| Account API | entitlements_source: subscription on plan/dashboard |
| Metered calls | Chat, generate, plan, activity, usage banner send Bearer + principal |
Cross-device flow (preview — superseded by M5.8)
Planned: Users sign in with Auth0 on each browser. Link codes will be deprecated. See milestone-5-8-auth-required-product.md.
- Browser A: checkout confirms → subscription on principal (or account if logged in)
- Browser A: sign up at
/account/loginwith email → account + session - Browser A: Generate link code on
/account - Browser B: Redeem code → principal linked; subscriptions migrate to account
- Browser B: plan/chat use account tier via session token (no second payment)
Try
/checkout→ confirm (or simulate) on browser A/account/login→ sign up with email/account→ generate link code- Second browser/incognito → redeem code →
/account/planshows Team tier
Configuration
| Variable | Default | Notes |
|---|---|---|
EHX_AUTH_EMAIL_LOGIN | 1 | Email-only login (no password) |
EHX_DATABASE_URL | required | Postgres for accounts, sessions, subscriptions |
Not yet shipped
- Passwords, OAuth, email verification
- Real payment processor / custodial addresses (ehx-web#4)
- Subscription cancel/renew webhooks
- Invoice PDFs
Related
- milestone-checkout-settlement-binding.md
- milestone-5-1-account-dashboard.md
- feature-tier-registry.md
- milestone-5-2h-operator-grants-promo.md — trials, comps, promos (P1, planned)