feat(pitch-deck): passwordless investor auth, audit logs, snapshots & PWA (#2)

Adds investor-facing access controls, persistence, and PWA support to the pitch deck: - Passwordless magic-link auth (jose JWT + nodemailer SMTP) - Per-investor audit logging (logins, slide views, assumption changes, chat) - Financial model snapshot persistence (auto-save/restore per investor) - PWA support (manifest, service worker, offline caching, branded icons) - Safeguards: email watermark overlay, security headers, content protection, rate limiting, IP/new-IP detection, single active session per investor - Admin API: invite, list investors, revoke, query audit logs - pitch-deck service added to docker-compose.coolify.yml Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-07 08:48:38 +00:00
parent 3a2567b44d
commit 645973141c
35 changed files with 4232 additions and 14 deletions
--- a/pitch-deck/app/api/admin/revoke/route.ts
+++ b/pitch-deck/app/api/admin/revoke/route.ts
@@ -0,0 +1,26 @@
+import { NextRequest, NextResponse } from 'next/server'
+import pool from '@/lib/db'
+import { validateAdminSecret, revokeAllSessions, logAudit } from '@/lib/auth'
+
+export async function POST(request: NextRequest) {
+  if (!validateAdminSecret(request)) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+
+  const body = await request.json()
+  const { investor_id } = body
+
+  if (!investor_id) {
+    return NextResponse.json({ error: 'investor_id required' }, { status: 400 })
+  }
+
+  await pool.query(
+    `UPDATE pitch_investors SET status = 'revoked', updated_at = NOW() WHERE id = $1`,
+    [investor_id]
+  )
+
+  await revokeAllSessions(investor_id)
+  await logAudit(investor_id, 'investor_revoked', {}, request)
+
+  return NextResponse.json({ success: true })
+}