will.anderson
fe418bf3f7
Dev — Build & local smoke test / build-smoke (pull_request) Successful in 2m10s
Gate the demo chat behind Supabase auth: the widget now fetches Supabase config on open, shows a compact sign-in pane (Google OAuth or email/password) when the user is unauthenticated, and passes the access_token to /api/demo. The server verifies the token via supabase_auth_user() before any processing and uses the verified user ID as the rate-limit key. Add a budget kill switch: a demo_config table in Supabase holds a demo_enabled flag that /api/demo polls every 60s (cached, fails open). A Cloud Function (demo-budget-guard) is triggered by a GCP Pub/Sub budget alert and sets demo_enabled = 'false' when spend crosses 90% of the $150 daily budget. Budget and topic are provisioned; function is live in us-central1.