Release v0.4.2: deduped app.py and secure portal PDF access

1 week ago · 45fb6def10
5 changed files with 227 additions and 3260 deletions
--- a/PROJECT_STATE.md
+++ b/PROJECT_STATE.md
@ -1,34 +1,16 @@
 Project: OTB Billing
-Version: v0.4.1
+Version: v0.4.2
 Last Updated: 2026-03-12
-Status: Stable savepoint before app.py dedupe/refactor
+Status: Stable post-dedupe checkpoint
 Current State:
- Flask app runs under systemd as otb_billing.service.
+- backend/app.py deduped and running cleanly under systemd.
- Service starts through /home/def/otb_billing/run_dev.sh.
+- Portal supports email + one-time access code, forced password setup, dashboard, invoice detail, and secure PDF access.
- Runtime environment is loaded from /home/def/otb_billing/.env by the shell wrapper.
+- New/editable invoices write invoice_items automatically.
 - App listens on 0.0.0.0:5050 for mintme webfront proxy access.
 - Public portal host: portal.outsidethebox.top
- Portal supports email + one-time access code, then forced password setup.
+- Billing host: otb-billing.outsidethebox.top
 - Portal dashboard shows invoices, totals, and invoice detail pages.
 - New invoices and editable unlocked invoices now write invoice_items automatically.
 - Existing older invoices may remain summary-only if no invoice_items were historically stored.
 - backend/app.py still contains duplicated larger sections and is queued for controlled cleanup next.
 Important Paths:
 - Project root: /home/def/otb_billing
 - App entry: /home/def/otb_billing/backend/app.py
 - Health module: /home/def/otb_billing/backend/health.py
 - Runtime wrapper: /home/def/otb_billing/run_dev.sh
 - Env file: /home/def/otb_billing/.env
 - Service unit: /etc/systemd/system/otb_billing.service
 - Repo copy of unit: /home/def/otb_billing/deploy/systemd/otb_billing.service
 Operations:
 - sudo systemctl status otb_billing
 - sudo systemctl restart otb_billing
 - sudo journalctl -u otb_billing -f
 Next Planned Work:
 - Controlled dedupe/refactor of duplicate sections in backend/app.py
 - Preserve all currently working portal and billing behavior during cleanup
--- a/README.md
+++ b/README.md
@ -1,3 +1,10 @@
 ## v0.4.2 - 2026-03-12
 - Deduped backend/app.py and removed duplicated major route/function sections.
 - Removed the text_for_pdf_routes snapshot hack from active runtime path.
 - Added secure portal-safe invoice PDF route.
 - Confirmed portal login, dashboard, invoice detail, invoice itemization, and PDF access flow.
 - This version is the first clean post-dedupe checkpoint.
 ## v0.4.1 - 2026-03-12
 - Added secure client portal login using email plus one-time access code.
 - Added forced password setup on first portal login.
--- a/2
+++ b/2
@ -1 +1 @@
-v0.4.1
+v0.4.2
--- a/backend/app.py
+++ b/backend/app.py
--- a/templates/portal_invoice_detail.html
+++ b/templates/portal_invoice_detail.html
@ -156,7 +156,7 @@
    {% if pdf_url %}
    <div class="invoice-actions">
-        <a href="{{ pdf_url }}" target="_blank" rel="noopener noreferrer">Open Invoice PDF</a>
+        <a href="/portal/invoice/{{ invoice.id }}/pdf" target="_blank" rel="noopener noreferrer">Open Invoice PDF</a>
    </div>
    {% endif %}
 </div>