Account Portal Routes

This project now uses a dedicated Node.js customer portal UI (not Hugo-rendered app pages) served by the provisioning API.

UI routes (served by provisioning API)

• /
• /overview
• /billing
• /exports
• /security

All routes render the same shell and hydrate client-side sections based on path.

Auth and account API routes

• POST /api/account/auth/start
  • starts auth flow
  • in development, can bypass magic link for DEV_BYPASS_EMAIL
• GET /api/account/auth/debug
  • development-only diagnostics for bypass/account matching
• POST /api/account/auth/verify
  • verifies magic link token and creates session cookie
• POST /api/account/auth/logout
  • revokes session and clears cookie
• GET /api/account/me
  • authenticated account + tenant + exports payload
• GET /api/account/overview
  • tenant + provisioning details + tenant events timeline
• GET /api/account/billing
  • billing/plan lifecycle details + Stripe subscription/invoice snapshot when configured
• GET /api/account/exports
  • export history payload for exports screen
• GET /api/account/security
  • auth and session metadata + account audit events for security screen
• POST /api/billing/portal
  • authenticated Stripe customer portal session creation

Notes

• Marketing page /account/ in Hugo links users into the dedicated account subdomain portal.
• Internal/admin tooling remains separate from this customer-facing portal.
• Customers download export files from GooseHub tenant-hosted links sent by email (not from control-plane routes).