Upload 5 files

auth.py

@@ -0,0 +1,104 @@
+"""
+app/routes/auth.py
+Auth endpoints: OTP request, OTP verify, logout, profile.
+Wraps app/services/auth.py logic.
+"""
+import logging
+from fastapi import APIRouter, Request, Form, HTTPException
+from fastapi.responses import JSONResponse
+from app.services.auth import (
+    send_email_otp, verify_email_otp,
+    create_session, revoke_session, get_user_from_token,
+)
+from app.models.db import db_conn
+
+logger = logging.getLogger(__name__)
+router = APIRouter(prefix="/auth", tags=["auth"])
+
+
+@router.post("/request-otp")
+async def request_otp(email: str = Form(...)):
+    """Send a 6-digit OTP to the user's email. Dev mode: returns OTP in response."""
+    try:
+        otp = send_email_otp(email)
+        return JSONResponse({
+            "sent"   : True,
+            "message": "OTP sent. Check your email.",
+            # Remove next line in production — only for dev/HF testing
+            "_dev_otp": otp,
+        })
+    except Exception as exc:
+        logger.error("OTP request failed: %s", exc)
+        raise HTTPException(status_code=500, detail="Could not send OTP")
+
+
+@router.post("/verify-otp")
+async def verify_otp(
+    request: Request,
+    email: str = Form(...),
+    otp  : str = Form(...),
+):
+    """Verify OTP. Returns session token on success."""
+    user = verify_email_otp(email, otp)
+    if not user:
+        raise HTTPException(status_code=401, detail="Invalid or expired OTP")
+    device_hint = request.headers.get("user-agent", "")[:100]
+    token       = create_session(user["id"], device_hint)
+    return JSONResponse({
+        "token"   : token,
+        "user_id" : user["id"],
+        "email"   : user.get("email", ""),
+        "is_pro"  : bool(user.get("is_pro", 0)),
+        "message" : "Login successful",
+    })
+
+
+@router.post("/logout")
+async def logout(request: Request):
+    """Revoke the current session token."""
+    auth  = request.headers.get("Authorization", "")
+    token = auth.removeprefix("Bearer ").strip() if auth.startswith("Bearer ") else None
+    if token:
+        revoke_session(token)
+    return JSONResponse({"logged_out": True})
+
+
+@router.get("/me")
+async def get_me(request: Request):
+    """Return current user profile from Bearer token."""
+    auth  = request.headers.get("Authorization", "")
+    token = auth.removeprefix("Bearer ").strip() if auth.startswith("Bearer ") else None
+    user  = get_user_from_token(token) if token else None
+    if not user:
+        raise HTTPException(status_code=401, detail="Not authenticated")
+    return JSONResponse({
+        "user_id"    : user["id"],
+        "email"      : user.get("email", ""),
+        "name"       : user.get("name", ""),
+        "is_pro"     : bool(user.get("is_pro", 0)),
+        "streak_days": user.get("streak_days", 0),
+        "persona"    : user.get("persona", "General Adult"),
+        "language"   : user.get("language", "en"),
+    })
+
+
+@router.put("/profile")
+async def update_profile(
+    request : Request,
+    name    : str   = Form(""),
+    persona : str   = Form("General Adult"),
+    language: str   = Form("en"),
+    tdee    : float = Form(2000),
+):
+    """Update user profile fields."""
+    auth  = request.headers.get("Authorization", "")
+    token = auth.removeprefix("Bearer ").strip() if auth.startswith("Bearer ") else None
+    user  = get_user_from_token(token) if token else None
+    if not user:
+        raise HTTPException(status_code=401, detail="Not authenticated")
+    with db_conn() as conn:
+        conn.execute(
+            "UPDATE users SET name=?, persona=?, language=?, tdee=? WHERE id=?",
+            (name, persona, language, tdee, user["id"])
+        )
+    return JSONResponse({"updated": True})

conftest.py

@@ -0,0 +1,4 @@
+import sys
+import os
+# Ensure project root is on path so `from app.xxx` works in tests
+sys.path.insert(0, os.path.dirname(os.path.dirname(os.path.abspath(__file__))))

db.py

@@ -0,0 +1,290 @@
+"""
+app/models/db.py
+Database schema, connection management, and initialisation.
+Uses SQLite with WAL mode for single-server MVP.
+Migration path: swap sqlite3 for asyncpg/SQLAlchemy when ≥100 DAU.
+"""
+import os
+import json
+import sqlite3
+import threading
+import logging
+from contextlib import contextmanager
+
+logger = logging.getLogger(__name__)
+
+DATA_DIR = os.path.join(os.getcwd(), "data")
+DB_FILE  = os.path.join(DATA_DIR, "eatlytic.db")
+os.makedirs(DATA_DIR, exist_ok=True)
+
+
+def get_connection() -> sqlite3.Connection:
+    conn = sqlite3.connect(DB_FILE, check_same_thread=False, timeout=15)
+    conn.row_factory = sqlite3.Row
+    conn.execute("PRAGMA journal_mode=WAL")
+    conn.execute("PRAGMA foreign_keys=ON")
+    conn.execute("PRAGMA synchronous=NORMAL")  # fast + safe in WAL mode
+    return conn
+
+
+@contextmanager
+def db_conn():
+    """Thread-safe context manager: auto-commit on success, rollback on error."""
+    conn = get_connection()
+    try:
+        yield conn
+        conn.commit()
+    except Exception:
+        conn.rollback()
+        raise
+    finally:
+        conn.close()
+
+
+def init_db() -> None:
+    """Idempotent schema creation. Run at startup."""
+    with db_conn() as conn:
+        conn.executescript("""
+            -- ── USERS (Phase 1: real accounts) ───────────────────────
+            CREATE TABLE IF NOT EXISTS users (
+                id           TEXT PRIMARY KEY,           -- UUID
+                email        TEXT UNIQUE,
+                phone        TEXT UNIQUE,
+                name         TEXT DEFAULT '',
+                created_at   TEXT DEFAULT (datetime('now')),
+                last_login   TEXT DEFAULT (datetime('now')),
+                is_pro       INTEGER DEFAULT 0,
+                pro_expires  TEXT DEFAULT NULL,
+                stripe_customer_id TEXT DEFAULT NULL,    -- Razorpay customer
+                scan_count_month INTEGER DEFAULT 0,
+                scan_month   TEXT DEFAULT '',
+                streak_days  INTEGER DEFAULT 0,
+                last_scan_date TEXT DEFAULT '',
+                tdee         REAL DEFAULT 0,
+                persona      TEXT DEFAULT 'General Adult',
+                language     TEXT DEFAULT 'en',
+                onboarding_done INTEGER DEFAULT 0
+            );
+
+            -- ── SESSIONS / TOKENS ─────────────────────────────────────
+            CREATE TABLE IF NOT EXISTS sessions (
+                token        TEXT PRIMARY KEY,
+                user_id      TEXT NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+                created_at   TEXT DEFAULT (datetime('now')),
+                expires_at   TEXT NOT NULL,
+                device_hint  TEXT DEFAULT ''
+            );
+            CREATE INDEX IF NOT EXISTS idx_sessions_user ON sessions(user_id);
+
+            -- ── LEGACY DEVICE KEYS (for anonymous users) ──────────────
+            CREATE TABLE IF NOT EXISTS devices (
+                device_key      TEXT PRIMARY KEY,
+                user_id         TEXT REFERENCES users(id),  -- NULL = anonymous
+                created_at      TEXT DEFAULT (datetime('now')),
+                is_pro          INTEGER DEFAULT 0,
+                month           TEXT DEFAULT '',
+                scan_count      INTEGER DEFAULT 0,
+                streak_days     INTEGER DEFAULT 0,
+                last_scan_date  TEXT DEFAULT '',
+                persona         TEXT DEFAULT 'General Adult',
+                language        TEXT DEFAULT 'en',
+                tdee            REAL DEFAULT 0,
+                onboarding_done INTEGER DEFAULT 0
+            );
+
+            -- ── SCANS ─────────────────────────────────────────────────
+            CREATE TABLE IF NOT EXISTS scans (
+                id            INTEGER PRIMARY KEY AUTOINCREMENT,
+                user_id       TEXT REFERENCES users(id),
+                device_key    TEXT,
+                product_name  TEXT DEFAULT 'Unknown',
+                score         INTEGER DEFAULT 0,
+                verdict       TEXT DEFAULT '',
+                calories      REAL DEFAULT 0,
+                protein       REAL DEFAULT 0,
+                carbs         REAL DEFAULT 0,
+                fat           REAL DEFAULT 0,
+                sodium        REAL DEFAULT 0,
+                fiber         REAL DEFAULT 0,
+                sugar         REAL DEFAULT 0,
+                persona       TEXT DEFAULT '',
+                language      TEXT DEFAULT 'en',
+                scanned_at    TEXT DEFAULT (datetime('now')),
+                analysis_json TEXT DEFAULT '{}',
+                -- Moat columns: verified data feeds proprietary DB
+                verified      INTEGER DEFAULT 0,
+                verified_by   TEXT DEFAULT NULL,
+                verified_at   TEXT DEFAULT NULL,
+                barcode       TEXT DEFAULT NULL,
+                brand         TEXT DEFAULT NULL,
+                category      TEXT DEFAULT NULL
+            );
+            CREATE INDEX IF NOT EXISTS idx_scans_user   ON scans(user_id);
+            CREATE INDEX IF NOT EXISTS idx_scans_device ON scans(device_key);
+            CREATE INDEX IF NOT EXISTS idx_scans_date   ON scans(scanned_at);
+            CREATE INDEX IF NOT EXISTS idx_scans_product ON scans(product_name);
+
+            -- ── DAILY LOGS ────────────────────────────────────────────
+            CREATE TABLE IF NOT EXISTS daily_logs (
+                id          INTEGER PRIMARY KEY AUTOINCREMENT,
+                user_id     TEXT REFERENCES users(id),
+                device_key  TEXT,
+                log_date    TEXT NOT NULL,
+                meal_name   TEXT DEFAULT '',
+                calories    REAL DEFAULT 0,
+                protein     REAL DEFAULT 0,
+                carbs       REAL DEFAULT 0,
+                fat         REAL DEFAULT 0,
+                sodium      REAL DEFAULT 0,
+                fiber       REAL DEFAULT 0,
+                sugar       REAL DEFAULT 0,
+                source      TEXT DEFAULT 'scan',  -- scan | manual | search
+                logged_at   TEXT DEFAULT (datetime('now'))
+            );
+            CREATE INDEX IF NOT EXISTS idx_daily_user_date ON daily_logs(user_id, log_date);
+            CREATE INDEX IF NOT EXISTS idx_daily_dev_date  ON daily_logs(device_key, log_date);
+
+            -- ── ALLERGEN PROFILES ─────────────────────────────────────
+            CREATE TABLE IF NOT EXISTS allergen_profiles (
+                device_key  TEXT PRIMARY KEY,
+                user_id     TEXT REFERENCES users(id),
+                allergens   TEXT DEFAULT '[]',
+                conditions  TEXT DEFAULT '[]',
+                updated_at  TEXT DEFAULT (datetime('now'))
+            );
+
+            -- ── PROPRIETARY FOOD DATABASE (Phase 2 moat) ──────────────
+            -- Every scan feeds this. After 10K entries, it's a data asset.
+            CREATE TABLE IF NOT EXISTS food_products (
+                id              INTEGER PRIMARY KEY AUTOINCREMENT,
+                barcode         TEXT UNIQUE,          -- EAN-13 if available
+                name            TEXT NOT NULL,
+                brand           TEXT DEFAULT '',
+                category        TEXT DEFAULT '',
+                -- Verified nutrition per 100g
+                calories_100g   REAL DEFAULT 0,
+                protein_100g    REAL DEFAULT 0,
+                carbs_100g      REAL DEFAULT 0,
+                fat_100g        REAL DEFAULT 0,
+                sodium_100g     REAL DEFAULT 0,
+                fiber_100g      REAL DEFAULT 0,
+                sugar_100g      REAL DEFAULT 0,
+                sat_fat_100g    REAL DEFAULT 0,
+                -- Eatlytic scoring
+                eatlytic_score  INTEGER DEFAULT 0,
+                fssai_compliant INTEGER DEFAULT 0,
+                ingredients_raw TEXT DEFAULT '',
+                allergens_json  TEXT DEFAULT '[]',
+                -- Data provenance
+                source          TEXT DEFAULT 'llm_scan',  -- llm_scan | human_verified | off_import
+                scan_count      INTEGER DEFAULT 0,        -- how many times scanned
+                verified        INTEGER DEFAULT 0,
+                verified_by     TEXT DEFAULT NULL,
+                created_at      TEXT DEFAULT (datetime('now')),
+                updated_at      TEXT DEFAULT (datetime('now'))
+            );
+            CREATE INDEX IF NOT EXISTS idx_food_barcode ON food_products(barcode);
+            CREATE INDEX IF NOT EXISTS idx_food_name    ON food_products(name);
+            CREATE INDEX IF NOT EXISTS idx_food_brand   ON food_products(brand);
+
+            -- ── ACCURACY BENCHMARKS (Phase 2) ─────────────────────────
+            CREATE TABLE IF NOT EXISTS benchmarks (
+                id              INTEGER PRIMARY KEY AUTOINCREMENT,
+                product_name    TEXT NOT NULL,
+                ground_truth_json TEXT NOT NULL,  -- hand-verified nutrition data
+                llm_output_json TEXT DEFAULT '{}',
+                ocr_text        TEXT DEFAULT '',
+                f1_score        REAL DEFAULT 0,
+                score_delta     REAL DEFAULT 0,   -- LLM score vs verified score
+                field_accuracy  TEXT DEFAULT '{}', -- per-field accuracy JSON
+                tested_at       TEXT DEFAULT (datetime('now')),
+                model_used      TEXT DEFAULT ''
+            );
+
+            -- ── NPS ───────────────────────────────────────────────────
+            CREATE TABLE IF NOT EXISTS nps_responses (
+                id           INTEGER PRIMARY KEY AUTOINCREMENT,
+                device_key   TEXT,
+                user_id      TEXT REFERENCES users(id),
+                score        INTEGER NOT NULL,
+                comment      TEXT DEFAULT '',
+                submitted_at TEXT DEFAULT (datetime('now'))
+            );
+
+            -- ── PAYMENTS ──────────────────────────────────────────────
+            CREATE TABLE IF NOT EXISTS payments (
+                id              INTEGER PRIMARY KEY AUTOINCREMENT,
+                user_id         TEXT REFERENCES users(id),
+                device_key      TEXT,
+                razorpay_order_id    TEXT UNIQUE,
+                razorpay_payment_id  TEXT UNIQUE,
+                razorpay_signature   TEXT DEFAULT '',
+                amount_paise    INTEGER DEFAULT 19900,  -- ₹199
+                currency        TEXT DEFAULT 'INR',
+                status          TEXT DEFAULT 'created', -- created|paid|failed
+                plan            TEXT DEFAULT 'pro_monthly',
+                created_at      TEXT DEFAULT (datetime('now')),
+                paid_at         TEXT DEFAULT NULL
+            );
+
+            -- ── B2B API KEYS ──────────────────────────────────────────
+            CREATE TABLE IF NOT EXISTS api_keys (
+                api_key          TEXT PRIMARY KEY,
+                client_name      TEXT NOT NULL,
+                plan             TEXT DEFAULT 'business',
+                scans_this_month INTEGER DEFAULT 0,
+                month            TEXT DEFAULT '',
+                active           INTEGER DEFAULT 1,
+                created_at       TEXT DEFAULT (datetime('now'))
+            );
+
+            -- ── CACHES ────────────────────────────────────────────────
+            CREATE TABLE IF NOT EXISTS ocr_cache (
+                cache_key   TEXT PRIMARY KEY,
+                result_json TEXT NOT NULL,
+                created_at  TEXT DEFAULT (datetime('now'))
+            );
+            CREATE TABLE IF NOT EXISTS ai_cache (
+                cache_key   TEXT PRIMARY KEY,
+                result_json TEXT NOT NULL,
+                created_at  TEXT DEFAULT (datetime('now'))
+            );
+        """)
+    logger.info("Database ready: %s", DB_FILE)
+
+
+# ── Cache helpers ──────────────────────────────────────────────────────
+def get_ocr_cache(key: str):
+    try:
+        with db_conn() as c:
+            row = c.execute("SELECT result_json FROM ocr_cache WHERE cache_key=?", (key,)).fetchone()
+        return json.loads(row["result_json"]) if row else None
+    except Exception:
+        return None
+
+
+def set_ocr_cache(key: str, value: dict):
+    try:
+        with db_conn() as c:
+            c.execute("INSERT OR REPLACE INTO ocr_cache(cache_key,result_json) VALUES(?,?)",
+                      (key, json.dumps(value)))
+    except Exception as exc:
+        logger.warning("set_ocr_cache: %s", exc)
+
+
+def get_ai_cache(key: str):
+    try:
+        with db_conn() as c:
+            row = c.execute("SELECT result_json FROM ai_cache WHERE cache_key=?", (key,)).fetchone()
+        return json.loads(row["result_json"]) if row else None
+    except Exception:
+        return None
+
+
+def set_ai_cache(key: str, value: dict):
+    try:
+        with db_conn() as c:
+            c.execute("INSERT OR REPLACE INTO ai_cache(cache_key,result_json) VALUES(?,?)",
+                      (key, json.dumps(value)))
+    except Exception as exc:
+        logger.warning("set_ai_cache: %s", exc)

main.py

@@ -0,0 +1,723 @@
+"""
+Eatlytic v4 — Modular FastAPI Application
+=========================================
+Architecture:
+  app/models/db.py        — SQLite schema, connection, caching
+  app/services/auth.py    — User accounts, OTP, sessions
+  app/services/payments.py— Razorpay integration (real payments)
+  app/services/image.py   — Blur detection + Wiener deblurring pipeline
+  app/services/ocr.py     — EasyOCR wrapper, label detection
+  app/services/llm.py     — LLM abstraction, food DB population
+  app/routes/auth.py      — /auth/* endpoints
+  app/routes/payments.py  — /payments/* endpoints
+  app/routes/food_db.py   — /food-db/* endpoints (Phase 2 moat)
+  app/routes/benchmarks.py— /benchmarks/* endpoints (accuracy system)
+  main.py                 — app factory, legacy routes, startup
+
+Run: uvicorn main:app --host 0.0.0.0 --port 7860
+Test: pytest tests/ -v
+"""
+
+import os
+import re
+import json
+import asyncio
+import logging
+import hashlib
+import datetime
+import secrets
+from io import BytesIO
+
+from fastapi import FastAPI, File, UploadFile, Form, Request, HTTPException, Security
+from fastapi.middleware.cors import CORSMiddleware
+from fastapi.responses import FileResponse, JSONResponse, Response
+from fastapi.security import APIKeyHeader
+from slowapi import Limiter, _rate_limit_exceeded_handler
+from slowapi.util import get_remote_address
+from slowapi.errors import RateLimitExceeded
+
+# ── DuckDuckGo: guarded import ─────────────────────────────────────────
+try:
+    from duckduckgo_search import DDGS as _DDGS; _DDGS_OK = True
+except Exception:
+    _DDGS = None; _DDGS_OK = False
+
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+# ── App factory ────────────────────────────────────────────────────────
+limiter = Limiter(key_func=get_remote_address)
+app     = FastAPI(title="Eatlytic v4 — Food Intelligence", version="4.0")
+app.state.limiter = limiter
+app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler)
+
+_ALLOWED_ORIGIN = os.environ.get("ALLOWED_ORIGIN", "*")
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins     = [_ALLOWED_ORIGIN],
+    allow_methods     = ["GET", "POST", "DELETE", "PATCH"],
+    allow_headers     = ["*"],
+    allow_credentials = _ALLOWED_ORIGIN != "*",
+)
+
+# ── DB init at startup ─────────────────────────────────────────────────
+from app.models.db import init_db, db_conn
+init_db()
+
+# ── Import + mount modular routers ────────────────────────────────────
+from app.routes.auth       import router as auth_router
+from app.routes.payments   import router as payments_router
+from app.routes.food_db    import router as food_db_router
+from app.routes.benchmarks import router as benchmarks_router
+
+app.include_router(auth_router)
+app.include_router(payments_router)
+app.include_router(food_db_router)
+app.include_router(benchmarks_router)
+
+# ── Import services ────────────────────────────────────────────────────
+from app.services.image import (
+    validate_image, assess_image_quality, deblur_and_enhance,
+    image_to_b64, ocr_quality_score,
+)
+from app.services.ocr import run_ocr, detect_label_presence
+from app.services.llm import (
+    analyse_label, upsert_food_product, MEDICAL_DISCLAIMER, LANGUAGE_MAP
+)
+from app.services.auth import (
+    get_user_from_token, check_and_increment_scan_user,
+    update_streak_user,
+)
+
+FREE_SCAN_LIMIT = int(os.environ.get("FREE_SCAN_LIMIT", "10"))
+GROQ_API_KEY    = os.environ.get("GROQ_API_KEY", "")
+api_key_header  = APIKeyHeader(name="X-API-Key", auto_error=False)
+
+
+# ── Auth helpers ───────────────────────────────────────────────────────
+def _get_request_user(request: Request):
+    """Extract authenticated user from Bearer token (optional)."""
+    auth  = request.headers.get("Authorization", "")
+    token = auth.removeprefix("Bearer ").strip() if auth.startswith("Bearer ") else None
+    return get_user_from_token(token) if token else None
+
+
+def _device_key(request: Request) -> str:
+    ip = request.client.host if request.client else "unknown"
+    ua = request.headers.get("user-agent", "")
+    return hashlib.md5(f"{ip}:{ua}".encode()).hexdigest()[:16]
+
+
+def _ensure_device(device_key: str):
+    try:
+        with db_conn() as conn:
+            conn.execute("INSERT OR IGNORE INTO devices(device_key) VALUES(?)", (device_key,))
+    except Exception:
+        pass
+
+
+def _check_scan_quota(user, device_key: str) -> dict:
+    """Check quota for authenticated user; fall back to device for anonymous."""
+    if user:
+        return check_and_increment_scan_user(user["id"])
+    # Legacy anonymous path
+    month_key = datetime.date.today().isoformat()[:7]
+    _ensure_device(device_key)
+    with db_conn() as conn:
+        row = conn.execute(
+            "SELECT is_pro, month, scan_count FROM devices WHERE device_key=?", (device_key,)
+        ).fetchone()
+        if not row:
+            return {"allowed": False, "scans_used": 0, "scans_remaining": 0, "is_pro": False}
+        if row["month"] != month_key:
+            conn.execute("UPDATE devices SET month=?, scan_count=0 WHERE device_key=?",
+                         (month_key, device_key))
+            count = 0
+        else:
+            count = row["scan_count"]
+        if row["is_pro"]:
+            conn.execute("UPDATE devices SET scan_count=scan_count+1 WHERE device_key=?", (device_key,))
+            return {"allowed": True, "scans_used": count+1, "scans_remaining": 9999, "is_pro": True}
+        if count >= FREE_SCAN_LIMIT:
+            return {"allowed": False, "scans_used": count, "scans_remaining": 0, "is_pro": False}
+        conn.execute("UPDATE devices SET scan_count=scan_count+1 WHERE device_key=?", (device_key,))
+        new = count + 1
+        return {"allowed": True, "scans_used": new,
+                "scans_remaining": FREE_SCAN_LIMIT - new, "is_pro": False}
+
+
+def _get_live_search(query: str) -> str:
+    if not _DDGS_OK:
+        return "Web search unavailable."
+    try:
+        with _DDGS() as ddgs:
+            results = [f"{r['title']}: {r['body']}" for r in ddgs.text(query, max_results=3)]
+        return "\n".join(results) if results else "No web data."
+    except Exception as exc:
+        logger.warning("Web search: %s", exc)
+        return "No web data."
+
+
+def _verify_api_key(api_key: str = Security(api_key_header)):
+    if not api_key:
+        return None
+    with db_conn() as conn:
+        row = conn.execute(
+            "SELECT * FROM api_keys WHERE api_key=? AND active=1", (api_key,)
+        ).fetchone()
+    return dict(row) if row else None
+
+
+# ══════════════════════════════════════════════════════════════════════
+#  CORE ROUTES
+# ══════════════════════════════════════════════════════════════════════
+
+@app.get("/")
+async def home():
+    return FileResponse("index.html")
+
+
+@app.get("/health")
+async def health():
+    return {"status": "ok", "version": "4.0", "db": "sqlite-wal"}
+
+
+@app.post("/check-image")
+@limiter.limit("30/minute")
+async def check_image(request: Request, image: UploadFile = File(...)):
+    content = await image.read()
+    content = validate_image(content)
+    return assess_image_quality(content)
+
+
+@app.post("/enhance-preview")
+@limiter.limit("20/minute")
+async def enhance_preview(request: Request, image: UploadFile = File(...)):
+    content = await image.read()
+    content = validate_image(content)
+    quality = assess_image_quality(content)
+    if not quality["is_blurry"]:
+        return JSONResponse({"deblurred": False, "message": "Image already clear.", "quality": quality})
+    enhanced, method_log = deblur_and_enhance(content, quality["blur_severity"])
+    return JSONResponse({"deblurred": True, "image_b64": image_to_b64(enhanced),
+                         "method_log": method_log, "quality_before": quality})
+
+
+@app.post("/ocr")
+@limiter.limit("20/minute")
+async def perform_ocr(request: Request, image: UploadFile = File(...),
+                      language: str = Form("en")):
+    content = await image.read()
+    content = validate_image(content)
+    return run_ocr(content, language)
+
+
+@app.post("/analyze")
+@limiter.limit("15/minute")
+async def analyze_product(
+    request          : Request,
+    persona          : str        = Form(...),
+    age_group        : str        = Form("adult"),
+    product_category : str        = Form("general"),
+    language         : str        = Form("en"),
+    extracted_text   : str        = Form(None),
+    image            : UploadFile = File(...),
+):
+    if not GROQ_API_KEY:
+        return JSONResponse({"error": "Server error: GROQ_API_KEY not set"})
+
+    user       = _get_request_user(request)
+    device_key = _device_key(request)
+    scan_check = _check_scan_quota(user, device_key)
+
+    if not scan_check["allowed"]:
+        return JSONResponse(status_code=402, content={
+            "error"      : "scan_limit_reached",
+            "message"    : f"You've used all {FREE_SCAN_LIMIT} free scans this month.",
+            "upgrade_url": "/payments/create-order",
+        })
+
+    try:
+        content = await image.read()
+        content = validate_image(content)          # ← 10MB limit enforcement
+        quality = assess_image_quality(content)
+        blur_info = {"detected": quality["is_blurry"], "severity": quality["blur_severity"],
+                     "score": quality["blur_score"], "deblurred": False,
+                     "method_log": None, "image_b64": None, "ocr_source": "original"}
+        working = content
+
+        if quality["is_blurry"]:
+            try:
+                enhanced, method_log = deblur_and_enhance(content, quality["blur_severity"])
+                if (ocr_quality_score(run_ocr(enhanced, language)) >=
+                        ocr_quality_score(run_ocr(content, language)) * 0.85):
+                    working                 = enhanced
+                    blur_info["deblurred"]  = True
+                    blur_info["method_log"] = method_log
+                    blur_info["image_b64"]  = image_to_b64(enhanced)
+                    blur_info["ocr_source"] = "deblurred"
+                    extracted_text          = None
+            except Exception as exc:
+                logger.warning("Deblur failed: %s", exc)
+
+        if not extracted_text:
+            ocr_result     = run_ocr(working, language)
+            extracted_text = ocr_result["text"]
+            ocr_word_count = ocr_result["word_count"]
+        else:
+            ocr_word_count = len(extracted_text.split())
+
+        if not extracted_text or ocr_word_count == 0:
+            return JSONResponse({"error": "no_text",
+                "message": "No text found. Make sure the label side is facing the camera.",
+                "tip": "flip_product"})
+
+        label_check = detect_label_presence(extracted_text)
+        if not label_check["has_label"]:
+            tip = label_check["suggestion"] or "flip_product"
+            msg = ("This looks like the front of the product. Flip it over and scan the back label."
+                   if tip == "wrong_side" else "Could not find nutrition or ingredient information.")
+            return JSONResponse({"error": "no_label", "message": msg, "tip": tip,
+                                 "front_words_found": label_check.get("front_hits", [])})
+
+        # Allergen check
+        allergen_warning = ""
+        owner_id = user["id"] if user else None
+        try:
+            with db_conn() as conn:
+                row = conn.execute(
+                    "SELECT allergens,conditions FROM allergen_profiles WHERE device_key=?",
+                    (device_key,)
+                ).fetchone()
+            if row:
+                tl       = extracted_text.lower()
+                triggered = [a for a in json.loads(row["allergens"] or "[]") if a.lower() in tl] + \
+                            [c for c in json.loads(row["conditions"] or "[]") if c.lower() in tl]
+                if triggered:
+                    allergen_warning = f"⚠️ ALLERGEN ALERT — may contain: {', '.join(triggered)}"
+        except Exception as exc:
+            logger.warning("Allergen check: %s", exc)
+
+        # Web search (non-blocking)
+        web_context = await asyncio.to_thread(
+            _get_live_search, f"health analysis ingredients {extracted_text[:120]}")
+
+        # LLM analysis
+        result = await analyse_label(
+            extracted_text, persona, age_group, product_category,
+            language, web_context, blur_info, label_check.get("confidence", "medium")
+        )
+        result["allergen_warning"] = allergen_warning
+        result["blur_info"]        = blur_info
+        result["scan_meta"]        = scan_check
+
+        # Auto-log to daily tracker
+        today = datetime.date.today().isoformat()
+        nutr  = {n["name"].lower(): float(n.get("value", 0))
+                 for n in result.get("nutrient_breakdown", [])
+                 if isinstance(n.get("value"), (int, float))}
+        cal  = nutr.get("energy", nutr.get("calories", nutr.get("calorie", 0)))
+        prot = nutr.get("protein", 0)
+        carb = nutr.get("carbohydrate", nutr.get("carbs", 0))
+        fat  = nutr.get("fat", 0)
+        sod  = nutr.get("sodium", 0)
+        fib  = nutr.get("fiber", nutr.get("fibre", 0))
+        sug  = nutr.get("sugar", nutr.get("sugars", 0))
+
+        with db_conn() as conn:
+            conn.execute(
+                """INSERT INTO daily_logs(user_id,device_key,log_date,meal_name,
+                   calories,protein,carbs,fat,sodium,fiber,sugar,source) VALUES(?,?,?,?,?,?,?,?,?,?,?,?)""",
+                (owner_id, device_key, today, result.get("product_name","Scanned item"),
+                 cal, prot, carb, fat, sod, fib, sug, "scan")
+            )
+            conn.execute(
+                """INSERT INTO scans(user_id,device_key,product_name,score,verdict,
+                   calories,protein,carbs,fat,sodium,fiber,sugar,persona,language,analysis_json)
+                   VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)""",
+                (owner_id, device_key, result.get("product_name","Unknown"),
+                 result.get("score", 0), result.get("verdict", ""),
+                 cal, prot, carb, fat, sod, fib, sug, persona, language,
+                 json.dumps({k: v for k, v in result.items()
+                             if k not in ("blur_info","scan_meta","allergen_warning")}))
+            )
+
+        # Phase 2: populate proprietary food database
+        try:
+            upsert_food_product(
+                name=result.get("product_name", ""),
+                nutrients=result.get("nutrient_breakdown", []),
+                score=result.get("score", 0),
+                ingredients_raw=extracted_text,
+                category=result.get("product_category", ""),
+                source="llm_scan",
+            )
+        except Exception as exc:
+            logger.warning("Food DB upsert: %s", exc)
+
+        # Update streak
+        if user:
+            update_streak_user(user["id"])
+        else:
+            # Legacy device streak
+            from app.services.auth import update_streak_user as _upd
+            try:
+                _ensure_device(device_key)
+                today_d   = datetime.date.today().isoformat()
+                yesterday = (datetime.date.today() - datetime.timedelta(days=1)).isoformat()
+                with db_conn() as conn:
+                    row = conn.execute(
+                        "SELECT streak_days, last_scan_date FROM devices WHERE device_key=?",
+                        (device_key,)
+                    ).fetchone()
+                    if row and row["last_scan_date"] != today_d:
+                        streak = (row["streak_days"] + 1) if row["last_scan_date"] == yesterday else 1
+                        conn.execute(
+                            "UPDATE devices SET streak_days=?, last_scan_date=? WHERE device_key=?",
+                            (streak, today_d, device_key)
+                        )
+            except Exception:
+                pass
+
+        return JSONResponse(result)
+
+    except ValueError as exc:
+        return JSONResponse({"error": str(exc)}, status_code=400)
+    except Exception as exc:
+        logger.error("Analysis error: %s", exc, exc_info=True)
+        return JSONResponse({"error": f"Scan failed: {str(exc)[:140]}. Please try again."})
+
+
+@app.get("/scan-status")
+async def scan_status(request: Request):
+    user       = _get_request_user(request)
+    device_key = _device_key(request)
+    _ensure_device(device_key)
+    month_key  = datetime.date.today().isoformat()[:7]
+
+    if user:
+        from app.models.db import db_conn as _db
+        with _db() as conn:
+            row = conn.execute(
+                "SELECT is_pro, scan_month, scan_count_month, streak_days FROM users WHERE id=?",
+                (user["id"],)
+            ).fetchone()
+        if not row or row["scan_month"] != month_key:
+            return {"scans_used": 0, "scans_remaining": FREE_SCAN_LIMIT,
+                    "is_pro": False, "limit": FREE_SCAN_LIMIT, "streak": 0}
+        used = row["scan_count_month"]
+        return {"scans_used": used,
+                "scans_remaining": 9999 if row["is_pro"] else max(0, FREE_SCAN_LIMIT - used),
+                "is_pro": bool(row["is_pro"]), "limit": FREE_SCAN_LIMIT,
+                "streak": row["streak_days"],
+                "authenticated": True}
+
+    with db_conn() as conn:
+        row = conn.execute(
+            "SELECT is_pro, month, scan_count, streak_days FROM devices WHERE device_key=?",
+            (device_key,)
+        ).fetchone()
+    if not row or row["month"] != month_key:
+        return {"scans_used": 0, "scans_remaining": FREE_SCAN_LIMIT,
+                "is_pro": False, "limit": FREE_SCAN_LIMIT, "streak": 0, "authenticated": False}
+    used = row["scan_count"]
+    return {"scans_used": used,
+            "scans_remaining": 9999 if row["is_pro"] else max(0, FREE_SCAN_LIMIT - used),
+            "is_pro": bool(row["is_pro"]), "limit": FREE_SCAN_LIMIT,
+            "streak": row["streak_days"], "authenticated": False}
+
+
+@app.post("/activate-pro")
+async def activate_pro_legacy(request: Request, payment_id: str = Form(...)):
+    """
+    LEGACY endpoint kept for backward compat.
+    Real payment flow: POST /payments/create-order → Razorpay modal → POST /payments/verify
+    """
+    if payment_id.startswith("demo_"):
+        logger.warning("DEMO payment ID used — no real money charged")
+    device_key = _device_key(request)
+    _ensure_device(device_key)
+    with db_conn() as conn:
+        conn.execute("UPDATE devices SET is_pro=1 WHERE device_key=?", (device_key,))
+    return {"status": "activated",
+            "message": "Pro activated. NOTE: Use /payments/create-order for real billing.",
+            "real_billing_endpoint": "/payments/create-order"}
+
+
+@app.post("/onboarding-complete")
+async def onboarding_complete(
+    request  : Request,
+    persona  : str   = Form("General Adult"),
+    language : str   = Form("en"),
+    tdee     : float = Form(0),
+    allergens: str   = Form("[]"),
+):
+    user       = _get_request_user(request)
+    device_key = _device_key(request)
+    _ensure_device(device_key)
+    user_id    = user["id"] if user else None
+    with db_conn() as conn:
+        conn.execute("UPDATE devices SET onboarding_done=1,persona=?,language=?,tdee=? WHERE device_key=?",
+                     (persona, language, tdee, device_key))
+        if user_id:
+            conn.execute("UPDATE users SET onboarding_done=1,persona=?,language=?,tdee=? WHERE id=?",
+                         (persona, language, tdee, user_id))
+        conn.execute(
+            "INSERT OR REPLACE INTO allergen_profiles(device_key,user_id,allergens) VALUES(?,?,?)",
+            (device_key, user_id, allergens)
+        )
+    return {"status": "ok"}
+
+
+@app.get("/daily-summary")
+async def daily_summary(request: Request, date: str = None):
+    user        = _get_request_user(request)
+    device_key  = _device_key(request)
+    target_date = date or datetime.date.today().isoformat()
+
+    user_id = user["id"] if user else None
+    with db_conn() as conn:
+        if user_id:
+            dev = conn.execute("SELECT tdee FROM users WHERE id=?", (user_id,)).fetchone()
+        else:
+            dev = conn.execute("SELECT tdee FROM devices WHERE device_key=?", (device_key,)).fetchone()
+
+        # Fetch from either user_id or device_key
+        clause = "user_id=?" if user_id else "device_key=?"
+        param  = user_id or device_key
+        row  = conn.execute(
+            f"""SELECT SUM(calories) cal, SUM(protein) prot, SUM(carbs) carb,
+                       SUM(fat) fat, SUM(sodium) sod, SUM(fiber) fib, SUM(sugar) sug, COUNT(*) items
+                FROM daily_logs WHERE {clause} AND log_date=?""",
+            (param, target_date)
+        ).fetchone()
+        log_items = conn.execute(
+            f"""SELECT id, meal_name, calories, protein, carbs, fat, sodium, source, logged_at
+                FROM daily_logs WHERE {clause} AND log_date=? ORDER BY logged_at DESC""",
+            (param, target_date)
+        ).fetchall()
+
+    tdee   = float((dev and dev["tdee"]) or 2000) or 2000
+    totals = {k: round(row[k] or 0, 1)
+              for k in ("cal","prot","carb","fat","sod","fib","sug")}
+    t = {"calories": round(tdee), "protein": 56,
+         "carbs": round(tdee*.5/4), "fat": round(tdee*.3/9),
+         "sodium": 2300, "fiber": 28, "sugar": 50}
+    pct = {k: min(100, round(totals.get(k, 0) / v * 100)) if v else 0
+           for k, v in (("cal","calories"),("prot","protein"),
+                        ("carb","carbs"),("fat","fat"))}
+
+    cal_left  = max(0, t["calories"] - totals["cal"])
+    prot_left = max(0, t["protein"]  - totals["prot"])
+    suggestion = ""
+    if cal_left < 200:   suggestion = "🎯 Almost at your calorie target — great tracking!"
+    elif prot_left > 20: suggestion = f"💪 {round(prot_left)}g protein left. Try: eggs, dal, paneer."
+    elif cal_left > 600: suggestion = f"🍽 {round(cal_left)} kcal remaining — a balanced meal fits well."
+
+    return {"date": target_date, "totals": totals, "targets": t, "pct": pct,
+            "suggestion": suggestion, "items": row["items"] or 0,
+            "log": [dict(r) for r in log_items]}
+
+
+@app.post("/daily-log")
+@limiter.limit("30/minute")
+async def daily_log(
+    request  : Request,
+    meal_name: str   = Form(...),
+    calories : float = Form(0),
+    protein  : float = Form(0),
+    carbs    : float = Form(0),
+    fat      : float = Form(0),
+    sodium   : float = Form(0),
+    fiber    : float = Form(0),
+    sugar    : float = Form(0),
+    source   : str   = Form("manual"),
+    log_date : str   = Form(None),
+):
+    user        = _get_request_user(request)
+    device_key  = _device_key(request)
+    target_date = log_date or datetime.date.today().isoformat()
+    user_id     = user["id"] if user else None
+    _ensure_device(device_key)
+    with db_conn() as conn:
+        conn.execute(
+            "INSERT INTO daily_logs(user_id,device_key,log_date,meal_name,calories,protein,carbs,fat,sodium,fiber,sugar,source) VALUES(?,?,?,?,?,?,?,?,?,?,?,?)",
+            (user_id, device_key, target_date, meal_name, calories, protein, carbs, fat, sodium, fiber, sugar, source)
+        )
+    return {"status": "logged", "date": target_date, "meal": meal_name}
+
+
+@app.delete("/daily-log/{log_id}")
+async def delete_log(request: Request, log_id: int):
+    device_key = _device_key(request)
+    with db_conn() as conn:
+        conn.execute("DELETE FROM daily_logs WHERE id=? AND device_key=?", (log_id, device_key))
+    return {"status": "deleted", "id": log_id}
+
+
+@app.get("/allergen-profile")
+async def get_allergen_profile(request: Request):
+    device_key = _device_key(request)
+    with db_conn() as conn:
+        row = conn.execute(
+            "SELECT allergens, conditions FROM allergen_profiles WHERE device_key=?", (device_key,)
+        ).fetchone()
+    if not row:
+        return {"allergens": [], "conditions": []}
+    return {"allergens": json.loads(row["allergens"] or "[]"),
+            "conditions": json.loads(row["conditions"] or "[]")}
+
+
+@app.post("/allergen-profile")
+async def set_allergen_profile(request: Request, allergens: str = Form("[]"),
+                               conditions: str = Form("[]")):
+    device_key = _device_key(request)
+    _ensure_device(device_key)
+    with db_conn() as conn:
+        conn.execute(
+            "INSERT OR REPLACE INTO allergen_profiles(device_key,allergens,conditions,updated_at) VALUES(?,?,?,datetime('now'))",
+            (device_key, allergens, conditions)
+        )
+    return {"status": "saved"}
+
+
+@app.post("/nps")
+async def submit_nps(request: Request, score: int = Form(...), comment: str = Form("")):
+    if not 0 <= score <= 10:
+        return JSONResponse({"error": "Score must be 0-10"}, status_code=400)
+    user       = _get_request_user(request)
+    device_key = _device_key(request)
+    with db_conn() as conn:
+        conn.execute(
+            "INSERT INTO nps_responses(device_key,user_id,score,comment) VALUES(?,?,?,?)",
+            (device_key, user["id"] if user else None, score, comment[:500])
+        )
+    return {"status": "thank_you"}
+
+
+@app.get("/admin/analytics")
+async def admin_analytics(admin_token: str = ""):
+    if admin_token != os.environ.get("ADMIN_TOKEN", "changeme"):
+        raise HTTPException(status_code=403, detail="Invalid token")
+    today = datetime.date.today().isoformat()
+    mkey  = today[:7]
+    with db_conn() as conn:
+        dau  = conn.execute("SELECT COUNT(DISTINCT COALESCE(user_id,device_key)) FROM scans WHERE DATE(scanned_at)=?", (today,)).fetchone()[0]
+        mau  = conn.execute("SELECT COUNT(DISTINCT COALESCE(user_id,device_key)) FROM scans WHERE strftime('%Y-%m',scanned_at)=?", (mkey,)).fetchone()[0]
+        tot  = conn.execute("SELECT COUNT(*) FROM scans").fetchone()[0]
+        avg_s= conn.execute("SELECT AVG(score) FROM scans").fetchone()[0]
+        avg_n= conn.execute("SELECT AVG(score) FROM nps_responses").fetchone()[0]
+        npc  = conn.execute("SELECT COUNT(*) FROM nps_responses").fetchone()[0]
+        users= conn.execute("SELECT COUNT(*) FROM users").fetchone()[0]
+        top  = conn.execute("SELECT product_name,COUNT(*) c FROM scans GROUP BY product_name ORDER BY c DESC LIMIT 10").fetchall()
+        food_ct = conn.execute("SELECT COUNT(*) FROM food_products").fetchone()[0]
+        verified= conn.execute("SELECT COUNT(*) FROM food_products WHERE verified=1").fetchone()[0]
+    return {"dau": dau, "mau": mau, "total_scans": tot, "total_users": users,
+            "avg_score": round(avg_s or 0, 2), "avg_nps": round(avg_n or 0, 2),
+            "nps_count": npc, "dau_mau": round(dau/mau*100,1) if mau else 0,
+            "food_db": {"total": food_ct, "verified": verified},
+            "top_products": [{"name": r[0], "scans": r[1]} for r in top]}
+
+
+@app.post("/admin/create-api-key")
+async def create_api_key_endpoint(admin_token: str = Form(...),
+                                   client_name: str = Form(...),
+                                   plan: str = Form("business")):
+    if admin_token != os.environ.get("ADMIN_TOKEN", "changeme"):
+        raise HTTPException(status_code=403, detail="Invalid admin token")
+    key = "eak_" + secrets.token_urlsafe(32)
+    with db_conn() as conn:
+        conn.execute("INSERT INTO api_keys(api_key,client_name,plan) VALUES(?,?,?)",
+                     (key, client_name, plan))
+    return {"api_key": key, "client": client_name, "plan": plan}
+
+
+@app.post("/generate-share-card")
+@limiter.limit("20/minute")
+async def generate_share_card(
+    request: Request, product_name: str = Form(...),
+    score: int = Form(...), verdict: str = Form(...),
+    top_warning: str = Form(""), top_pro: str = Form(""),
+):
+    from PIL import Image, ImageDraw, ImageFont
+    W, H  = 1080, 1080
+    img   = Image.new("RGB", (W, H), (15, 17, 23))
+    draw  = ImageDraw.Draw(img)
+    font  = ImageFont.load_default()
+    s_rgb = (34,197,94) if score>=7 else (245,158,11) if score>=4 else (239,68,68)
+    def centered(text, y, fill):
+        try:   tw = font.getbbox(text)[2] - font.getbbox(text)[0]
+        except: tw = len(text) * 6
+        draw.text(((W-tw)//2, y), text, fill=fill, font=font)
+    draw.ellipse([340,160,740,560], outline=s_rgb, width=18)
+    centered(str(score), 340, s_rgb); centered("/10", 430, (100,116,139))
+    pname = product_name[:38] + ("…" if len(product_name)>38 else "")
+    centered(pname, 600, (255,255,255)); centered(verdict[:50], 650, (148,163,184))
+    if top_pro:
+        draw.rectangle([60,700,1020,760], fill=(15,60,40))
+        centered(f"✓ {top_pro[:65]}", 718, (74,222,128))
+    if top_warning:
+        draw.rectangle([60,775,1020,840], fill=(124,29,29))
+        centered(f"⚠ {top_warning[:65]}", 795, (252,165,165))
+    centered("eatlytic.com  •  scan any food label, no barcode needed", 1000, (71,85,105))
+    draw.text((40, 1050), MEDICAL_DISCLAIMER[:90], fill=(50,50,60), font=font)
+    buf = BytesIO(); img.save(buf, format="PNG", optimize=True); buf.seek(0)
+    return Response(content=buf.getvalue(), media_type="image/png",
+                    headers={"Content-Disposition": "attachment; filename=eatlytic-scan.png"})
+
+
+@app.post("/export-pdf")
+@limiter.limit("10/minute")
+async def export_pdf(request: Request, analysis_json: str = Form(...)):
+    try:
+        data = json.loads(analysis_json)
+    except Exception:
+        return JSONResponse({"error": "Invalid JSON"}, status_code=400)
+    try:
+        from reportlab.lib.pagesizes import A4
+        from reportlab.lib.styles import getSampleStyleSheet, ParagraphStyle
+        from reportlab.platypus import SimpleDocTemplate, Paragraph, Spacer, Table, TableStyle
+        from reportlab.lib import colors as rl; from reportlab.lib.units import cm
+    except ImportError:
+        return JSONResponse({"error": "reportlab not installed"}, status_code=501)
+    buf  = BytesIO()
+    doc  = SimpleDocTemplate(buf, pagesize=A4, rightMargin=2*cm, leftMargin=2*cm,
+                              topMargin=2*cm, bottomMargin=2*cm)
+    stys = getSampleStyleSheet(); story = []
+    story.append(Paragraph("Eatlytic Food Label Analysis", stys["Title"]))
+    story.append(Paragraph(f"Product: {data.get('product_name','Unknown')}", stys["Heading2"]))
+    story.append(Paragraph(MEDICAL_DISCLAIMER,
+                            ParagraphStyle("d", parent=stys["Normal"], fontSize=8, textColor=rl.grey)))
+    story.append(Spacer(1,.4*cm))
+    score = data.get("score",0); sc = "22c55e" if score>=7 else "f59e0b" if score>=4 else "ef4444"
+    story.append(Paragraph(f"<font color='#{sc}'>Health Score: {score}/10 — {data.get('verdict','')}</font>", stys["Heading1"]))
+    if data.get("summary"):
+        story.append(Paragraph("Summary", stys["Heading2"]))
+        story.append(Paragraph(data["summary"], stys["Normal"]))
+    nutrients = data.get("nutrient_breakdown",[])
+    if nutrients:
+        story.append(Paragraph("Nutrient Breakdown", stys["Heading2"]))
+        td = [["Nutrient","Amount","Rating"]] + [
+            [str(n.get("name","")), f"{n.get('value','')} {n.get('unit','')}".strip(),
+             str(n.get("rating","")).upper()] for n in nutrients]
+        tbl = Table(td, colWidths=[6*cm,4*cm,4*cm])
+        tbl.setStyle(TableStyle([
+            ("BACKGROUND",(0,0),(-1,0),rl.HexColor("1D9E75")),("TEXTCOLOR",(0,0),(-1,0),rl.white),
+            ("FONTSIZE",(0,0),(-1,-1),10),("BACKGROUND",(0,1),(-1,-1),rl.HexColor("f8faf8")),
+            ("GRID",(0,0),(-1,-1),.4,rl.HexColor("d0d8d4")),
+            ("TOPPADDING",(0,0),(-1,-1),6),("BOTTOMPADDING",(0,0),(-1,-1),6),
+            ("LEFTPADDING",(0,0),(-1,-1),8),("RIGHTPADDING",(0,0),(-1,-1),8),
+        ])); story.append(tbl)
+    if data.get("pros"):
+        story.append(Paragraph("Benefits", stys["Heading2"]))
+        [story.append(Paragraph(f"✓ {p}", stys["Normal"])) for p in data["pros"]]
+    if data.get("cons"):
+        story.append(Paragraph("Concerns", stys["Heading2"]))
+        [story.append(Paragraph(f"✗ {c}", stys["Normal"])) for c in data["cons"]]
+    try:
+        doc.build(story)
+    except Exception as exc:
+        return JSONResponse({"error": f"PDF failed: {exc}"}, status_code=500)
+    buf.seek(0); safe = data.get("product_name","scan").replace(" ","-")[:40]
+    return Response(content=buf.getvalue(), media_type="application/pdf",
+                    headers={"Content-Disposition": f"attachment; filename=eatlytic-{safe}.pdf"})

payments.py

@@ -0,0 +1,88 @@
+"""
+app/routes/payments.py
+Payment endpoints: create Razorpay order, verify payment, status.
+Wraps app/services/payments.py logic.
+"""
+import logging
+from fastapi import APIRouter, Request, Form, HTTPException
+from fastapi.responses import JSONResponse
+from app.services.auth import get_user_from_token
+from app.models.db import db_conn
+
+logger = logging.getLogger(__name__)
+router = APIRouter(prefix="/payments", tags=["payments"])
+
+
+def _get_user_or_device(request: Request) -> tuple:
+    """Returns (user_id, device_key). Either may be None."""
+    auth      = request.headers.get("Authorization", "")
+    token     = auth.removeprefix("Bearer ").strip() if auth.startswith("Bearer ") else None
+    user      = get_user_from_token(token) if token else None
+    user_id   = user["id"] if user else None
+    import hashlib
+    ip        = request.client.host if request.client else "unknown"
+    ua        = request.headers.get("user-agent", "")
+    device_key = hashlib.md5(f"{ip}:{ua}".encode()).hexdigest()[:16]
+    return user_id, device_key
+
+
+@router.post("/create-order")
+async def create_order(request: Request):
+    """
+    Create a Razorpay order. Returns order_id + key_id for frontend modal.
+    Requires RAZORPAY_KEY_ID + RAZORPAY_KEY_SECRET env vars.
+    """
+    user_id, device_key = _get_user_or_device(request)
+    if not user_id:
+        raise HTTPException(status_code=401,
+            detail="Login required to create payment order. POST /auth/request-otp first.")
+    try:
+        from app.services.payments import create_order as _create
+        order = _create(user_id, device_key)
+        return JSONResponse(order)
+    except RuntimeError as exc:
+        raise HTTPException(status_code=503, detail=str(exc))
+    except Exception as exc:
+        logger.error("create_order failed: %s", exc)
+        raise HTTPException(status_code=500, detail="Payment service error")
+
+
+@router.post("/verify")
+async def verify_payment(
+    request              : Request,
+    razorpay_order_id   : str = Form(...),
+    razorpay_payment_id : str = Form(...),
+    razorpay_signature  : str = Form(...),
+):
+    """
+    Called by frontend after Razorpay success callback.
+    Verifies HMAC signature and activates Pro.
+    """
+    try:
+        from app.services.payments import activate_pro_after_payment
+        result = activate_pro_after_payment(
+            razorpay_order_id, razorpay_payment_id, razorpay_signature
+        )
+        return JSONResponse(result)
+    except ValueError as exc:
+        raise HTTPException(status_code=400, detail=str(exc))
+    except RuntimeError as exc:
+        raise HTTPException(status_code=503, detail=str(exc))
+    except Exception as exc:
+        logger.error("verify_payment failed: %s", exc)
+        raise HTTPException(status_code=500, detail="Payment verification failed")
+
+
+@router.get("/status/{order_id}")
+async def payment_status(request: Request, order_id: str):
+    """Check status of a Razorpay order."""
+    try:
+        from app.services.payments import get_payment_status
+        status = get_payment_status(order_id)
+        if not status:
+            raise HTTPException(status_code=404, detail="Order not found")
+        return JSONResponse(status)
+    except HTTPException:
+        raise
+    except Exception as exc:
+        raise HTTPException(status_code=500, detail=str(exc))