# SaaS Considerations

A running list of switches to flip and features to add when transitioning from personal tool to multi-tenant SaaS.

## Auth & User Management
- [ ] Email verification flow (send verification link on registration)
- [ ] Password reset flow (forgot password → email → reset)
- [ ] Rate limiting on auth endpoints (5 attempts/min/IP)
- [ ] OAuth providers (Google, Discord — poker community lives on Discord)
- [ ] Terms of service acceptance on registration
- [ ] Account deletion / data export (GDPR)

## Access Control
- [ ] Admin role for managing shared venue data, global events curation
- [ ] Friends system: mutual opt-in to share trip plans and compare results
- [ ] Trip sharing: private by default, shareable with friends
- [ ] Location knowledge gating: require at least one research run before accessing community-contributed data (give-to-get model)

## Image Uploads
- [ ] Max file size limit (e.g. 10MB per image)
- [ ] Rate limiting on uploads (e.g. 50/day per user)
- [ ] Per-user storage quota (e.g. 500MB free, 5GB paid)
- [ ] File type validation (accept only image/jpeg, image/png, image/webp)
- [ ] Image resizing/compression on upload (keep originals, serve optimized)
- [ ] Virus/malware scanning (ClamAV or similar)
- [ ] Switch storage backend from local filesystem to Garage (S3-compatible)
- [ ] Signed URLs for image access (don't serve uploads directly)

## AI / Research
- [ ] Tiered access: Free (no AI) → BYO Key (bring your own OpenRouter/Requesty key) → Paid (use our key)
- [ ] Usage tracking per user (research jobs, tokens consumed)
- [ ] Cost estimation before starting research job
- [ ] Rate limiting on research jobs (e.g. 10/day for BYO key, 3/day for paid tier)
- [ ] Model allowlisting (prevent abuse of expensive models on paid tier)

## Infrastructure
- [ ] Connection pooling (PgBouncer) if user count warrants it
- [ ] CDN for static frontend assets
- [ ] Horizontal scaling: separate API instances behind load balancer
- [ ] Monitoring / alerting (Grafana, Prometheus)
- [ ] Structured logging for multi-tenant debugging

## Payments
- [ ] Stripe integration for paid AI tier
- [ ] Subscription management (monthly/yearly)
- [ ] Usage-based billing option for heavy AI users

## Legal
- [ ] Privacy policy
- [ ] Terms of service
- [ ] Cookie consent (if applicable)
- [ ] GDPR compliance (data export, right to deletion, data processing agreements)

## Community
- [ ] Public venue data moderation (flag/report incorrect info)
- [ ] Global events data quality review pipeline
- [ ] Leaderboards / opt-in public stats (careful — gambling-adjacent, consider regulations)