docs(plans): harvest and record more opus plans

Xe · Xe · commit 64d5cb12dd44 · 2026-04-02T12:36:06.000+01:00
Signed-off-by: Xe Iaso &lt;me@xeiaso.net&gt;
diff --git a/docs/superpowers/plans/2026-03-24-sponsor-panel-patreon.md b/docs/superpowers/plans/2026-03-24-sponsor-panel-patreon.md
@@ -0,0 +1,165 @@
+# Plan: Add Patreon OAuth Login to Sponsor Panel
+
+## Context
+
+The sponsor-panel (`cmd/sponsor-panel/`) currently only supports GitHub OAuth login. Patreon patrons have no way to access sponsor benefits (Discord invite, team invitations, logo submissions). This change adds Patreon as a second authentication provider so patrons get feature parity with GitHub Sponsors.
+
+**Design decisions:**
+
+- User-token based verification (no saasproxy dependency)
+- Separate identities (no account linking between GitHub and Patreon)
+- Patreon API v2 via direct HTTP calls; `patreon-go` library used only for OAuth URL constants
+- OAuth scopes: `identity`, `identity[email]`, `campaigns.members`
+- Team invite: Patreon $50+ users see the same card and input a GitHub username
+
+---
+
+## Step 1: Database Migration
+
+**File:** `cmd/sponsor-panel/migrations.go`
+
+Add `migration002` constant with idempotent DDL:
+
+- `ALTER TABLE users ALTER COLUMN github_id DROP NOT NULL`
+- `ADD COLUMN IF NOT EXISTS patreon_id TEXT UNIQUE`
+- `ADD COLUMN IF NOT EXISTS provider TEXT NOT NULL DEFAULT 'github'`
+- Drop `users_login_key` unique constraint, replace with `UNIQUE INDEX (provider, login)`
+- Add `idx_users_patreon_id` index
+
+Update `runMigrations()` to execute `migration002` after `migrationSchema`.
+
+---
+
+## Step 2: Update User Model
+
+**File:** `cmd/sponsor-panel/models.go`
+
+- Change `User.GitHubID` from `int64` to `*int64` (nullable)
+- Add `PatreonID *string` and `Provider string` fields
+- Update all `SELECT`/`Scan` calls in `getUserByID`, `upsertUser` to include new columns
+- Add `upsertPatreonUser(ctx, pool, user)` — same pattern as `upsertUser` but upserts by `patreon_id`, sets `provider='patreon'`
+
+---
+
+## Step 3: Add Patreon OAuth Config
+
+**File:** `cmd/sponsor-panel/main.go`
+
+New flags (all optional — service still works GitHub-only if omitted):
+
+- `--patreon-client-id`
+- `--patreon-client-secret`
+- `--patreon-redirect-url`
+- `--patreon-campaign-id` (to match pledge against)
+
+Add to `Server` struct:
+
+```go
+patreonOAuth      *oauth2.Config  // nil if not configured
+patreonCampaignID string
+```
+
+In `main()`, conditionally create `oauth2.Config` using `patreon.AuthorizationURL` and `patreon.AccessTokenURL` from `gopkg.in/mxpv/patreon-go.v1`.
+
+Register new routes:
+
+```
+/login/patreon    → server.patreonLoginHandler
+/callback/patreon → server.patreonCallbackHandler
+```
+
+---
+
+## Step 4: Patreon OAuth Handlers (new file)
+
+**File:** `cmd/sponsor-panel/patreon_oauth.go` (new)
+
+### `patreonLoginHandler`
+
+Mirrors `loginHandler` in `oauth.go`: generate state, set CSRF cookie, redirect to `s.patreonOAuth.AuthCodeURL(state)`. Returns 404 if `s.patreonOAuth == nil`.
+
+### `patreonCallbackHandler`
+
+1. Validate state cookie (same CSRF pattern as GitHub)
+2. Exchange code via `s.patreonOAuth.Exchange(ctx, code)`
+3. Call Patreon API v2 identity endpoint:
+   ```
+   GET https://www.patreon.com/api/oauth2/v2/identity
+     ?include=memberships.campaign
+     &fields[user]=full_name,vanity,email,image_url
+     &fields[member]=patron_status,currently_entitled_amount_cents
+   ```
+4. Parse JSON:API response to extract user identity and membership data
+5. Find membership matching `s.patreonCampaignID`
+6. Build `SponsorshipData` JSON: `{is_active, monthly_amount_cents, tier_name}`
+7. Call `upsertPatreonUser()` with `provider="patreon"`, login = vanity or full_name
+8. Create session (same `user_id` in gorilla/sessions cookie)
+9. Redirect to `/`
+
+### Response types (define in same file):
+
+- `patreonIdentityResponse` — JSON:API envelope with user data + included memberships
+- `patreonMember` — membership attributes (patron_status, currently_entitled_amount_cents) + campaign relationship
+
+---
+
+## Step 5: Update Login Template
+
+**File:** `cmd/sponsor-panel/templates/login.templ`
+
+Change signature to `templ Login(patreonEnabled bool)`. Add a "Login with Patreon" button (with Patreon SVG icon) conditionally rendered when `patreonEnabled` is true, linking to `/login/patreon`.
+
+---
+
+## Step 6: Update Dashboard for Provider Awareness
+
+**File:** `cmd/sponsor-panel/templates/dashboard.templ`
+
+- Add `Provider string` to `UserProps`
+- In `SponsorshipCard`, when user is not a sponsor: show Patreon link for `provider == "patreon"`, GitHub Sponsors link otherwise
+
+**File:** `cmd/sponsor-panel/dashboard.go`
+
+- `loginPageHandler`: pass `s.patreonOAuth != nil` to `templates.Login()`
+- `dashboardHandler`: set `UserProps.Provider` from `user.Provider`
+
+---
+
+## Step 7: Generate & Build
+
+1. `go tool templ generate` (regenerate `*_templ.go` files)
+2. `go build ./cmd/sponsor-panel/`
+3. `npm test` (`go test ./...`)
+
+---
+
+## Files Modified
+
+| File                                          | Change                                          |
+| --------------------------------------------- | ----------------------------------------------- |
+| `cmd/sponsor-panel/migrations.go`             | Add migration002                                |
+| `cmd/sponsor-panel/models.go`                 | Update User struct, add upsertPatreonUser       |
+| `cmd/sponsor-panel/main.go`                   | Add flags, Server fields, routes                |
+| `cmd/sponsor-panel/patreon_oauth.go`          | **New** — Patreon login/callback handlers       |
+| `cmd/sponsor-panel/oauth.go`                  | No changes (existing GitHub flow untouched)     |
+| `cmd/sponsor-panel/dashboard.go`              | Pass patreonEnabled and Provider                |
+| `cmd/sponsor-panel/templates/login.templ`     | Add Patreon button                              |
+| `cmd/sponsor-panel/templates/dashboard.templ` | Add Provider to props, conditional sponsor link |
+
+## Existing Code to Reuse
+
+- `generateState()` in `oauth.go:20` — reuse for Patreon CSRF state
+- `SponsorshipData` struct in `models.go:27` — same JSON format for both providers
+- `User.IsSponsorAtTier()` in `models.go:35` — works provider-agnostically
+- Session management via `getSessionUser()` in `oauth.go:634` — no changes needed
+- `patreon.AuthorizationURL` / `patreon.AccessTokenURL` from `gopkg.in/mxpv/patreon-go.v1`
+- All feature handlers (`inviteHandler`, `logoHandler`) — work unchanged since they only check `IsSponsorAtTier()`
+
+## Verification
+
+1. **Build**: `go build ./cmd/sponsor-panel/` compiles without errors
+2. **Tests**: `npm test` passes
+3. **GitHub flow unchanged**: Login with GitHub still works identically
+4. **Patreon login**: With Patreon OAuth credentials set, clicking "Login with Patreon" redirects to Patreon, callback creates user with `provider=patreon`
+5. **Tier gating**: A Patreon user pledging $50+/month sees team invite card; $1+ sees logo submission and Discord
+6. **No Patreon config**: When Patreon flags are omitted, login page only shows GitHub button, `/login/patreon` returns 404
diff --git a/docs/superpowers/plans/2026-03-25-sponsor-card-homepage.md b/docs/superpowers/plans/2026-03-25-sponsor-card-homepage.md
@@ -0,0 +1,67 @@
+# Replace GitHub Sponsor iframe with Styled Sponsor Card
+
+## Context
+
+The homepage (`lume/src/index.jsx` line 40) currently embeds a GitHub Sponsors iframe. This should be replaced with a custom-styled card linking to Patreon, GitHub Sponsors, and the Sponsor Panel (sponsors.xeiaso.net). The card design should echo the sponsor-panel app's warm Gruvbox aesthetic.
+
+## File to modify
+
+- `lume/src/index.jsx` — the only file that needs changes
+
+## Design reference (from `cmd/sponsor-panel`)
+
+- Cards: `rounded-2xl`, border, surface bg, `overflow-hidden`, subtle shadow
+- Gradient accent line: 2px at top, orange-to-pink for warm variant
+- Card titles: `font-serif`, semibold
+- Buttons: `rounded-xl`, colored bg, hover lift (`hover:-translate-y-px`), white text
+
+## Plan
+
+### 1. Add small icon components before the default export
+
+Copy SVG paths from `lume/src/donate.jsx` (GitHubIcon, PatreonIcon) scaled to 20x20. Add a star icon for the Sponsor Panel link.
+
+### 2. Add `SponsorCard` component
+
+Structure:
+
+```
+<div>  — card container (rounded-2xl, border, bg-bg-2, dark:bg-bgDark-2, shadow-sm, overflow-hidden, max-w-xl, mx-auto, my-6)
+  <div> — gradient accent line (2px, orange→purple, with dark mode variant via dark:hidden/hidden dark:block)
+  <div> — content area (px-6 py-5 text-center)
+    <h3> — "Support My Work" with heart SVG icon
+    <p>  — brief description (text-sm, muted color)
+    <div> — flex row of 3 button-links (flex-wrap, gap-3, centered)
+      <a> Patreon      — bg-orange-light / dark:bg-orangeDark-light
+      <a> GitHub Sponsors — bg-fg-0 / dark:bg-purpleDark-light
+      <a> Sponsor Panel — bg-purple-light / dark:bg-blueDark-light
+```
+
+### 3. Replace the iframe (line 40) with `<SponsorCard />`
+
+## Key implementation details
+
+**Gradient accent line:** Use two `<div>`s with `dark:hidden` / `hidden dark:block` to swap light/dark gradients, since inline `style` can't respond to `prefers-color-scheme`:
+
+- Light: `linear-gradient(90deg, #d65d0e, #b16286)` (orange→purple)
+- Dark: `linear-gradient(90deg, #fe8019, #d3869b)` (bright orange→pink)
+
+**Button link style overrides:** The site's base `<a>` styles (in `lume/src/styles.css` line 61-63 and `hack.css` line 65-71) apply link colors, underline, border-bottom, and visited styles. Each button `<a>` needs:
+
+- `no-underline border-0` to remove text decoration and bottom border
+- `text-white hover:text-white hover:bg-[color]` to override link/hover colors
+- `visited:text-white visited:hover:text-white visited:hover:bg-[color]` to override visited states
+
+**Color tokens available** (from `lume/tailwind.config.js`):
+
+- `bg-orange-light`, `dark:bg-orangeDark-light`, `hover:bg-orange-dark`
+- `bg-purple-light`, `dark:bg-blueDark-light`, `hover:bg-purple-dark`
+- `bg-fg-0`, `dark:bg-purpleDark-light`, `hover:bg-fg-1`
+- `text-fg-0`, `dark:text-fgDark-1`, `text-fg-3`, `dark:text-fgDark-3`
+
+## Verification
+
+1. Run `npm run dev` and check the homepage in both light and dark mode
+2. Verify all three links open correctly in new tabs
+3. Confirm the card is responsive (shrinks gracefully on mobile)
+4. Check that button hover states work (lift effect, color change, no link underline artifacts)
