docs: update prelaunch pending - mark phases 1, 5, 6 as completed

Phase 1 (Code Cleanup):
- Removed 3,218 lines, 24 files changed
- Cleaned up 11 empty folders, removed test files
- Removed 17 console.log statements
- All quality checks passed

Phase 5 (UX Improvements):
- Enhanced search modal with filters and context snippets
- Added 25+ help questions across 8 topics
- Implemented smart phrase matching and keyword coverage
- Added recent searches and suggested questions

Phase 6 (Data Backup & Cleanup):
- Created export_system_config Django management command
- Created cleanup_user_data Django management command
- Documented full 300+ line backup/cleanup guide
- Ready for V1.0 production deployment

Image regeneration feature deferred to post-launch (Phase 9).

.cursor/igny8.code-workspace

@@ -1,8 +0,0 @@
-{
-	"folders": [
-		{
-			"path": ".."
-		}
-	],
-	"settings": {}
-}

.github/copilot-instructions.md

@@ -1,97 +0,0 @@
-<!-- Copilot / AI agent instructions for the IGNY8 monorepo (backend + frontend) -->
-# IGNY8 — Copilot Instructions
-
-Purpose: quickly orient AI coding agents so they can make safe, high-value changes across the IGNY8 monorepo.
-
-Key facts (big picture)
-- **Monorepo layout:** Backend (Django) lives under `backend/` and the core Python package is `igny8_core/`. Frontend is in `frontend/` (Vite + React/TS). Documentation and architecture notes live in `master-docs/` and repo root `README.md`.
-- **Services & runtime:** The project uses Django with Celery (see `igny8_core/celery.py` and `backend/celerybeat-schedule`), and a modern frontend build in `frontend/`. There is a `docker-compose.app.yml` to bring up combined services for development.
-- **APIs:** Backend exposes REST endpoints under its `api/` modules and integrates with the WordPress bridge (see `WORDPRESS-PLUGIN-INTEGRATION.md` in `master-docs/`). AI components live under `igny8_core/ai/`.
-
-Where to look first
-- `backend/manage.py` — Django project CLI and common quick tests.
-- `igny8_core/settings.py` — central configuration; check how secrets and environment variables are read before altering settings.
-- `igny8_core/celery.py` and `backend/celerybeat-schedule` — Celery setup, periodic tasks, and beat schedule.
-- `backend/requirements.txt` — Python dependencies; use it when creating or updating virtualenvs.
-- `docker-compose.app.yml` — local dev composition (DB, cache, web, worker); follow it for local integration testing.
-- `frontend/package.json`, `vite.config.ts` — frontend scripts and dev server commands.
-- `master-docs/` — architecture and process documents (use these before making cross-cutting changes).
-
-Project-specific conventions and patterns
-- Python package: main Django app is `igny8_core` — add new reusable modules under `igny8_core/*` and keep app boundaries clear (`ai/`, `api/`, `auth/`, `modules/`).
-- Settings & secrets: inspect `igny8_core/settings.py` for environment-based config; prefer adding new env vars there rather than hard-coding secrets.
-- Celery tasks live near the domain logic; follow established naming and task registration patterns in `igny8_core/celery.py`.
-- Frontend: components live under `frontend/src/` grouped by feature; tests use `vitest` (see `vitest.config.ts`).
-- Docs-first: many architectural decisions are documented — prefer updating `master-docs/*` when you change interfaces, APIs, or long-lived behavior.
-
-Integration points & external dependencies
-- Database and cache: check `docker-compose.app.yml` for configured DB and cache services used in local dev (use same service names when writing connection logic).
-- Celery & broker: Celery is configured in `igny8_core/celery.py`; ensure worker-related changes are tested with `celery -A igny8_core worker` and `celery -A igny8_core beat` when applicable.
-- AI modules: `igny8_core/ai/` contains AI engine integration points — review `ai_core.py` and `engine.py` before changing model orchestration logic.
-- Frontend ↔ Backend: frontend calls backend REST APIs; update API shapes in `api/` and coordinate with `frontend/src/api/`.
-
-Developer workflows (copyable commands)
-- Create a Python virtualenv and run backend locally:
-```powershell
-cd backend
-python -m venv .venv
-.\.venv\Scripts\Activate.ps1
-pip install -r requirements.txt
-python manage.py migrate
-python manage.py runserver
-```
-- Run Celery worker (in a separate shell):
-```powershell
-cd backend
-.\.venv\Scripts\Activate.ps1
-celery -A igny8_core worker -l info
-celery -A igny8_core beat -l info
-```
-- Run the app stack via Docker Compose (local integration):
-```powershell
-docker-compose -f docker-compose.app.yml up --build
-```
-- Frontend dev server:
-```powershell
-cd frontend
-npm install
-npm run dev
-```
-- Run backend tests (Django or pytest as configured):
-```powershell
-cd backend
-.\.venv\Scripts\Activate.ps1
-python manage.py test
-# or `pytest` if pytest is configured
-```
-
-Rules for safe automated changes
-- Preserve API contracts: when changing backend API responses, update `frontend/` calls and `master-docs/API-COMPLETE-REFERENCE.md`.
-- Keep settings/environment changes explicit: add new env vars to `settings.py` and document them in `master-docs/`.
-- When adding scheduled work, register tasks via Celery and update any existing beat schedules (and document in `master-docs/`).
-- Avoid breaking the frontend build: run `npm run build` or `npm run dev` locally after API changes that affect the client.
-
-Search hacks / quick finds
-- Find API surface: search `api/` and `igny8_core/api/` for endpoint implementations.
-- Find AI orchestration: search `igny8_core/ai/` for `engine.py` and `ai_core.py` references.
-- Find Celery tasks: grep for `@shared_task` or `@app.task` in `igny8_core/`.
-
-Testing and safety
-- Use the repo `requirements.txt` and virtualenv for backend testing; run `python manage.py test` or `pytest` depending on existing test setup.
-- For frontend, run `npm run test` or `vitest` as configured in `vitest.config.ts`.
-- For integration changes, run the `docker-compose.app.yml` stack and exercise both web and worker services.
-
-When you are unsure
-- Read `master-docs/02-APPLICATION-ARCHITECTURE.md` and `04-BACKEND-IMPLEMENTATION.md` before large changes.
-- Open an issue and link to `master-docs/` when proposing cross-cutting changes (database, schema, API contract).
-
-Examples & quick references
-- Start backend: `backend/manage.py runserver`
-- Celery entrypoint: `igny8_core/celery.py`
-- Local stack: `docker-compose.app.yml`
-- Frontend dev: `frontend/package.json` & `vite.config.ts`
-
-Next steps for humans
-- Tell me which parts you want expanded: API reference, CI/CD snippets, deployment docs, or example tickets to implement.
-
-— End

.rules

@@ -0,0 +1,362 @@
+# IGNY8 AI Agent Rules
+
+**Version:** 1.2.0 | **Updated:** January 2, 2026
+
+---
+
+## 🚀 Quick Start for AI Agents
+
+**BEFORE any change, read these docs in order:**
+1. [docs/INDEX.md](docs/INDEX.md) - Quick navigation to any module/feature
+2. [docs/30-FRONTEND/COMPONENT-SYSTEM.md](docs/30-FRONTEND/COMPONENT-SYSTEM.md) - **REQUIRED** for any frontend work
+3. [docs/30-FRONTEND/DESIGN-TOKENS.md](docs/30-FRONTEND/DESIGN-TOKENS.md) - Color tokens and styling rules
+4. Module doc for the feature you're modifying (see INDEX.md for paths)
+5. [CHANGELOG.md](CHANGELOG.md) - Recent changes and version history
+
+---
+
+## 📁 Project Structure
+
+| Layer | Path | Purpose |
+|-------|------|---------|
+| Backend | `backend/igny8_core/` | Django REST API |
+| Frontend | `frontend/src/` | React + TypeScript SPA |
+| Docs | `docs/` | Technical documentation |
+| AI Engine | `backend/igny8_core/ai/` | AI functions (use this, NOT `utils/ai_processor.py`) |
+| Design Tokens | `frontend/src/styles/design-system.css` | **Single source** for colors, shadows, typography |
+| UI Components | `frontend/src/components/ui/` | Button, Badge, Card, Modal, etc. |
+| Form Components | `frontend/src/components/form/` | InputField, Select, Checkbox, Switch |
+| Icons | `frontend/src/icons/` | All SVG icons (import from `../../icons`) |
+
+**Module → File Quick Reference:** See [docs/INDEX.md](docs/INDEX.md#module--file-quick-reference)
+
+---
+
+## ⚠️ Module Status
+
+| Module | Status | Notes |
+|--------|--------|-------|
+| Planner | ✅ Active | Keywords, Clusters, Ideas |
+| Writer | ✅ Active | Tasks, Content, Images |
+| Automation | ✅ Active | 7-stage pipeline |
+| Billing | ✅ Active | Credits, Plans |
+| Publisher | ✅ Active | WordPress publishing |
+| **Linker** | ⏸️ Inactive | Exists but disabled - Phase 2 |
+| **Optimizer** | ⏸️ Inactive | Exists but disabled - Phase 2 |
+| **SiteBuilder** | ❌ Removed | Code exists but NOT part of app - mark for removal in TODOS.md |
+
+**Important:**
+- Do NOT work on Linker/Optimizer unless specifically requested
+- SiteBuilder code is deprecated - if found, add to `TODOS.md` for cleanup
+
+---
+
+## 🎨 DESIGN SYSTEM RULES (CRITICAL!)
+
+> **🔒 STYLE LOCKED** - All UI must use the design system. ESLint enforces these rules.
+
+### Color System (Only 6 Base Colors!)
+
+All colors in the system derive from 6 primary hex values in `design-system.css`:
+- `--color-primary` (#0077B6) - Brand Blue
+- `--color-success` (#2CA18E) - Success Green  
+- `--color-warning` (#D9A12C) - Warning Amber
+- `--color-danger` (#A12C40) - Danger Red
+- `--color-purple` (#2C40A1) - Purple accent
+- `--color-gray-base` (#667085) - Neutral gray
+
+### Tailwind Color Classes
+
+**✅ USE ONLY THESE** (Tailwind defaults are DISABLED):
+```
+brand-*    (50-950) - Primary blue scale
+gray-*     (25-950) - Neutral scale
+success-*  (25-950) - Green scale  
+error-*    (25-950) - Red scale
+warning-*  (25-950) - Amber scale
+purple-*   (25-950) - Purple scale
+```
+
+**❌ BANNED** (These will NOT work):
+```
+blue-*, red-*, green-*, emerald-*, amber-*, indigo-*, 
+pink-*, rose-*, sky-*, teal-*, cyan-*, etc.
+```
+
+### Styling Rules
+
+| ✅ DO | ❌ DON'T |
+|-------|---------|
+| `className="bg-brand-500"` | `className="bg-blue-500"` |
+| `className="text-gray-700"` | `className="text-[#333]"` |
+| `<Button variant="primary">` | `<button className="...">` |
+| Import from `../../icons` | Import from `@heroicons/*` |
+| Use CSS variables `var(--color-primary)` | Hardcode hex values |
+
+---
+
+## 🧩 COMPONENT RULES (ESLint Enforced!)
+
+> **Never use raw HTML elements** - Use design system components.
+
+### Required Component Mappings
+
+| HTML Element | Required Component | Import Path |
+|--------------|-------------------|-------------|
+| `<button>` | `Button` or `IconButton` | `components/ui/button/Button` |
+| `<input type="text/email/password">` | `InputField` | `components/form/input/InputField` |
+| `<input type="checkbox">` | `Checkbox` | `components/form/input/Checkbox` |
+| `<input type="radio">` | `Radio` | `components/form/input/Radio` |
+| `<select>` | `Select` or `SelectDropdown` | `components/form/Select` |
+| `<textarea>` | `TextArea` | `components/form/input/TextArea` |
+
+### Component Quick Reference
+
+```tsx
+// Buttons
+<Button variant="primary" tone="brand">Save</Button>
+<Button variant="outline" tone="danger">Delete</Button>
+<IconButton icon={<CloseIcon />} variant="ghost" title="Close" />
+
+// Form Inputs
+<InputField type="text" label="Name" value={val} onChange={setVal} />
+<Select options={opts} onChange={setVal} />
+<Checkbox label="Accept" checked={val} onChange={setVal} />
+<Switch label="Enable" checked={val} onChange={setVal} />
+
+// Display
+<Badge tone="success" variant="soft">Active</Badge>
+<Alert variant="error" title="Error" message="Failed" />
+<Spinner size="md" />
+```
+
+### Icon Rules
+
+**Always import from central location:**
+```tsx
+// ✅ CORRECT
+import { PlusIcon, CloseIcon, CheckCircleIcon } from '../../icons';
+
+// ❌ BANNED - External icon libraries
+import { XIcon } from '@heroicons/react/24/outline';
+import { Trash } from 'lucide-react';
+```
+
+**Icon sizing:**
+- `className="w-4 h-4"` - In buttons, badges
+- `className="w-5 h-5"` - Standalone
+- `className="w-6 h-6"` - Headers, features
+
+---
+
+## 🐳 Docker Commands (IMPORTANT!)
+
+**Container Names:**
+| Container | Name | Purpose |
+|-----------|------|---------|
+| Backend | `igny8_backend` | Django API server |
+| Frontend | `igny8_frontend` | React dev server |
+| Celery Worker | `igny8_celery_worker` | Background tasks |
+| Celery Beat | `igny8_celery_beat` | Scheduled tasks |
+
+**Run commands INSIDE containers:**
+```bash
+# ✅ CORRECT - Run Django management commands
+docker exec -it igny8_backend python manage.py migrate
+docker exec -it igny8_backend python manage.py makemigrations
+docker exec -it igny8_backend python manage.py shell
+
+# ✅ CORRECT - Run npm commands
+docker exec -it igny8_frontend npm install
+docker exec -it igny8_frontend npm run build
+docker exec -it igny8_frontend npm run lint  # Check design system violations
+
+# ✅ CORRECT - View logs
+docker logs igny8_backend -f
+docker logs igny8_celery_worker -f
+
+# ❌ WRONG - Don't use docker-compose for commands
+# docker-compose exec backend python manage.py migrate
+```
+
+---
+
+## 📊 Data Scoping (CRITICAL!)
+
+**Understand which data is scoped where:**
+
+| Scope | Models | Notes |
+|-------|--------|-------|
+| **Global (Platform-wide)** | `GlobalIntegrationSettings`, `GlobalAIPrompt`, `GlobalAuthorProfile`, `GlobalStrategy`, `GlobalModuleSettings`, `Industry`, `SeedKeyword` | Admin-only, shared by ALL accounts |
+| **Account-scoped** | `Account`, `User`, `Plan`, `IntegrationSettings`, `ModuleEnableSettings`, `AISettings`, `AIPrompt`, `AuthorProfile` | Filter by `account` |
+| **Site+Sector-scoped** | `Keywords`, `Clusters`, `ContentIdeas`, `Tasks`, `Content`, `Images` | Filter by `site` AND optionally `sector` |
+
+**Key Rules:**
+- Global settings: NO account filtering (platform-wide, admin managed)
+- Account models: Use `AccountBaseModel`, filter by `request.user.account`
+- Site/Sector models: Use `SiteSectorBaseModel`, filter by `site` and `sector`
+
+---
+
+## ✅ Rules (One Line Each)
+
+### Before Coding
+1. **Read docs first** - Always read the relevant module doc from `docs/10-MODULES/` before changing code
+2. **Read COMPONENT-SYSTEM.md** - **REQUIRED** before any frontend changes
+3. **Check existing patterns** - Search codebase for similar implementations before creating new ones
+4. **Use existing components** - Never duplicate; reuse components from `frontend/src/components/`
+5. **Check data scope** - Know if your model is Global, Account, or Site/Sector scoped (see table above)
+
+### During Coding - Backend
+6. **Use correct base class** - Global: `models.Model`, Account: `AccountBaseModel`, Site: `SiteSectorBaseModel`
+7. **Use AI framework** - Use `backend/igny8_core/ai/` for AI operations, NOT legacy `utils/ai_processor.py`
+8. **Follow service pattern** - Business logic in `backend/igny8_core/business/*/services/`
+9. **Check permissions** - Use `IsAuthenticatedAndActive`, `HasTenantAccess` in views
+
+### During Coding - Frontend (DESIGN SYSTEM)
+10. **Use design system components** - Button, InputField, Select, Badge, Card - never raw HTML
+11. **Use only design system colors** - `brand-*`, `gray-*`, `success-*`, `error-*`, `warning-*`, `purple-*`
+12. **Import icons from central location** - `import { Icon } from '../../icons'` - never external libraries
+13. **No inline styles** - Use Tailwind utilities or CSS variables only
+14. **No hardcoded colors** - No hex values, no `blue-500`, `red-500` (Tailwind defaults disabled)
+15. **Use TypeScript types** - All frontend code must be typed
+
+### After Coding
+16. **Run ESLint** - `docker exec -it igny8_frontend npm run lint` to check design system violations
+17. **Update CHANGELOG.md** - Every commit needs a changelog entry with git reference
+18. **Increment version** - PATCH for fixes, MINOR for features, MAJOR for breaking changes
+19. **Update docs** - If you changed APIs or architecture, update relevant docs in `docs/`
+20. **Run migrations** - After model changes: `docker exec -it igny8_backend python manage.py makemigrations`
+
+---
+
+## 📝 Changelog Format
+
+```markdown
+## v1.1.1 - December 27, 2025
+
+### Fixed
+- Description here (git: abc1234)
+
+### Added
+- Description here (git: def5678)
+
+### Changed
+- Description here (git: ghi9012)
+```
+
+---
+
+## 🔗 Key Documentation
+
+| I want to... | Go to |
+|--------------|-------|
+| Find any module | [docs/INDEX.md](docs/INDEX.md) |
+| **Use UI components** | [docs/30-FRONTEND/COMPONENT-SYSTEM.md](docs/30-FRONTEND/COMPONENT-SYSTEM.md) |
+| **Check design tokens** | [docs/30-FRONTEND/DESIGN-TOKENS.md](docs/30-FRONTEND/DESIGN-TOKENS.md) |
+| **Design guide** | [docs/30-FRONTEND/DESIGN-GUIDE.md](docs/30-FRONTEND/DESIGN-GUIDE.md) |
+| Understand architecture | [docs/00-SYSTEM/ARCHITECTURE.md](docs/00-SYSTEM/ARCHITECTURE.md) |
+| Find an API endpoint | [docs/20-API/ENDPOINTS.md](docs/20-API/ENDPOINTS.md) |
+| See all models | [docs/90-REFERENCE/MODELS.md](docs/90-REFERENCE/MODELS.md) |
+| Understand AI functions | [docs/90-REFERENCE/AI-FUNCTIONS.md](docs/90-REFERENCE/AI-FUNCTIONS.md) |
+| See frontend pages | [docs/30-FRONTEND/PAGES.md](docs/30-FRONTEND/PAGES.md) |
+| See recent changes | [CHANGELOG.md](CHANGELOG.md) |
+| View component demos | App route: `/ui-elements` |
+
+---
+
+## 🚫 Don't Do
+
+### General
+- ❌ Skip reading docs before coding
+- ❌ Create duplicate components
+- ❌ Use `docker-compose` for exec commands (use `docker exec`)
+- ❌ Use legacy `utils/ai_processor.py`
+- ❌ Add account filtering to Global models (they're platform-wide!)
+- ❌ Forget site/sector filtering on content models
+- ❌ Forget to update CHANGELOG
+- ❌ Hardcode values (use settings/constants)
+- ❌ Work on Linker/Optimizer (inactive modules - Phase 2)
+- ❌ Use any SiteBuilder code (deprecated - mark for removal)
+
+### Frontend - DESIGN SYSTEM VIOLATIONS
+- ❌ Use raw `<button>` - use `Button` or `IconButton`
+- ❌ Use raw `<input>` - use `InputField`, `Checkbox`, `Radio`
+- ❌ Use raw `<select>` - use `Select` or `SelectDropdown`
+- ❌ Use raw `<textarea>` - use `TextArea`
+- ❌ Use inline `style={}` attributes
+- ❌ Hardcode hex colors (`#0693e3`, `#ff0000`)
+- ❌ Use Tailwind default colors (`blue-500`, `red-500`, `green-500`)
+- ❌ Import from `@heroicons/*`, `lucide-react`, `@mui/icons-material`
+- ❌ Create new CSS files (use `design-system.css` only)
+
+---
+
+## 📊 API Base URLs
+
+| Module | Base URL |
+|--------|----------|
+| Auth | `/api/v1/auth/` |
+| Planner | `/api/v1/planner/` |
+| Writer | `/api/v1/writer/` |
+| Billing | `/api/v1/billing/` |
+| Integration | `/api/v1/integration/` |
+| System | `/api/v1/system/` |
+
+**API Docs:** https://api.igny8.com/api/docs/
+**Admin:** https://api.igny8.com/admin/
+**App:** https://app.igny8.com/
+
+---
+
+## 📄 Documentation Rules
+
+**Root folder MD files allowed (ONLY these):**
+- `.rules` - AI agent rules (this file)
+- `CHANGELOG.md` - Version history
+- `README.md` - Project quickstart
+
+**All other docs go in `/docs/` folder:**
+```
+docs/
+├── INDEX.md              # Master navigation
+├── 00-SYSTEM/            # Architecture, auth, tenancy, IGNY8-APP.md
+├── 10-MODULES/           # One file per module
+├── 20-API/               # API endpoints
+├── 30-FRONTEND/          # Pages, stores, DESIGN-GUIDE, DESIGN-TOKENS, COMPONENT-SYSTEM
+├── 40-WORKFLOWS/         # Cross-module flows
+├── 90-REFERENCE/         # Models, AI functions, FIXES-KB
+└── plans/                # FINAL-PRELAUNCH, implementation plans
+```
+
+**When updating docs:**
+| Change Type | Update These Files |
+|-------------|-------------------|
+| New endpoint | Module doc + `docs/20-API/ENDPOINTS.md` |
+| New model | Module doc + `docs/90-REFERENCE/MODELS.md` |
+| New page | Module doc + `docs/30-FRONTEND/PAGES.md` |
+| New module | Create module doc + update `docs/INDEX.md` |
+
+**DO NOT** create random MD files - update existing docs instead.
+
+---
+
+## 🎯 Quick Checklist Before Commit
+
+### Backend Changes
+- [ ] Read relevant module docs
+- [ ] Correct data scope (Global/Account/Site)
+- [ ] Ran migrations if model changed
+
+### Frontend Changes
+- [ ] Read COMPONENT-SYSTEM.md
+- [ ] Used design system components (not raw HTML)
+- [ ] Used design system colors (brand-*, gray-*, success-*, error-*, warning-*, purple-*)
+- [ ] Icons imported from `../../icons`
+- [ ] No inline styles or hardcoded hex colors
+- [ ] Ran `npm run lint` - no design system violations
+
+### All Changes
+- [ ] Updated CHANGELOG.md with git reference
+- [ ] Incremented version number
+- [ ] Tested locally

README.md

@@ -1,11 +1,22 @@
 # IGNY8 - AI-Powered SEO Content Platform
 
-**Version:** 1.0.0  
+**Version:** 1.0.5  
 **License:** Proprietary  
 **Website:** https://igny8.com
 
 ---
 
+## Quick Links
+
+| Document | Description |
+|----------|-------------|
+| [docs/00-SYSTEM/IGNY8-APP.md](docs/00-SYSTEM/IGNY8-APP.md) | Executive summary (non-technical) |
+| [docs/INDEX.md](docs/INDEX.md) | Full documentation index |
+| [CHANGELOG.md](CHANGELOG.md) | Version history |
+| [.rules](.rules) | AI agent rules |
+
+---
+
 ## What is IGNY8?
 
 IGNY8 is a full-stack SaaS platform that combines AI-powered content generation with intelligent SEO management. It helps content creators, marketers, and agencies streamline their content workflow from keyword research to published articles.
@@ -15,8 +26,8 @@ IGNY8 is a full-stack SaaS platform that combines AI-powered content generation
 - 🔍 **Smart Keyword Management** - Import, cluster, and organize keywords with AI
 - ✍️ **AI Content Generation** - Generate SEO-optimized blog posts using GPT-4
 - 🖼️ **AI Image Creation** - Auto-generate featured and in-article images
-- 🔗 **Internal Linking** - AI-powered link suggestions for SEO
-- 📊 **Content Optimization** - Analyze and score content quality
+- 🔗 **Internal Linking** - AI-powered link suggestions (coming soon)
+- 📊 **Content Optimization** - Analyze and score content quality (coming soon)
 - 🔄 **WordPress Integration** - Bidirectional sync with WordPress sites
 - 📈 **Usage-Based Billing** - Credit system for AI operations
 - 👥 **Multi-Tenancy** - Manage multiple sites and teams
@@ -25,14 +36,24 @@ IGNY8 is a full-stack SaaS platform that combines AI-powered content generation
 
 ## Repository Structure
 
-This monorepo contains two main applications:
-
 ```
 igny8/
+├── README.md             # This file
+├── CHANGELOG.md          # Version history
+├── .rules                # AI agent rules
 ├── backend/              # Django REST API + Celery
 ├── frontend/             # React + Vite SPA
-├── master-docs/          # Architecture documentation
-└── docker-compose.app.yml # Docker deployment config
+├── docs/                 # Full documentation
+│   ├── INDEX.md          # Documentation navigation
+│   ├── 00-SYSTEM/        # Architecture, auth, IGNY8-APP
+│   ├── 10-MODULES/       # Module documentation
+│   ├── 20-API/           # API endpoints
+│   ├── 30-FRONTEND/      # Frontend pages, stores, design system
+│   ├── 40-WORKFLOWS/     # Cross-module workflows
+│   ├── 50-DEPLOYMENT/    # Deployment guides
+│   ├── 90-REFERENCE/     # Models, AI functions, fixes
+│   └── plans/            # Implementation plans
+└── docker-compose.app.yml
 ```
 
 **Separate Repository:**
@@ -210,14 +231,20 @@ The WordPress bridge plugin (`igny8-wp-integration`) creates a bidirectional con
 
 ## Documentation
 
-Comprehensive documentation is available in the `master-docs/` directory:
+Start here: [docs/README.md](./docs/README.md) (index of all topics).
 
-- **[MASTER_REFERENCE.md](./MASTER_REFERENCE.md)** - Complete system architecture and navigation
-- **[API-COMPLETE-REFERENCE.md](./master-docs/API-COMPLETE-REFERENCE.md)** - Full API documentation
-- **[02-APPLICATION-ARCHITECTURE.md](./master-docs/02-APPLICATION-ARCHITECTURE.md)** - System design
-- **[04-BACKEND-IMPLEMENTATION.md](./master-docs/04-BACKEND-IMPLEMENTATION.md)** - Backend details
-- **[03-FRONTEND-ARCHITECTURE.md](./master-docs/03-FRONTEND-ARCHITECTURE.md)** - Frontend details
-- **[WORDPRESS-PLUGIN-INTEGRATION.md](./master-docs/WORDPRESS-PLUGIN-INTEGRATION.md)** - Plugin integration guide
+Common entry points:
+- App architecture: `docs/igny8-app/IGNY8-APP-ARCHITECTURE.md`
+- Backend architecture: `docs/backend/IGNY8-BACKEND-ARCHITECTURE.md`
+- Planner backend detail: `docs/backend/IGNY8-PLANNER-BACKEND.md`
+- Writer backend detail: `docs/backend/IGNY8-WRITER-BACKEND.md`
+- Automation: `docs/automation/AUTOMATION-REFERENCE.md`
+- Tech stack: `docs/tech-stack/00-SYSTEM-ARCHITECTURE-MASTER-REFERENCE.md`
+- API: `docs/API/API-COMPLETE-REFERENCE-LATEST.md`
+- Billing & Credits: `docs/billing/billing-account-final-plan-2025-12-05.md`
+- App guides: `docs/igny8-app/` (planner/writer workflows, taxonomy, feature modification)
+- WordPress: `docs/wp/` (plugin integration and sync)
+- Docs changelog: `docs/CHANGELOG.md`
 
 ---
 
@@ -356,3 +383,4 @@ See [CHANGELOG.md](./CHANGELOG.md) for version history and updates.
 ---
 
 **Built with ❤️ by the IGNY8 team**
+# Test commit - Mon Dec 15 07:18:54 UTC 2025

WORDPRESS_PUBLISH_UI_CHANGES.md

@@ -1,101 +0,0 @@
-# WordPress Publishing UI Update Summary
-
-## Changes Made
-
-### 🚀 **MOVED** WordPress Publishing from Content Page to Images Page
-
-**Reasoning**: Content page only contains text content without generated images, making it premature to publish. Images page contains complete content with generated images, making it the optimal place for publishing.
-
-### 📍 **WordPress Publishing Now Available On Images Page**
-
-#### **1. Individual Content Publishing** 
-- **Location**: 3-dot dropdown menu on each row in `/writer/images`
-- **Visibility**: Only shows "Publish to WordPress" when:
-  - ✅ Images are generated (status = 'complete')
-  - ✅ Not already published/publishing to WordPress
-- **Action**: Single click publishes individual content with all images, SEO metadata, categories, and content
-
-#### **2. Bulk Publishing**
-- **Location**: Top toolbar next to "Columns" selector in `/writer/images`
-- **Button Text**: "Publish Ready ({count})" - dynamically shows count of ready-to-publish items
-- **Visibility**: Only appears when there are items ready to publish
-- **Conditions**: 
-  - ✅ Images must be generated
-  - ✅ Not already published
-  - ✅ Not currently publishing
-- **Action**: Opens dialog showing all ready items, allows bulk publish with progress tracking
-
-#### **3. Smart Status Checks**
-- Uses existing image generation status badges/logic
-- Automatically filters eligible content
-- Real-time status updates after publishing
-- Error handling with detailed feedback
-
-### 🔄 **Updated Components**
-
-#### **Enhanced WordPress Publishing Components**
-```
-frontend/src/components/WordPressPublish/
-├── WordPressPublish.tsx        # Enhanced with image status checks
-├── BulkWordPressPublish.tsx    # NEW: Bulk publishing with progress
-├── ContentActionsMenu.tsx      # NEW: Smart dropdown with conditional visibility
-└── index.ts                    # Export all components
-```
-
-#### **Updated Page Configuration**
-```
-frontend/src/config/pages/table-actions.config.tsx
-├── /writer/images              # Added WordPress actions
-│   ├── rowActions[]            # "Publish to WordPress" (conditional)
-│   └── bulkActions[]           # "Publish Ready to WordPress"
-└── /writer/content             # Removed WordPress actions
-    └── rowActions[]            # Removed publish/unpublish
-```
-
-#### **Updated Pages**
-```
-frontend/src/pages/Writer/
-├── Images.tsx                  # Added WordPress publish handling
-│   ├── handleRowAction()       # WordPress single publish
-│   ├── handleBulkAction()      # WordPress bulk publish  
-│   └── import { api }          # API for WordPress calls
-└── Content.tsx                 # Removed WordPress functionality
-    ├── handleRowAction()       # Removed publish/unpublish logic
-    └── imports                 # Removed publishContent, unpublishContent
-```
-
-### 🎯 **User Experience Improvements**
-
-#### **Before** (Content Page)
-- ❌ WordPress publish available even when images not ready
-- ❌ Users would publish incomplete content
-- ❌ Required manual coordination between content creation and image generation
-
-#### **After** (Images Page)  
-- ✅ Publish only when content is complete with images
-- ✅ Smart button visibility based on actual readiness
-- ✅ Clear labeling: "Publish Ready (X)" shows exactly what's eligible
-- ✅ Bulk operations for efficiency
-- ✅ Real-time status tracking and feedback
-
-### 📋 **Status Explanations**
-
-The UI now uses short but explanatory labels:
-- **"Publish Ready (X)"** - X items have generated images and are ready for WordPress
-- **"Awaiting Images"** - Individual items waiting for image generation
-- **"Images Pending"** - Status chip when images aren't complete
-- **"Images Generated ✓"** - Confirmation in publish dialog
-
-### 🔧 **Technical Implementation**
-
-1. **Conditional Rendering**: Uses `shouldShow` functions to intelligently display actions
-2. **Status Integration**: Leverages existing image generation status tracking
-3. **API Integration**: Seamless connection to WordPress publishing endpoints
-4. **Error Handling**: Comprehensive error messages and retry logic
-5. **State Management**: Automatic reload of data after publishing actions
-
-### 🎊 **Result**
-
-Users now have a **streamlined, intelligent WordPress publishing workflow** that prevents premature publishing and ensures complete content (text + images) is always published together.
-
-The system automatically guides users to publish only when content is truly ready, improving content quality and user experience.

backend/Dockerfile

@@ -22,6 +22,10 @@ RUN pip install --upgrade pip \
 # Copy full project
 COPY . /app/
 
+# Copy startup script
+COPY container_startup.sh /app/
+RUN chmod +x /app/container_startup.sh
+
 # Collect static files for WhiteNoise (skip during build if DB not available)
 # Will be run during container startup if needed
 RUN python manage.py collectstatic --noinput || echo "Skipping collectstatic during build"
@@ -32,5 +36,7 @@ ENV DJANGO_SETTINGS_MODULE=igny8_core.settings
 # Expose port for Gunicorn (matches Portainer docker-compose config)
 EXPOSE 8010
 
+# Use startup script as entrypoint to log container lifecycle
 # Start using Gunicorn (matches Portainer docker-compose config)
+ENTRYPOINT ["/app/container_startup.sh"]
 CMD ["gunicorn", "igny8_core.wsgi:application", "--bind", "0.0.0.0:8010"]

backend/check_api_response.py

@@ -1,31 +0,0 @@
-#!/usr/bin/env python
-import os
-import django
-import json
-
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'igny8_core.settings')
-django.setup()
-
-from igny8_core.business.integration.models import SiteIntegration
-from igny8_core.auth.models import Site
-from django.test import RequestFactory
-from igny8_core.modules.integration.views import IntegrationViewSet
-
-# Create a fake request
-factory = RequestFactory()
-request = factory.get('/api/v1/integration/integrations/1/content-types/')
-
-# Create view and call the action
-integration = SiteIntegration.objects.get(id=1)
-viewset = IntegrationViewSet()
-viewset.format_kwarg = None
-viewset.request = request
-viewset.kwargs = {'pk': 1}
-
-# Get the response data
-response = viewset.content_types_summary(request, pk=1)
-
-print("Response Status:", response.status_code)
-print("\nResponse Data:")
-print(json.dumps(response.data, indent=2, default=str))
-

backend/container_startup.sh

@@ -0,0 +1,47 @@
+#!/bin/bash
+# Container Startup Logger
+# Logs container lifecycle events for debugging restarts
+
+set -e
+
+echo "=========================================="
+echo "[CONTAINER-STARTUP] $(date '+%Y-%m-%d %H:%M:%S')"
+echo "Container: igny8_backend"
+echo "Hostname: $(hostname)"
+echo "PID: $$"
+echo "=========================================="
+
+# Log environment info
+echo "[INFO] Python version: $(python --version 2>&1)"
+echo "[INFO] Django settings: ${DJANGO_SETTINGS_MODULE:-igny8_core.settings}"
+echo "[INFO] Debug mode: ${DEBUG:-False}"
+echo "[INFO] Database host: ${DB_HOST:-not set}"
+
+# Check if this is a restart (look for previous process artifacts)
+if [ -f /tmp/container_pid ]; then
+    PREV_PID=$(cat /tmp/container_pid)
+    echo "[WARNING] Previous container PID found: $PREV_PID"
+    echo "[WARNING] This appears to be a RESTART event"
+    echo "[WARNING] Check Docker logs for SIGTERM/SIGKILL signals"
+else
+    echo "[INFO] First startup (no previous PID file found)"
+fi
+
+# Save current PID
+echo $$ > /tmp/container_pid
+
+# Run database migrations (will skip if up to date)
+echo "[INFO] Running database migrations..."
+python manage.py migrate --noinput || echo "[WARNING] Migration failed or skipped"
+
+# Collect static files (skip if already done)
+echo "[INFO] Collecting static files..."
+python manage.py collectstatic --noinput || echo "[WARNING] Collectstatic failed or skipped"
+
+echo "=========================================="
+echo "[CONTAINER-STARTUP] Initialization complete"
+echo "[CONTAINER-STARTUP] Starting Gunicorn..."
+echo "=========================================="
+
+# Execute the CMD passed to the script (Gunicorn command)
+exec "$@"

backend/create_groups.py

@@ -0,0 +1,61 @@
+#!/usr/bin/env python
+"""Script to create admin permission groups"""
+import os
+import django
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'igny8_core.settings')
+django.setup()
+
+from django.contrib.auth.models import Group, Permission
+from django.contrib.contenttypes.models import ContentType
+
+groups_permissions = {
+    'Content Manager': {
+        'models': [
+            ('writer', 'content'), ('writer', 'tasks'), ('writer', 'images'),
+            ('planner', 'keywords'), ('planner', 'clusters'), ('planner', 'contentideas'),
+        ],
+        'permissions': ['add', 'change', 'view'],
+    },
+    'Billing Admin': {
+        'models': [
+            ('billing', 'payment'), ('billing', 'invoice'), ('billing', 'credittransaction'),
+            ('billing', 'creditusagelog'), ('igny8_core_auth', 'account'),
+        ],
+        'permissions': ['add', 'change', 'view', 'delete'],
+    },
+    'Support Agent': {
+        'models': [
+            ('writer', 'content'), ('writer', 'tasks'),
+            ('igny8_core_auth', 'account'), ('igny8_core_auth', 'site'),
+        ],
+        'permissions': ['view'],
+    },
+}
+
+print('Creating admin permission groups...\n')
+
+for group_name, config in groups_permissions.items():
+    group, created = Group.objects.get_or_create(name=group_name)
+    status = 'Created' if created else 'Updated'
+    print(f'✓ {status} group: {group_name}')
+    
+    group.permissions.clear()
+    added = 0
+    
+    for app_label, model_name in config['models']:
+        try:
+            ct = ContentType.objects.get(app_label=app_label, model=model_name)
+            for perm_type in config['permissions']:
+                try:
+                    perm = Permission.objects.get(content_type=ct, codename=f'{perm_type}_{model_name}')
+                    group.permissions.add(perm)
+                    added += 1
+                except Permission.DoesNotExist:
+                    print(f'  ! Permission not found: {perm_type}_{model_name}')
+        except ContentType.DoesNotExist:
+            print(f'  ! ContentType not found: {app_label}.{model_name}')
+    
+    print(f'  Added {added} permissions')
+
+print('\n✓ Permission groups created successfully!')

backend/diagnose_generate_content.py

@@ -1,393 +0,0 @@
-#!/usr/bin/env python
-"""
-Diagnostic script for generate_content function issues
-Tests each layer of the content generation pipeline to identify where it's failing
-"""
-import os
-import sys
-import django
-import logging
-
-# Setup Django
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'igny8_core.settings')
-django.setup()
-
-from igny8_core.auth.models import Account
-from igny8_core.modules.writer.models import Tasks, Content
-from igny8_core.modules.system.models import IntegrationSettings
-from igny8_core.ai.registry import get_function_instance
-from igny8_core.ai.engine import AIEngine
-from igny8_core.business.content.services.content_generation_service import ContentGenerationService
-
-# Setup logging
-logging.basicConfig(
-    level=logging.INFO,
-    format='%(asctime)s [%(levelname)s] %(name)s: %(message)s'
-)
-logger = logging.getLogger(__name__)
-
-def print_section(title):
-    """Print a section header"""
-    print("\n" + "=" * 80)
-    print(f"  {title}")
-    print("=" * 80 + "\n")
-
-def test_prerequisites():
-    """Test that prerequisites are met"""
-    print_section("1. TESTING PREREQUISITES")
-    
-    # Check if account exists
-    try:
-        account = Account.objects.first()
-        if not account:
-            print("❌ FAIL: No account found in database")
-            return None
-        print(f"✅ PASS: Found account: {account.id} ({account.email})")
-    except Exception as e:
-        print(f"❌ FAIL: Error getting account: {e}")
-        return None
-    
-    # Check OpenAI integration settings
-    try:
-        openai_settings = IntegrationSettings.objects.filter(
-            integration_type='openai',
-            account=account,
-            is_active=True
-        ).first()
-        
-        if not openai_settings:
-            print("❌ FAIL: No active OpenAI integration settings found")
-            return None
-        
-        if not openai_settings.config or not openai_settings.config.get('apiKey'):
-            print("❌ FAIL: OpenAI API key not configured in IntegrationSettings")
-            return None
-        
-        api_key_preview = openai_settings.config['apiKey'][:10] + "..." if openai_settings.config.get('apiKey') else "None"
-        model = openai_settings.config.get('model', 'Not set')
-        print(f"✅ PASS: OpenAI settings found (API key: {api_key_preview}, Model: {model})")
-    except Exception as e:
-        print(f"❌ FAIL: Error checking OpenAI settings: {e}")
-        return None
-    
-    # Check if tasks exist
-    try:
-        tasks = Tasks.objects.filter(account=account, status='pending')[:5]
-        task_count = tasks.count()
-        
-        if task_count == 0:
-            print("⚠️  WARNING: No pending tasks found, will try to use any task")
-            tasks = Tasks.objects.filter(account=account)[:5]
-            task_count = tasks.count()
-            
-        if task_count == 0:
-            print("❌ FAIL: No tasks found at all")
-            return None
-        
-        print(f"✅ PASS: Found {task_count} task(s)")
-        for task in tasks:
-            print(f"   - Task {task.id}: {task.title or 'Untitled'} (status: {task.status})")
-    except Exception as e:
-        print(f"❌ FAIL: Error getting tasks: {e}")
-        return None
-    
-    return {
-        'account': account,
-        'tasks': list(tasks),
-        'openai_settings': openai_settings
-    }
-
-def test_function_registry():
-    """Test that the generate_content function is registered"""
-    print_section("2. TESTING FUNCTION REGISTRY")
-    
-    try:
-        fn = get_function_instance('generate_content')
-        if not fn:
-            print("❌ FAIL: generate_content function not found in registry")
-            return False
-        
-        print(f"✅ PASS: Function registered: {fn.get_name()}")
-        metadata = fn.get_metadata()
-        print(f"   - Display name: {metadata.get('display_name')}")
-        print(f"   - Description: {metadata.get('description')}")
-        return True
-    except Exception as e:
-        print(f"❌ FAIL: Error loading function: {e}")
-        import traceback
-        traceback.print_exc()
-        return False
-
-def test_function_validation(context):
-    """Test function validation"""
-    print_section("3. TESTING FUNCTION VALIDATION")
-    
-    try:
-        fn = get_function_instance('generate_content')
-        account = context['account']
-        task = context['tasks'][0]
-        
-        payload = {'ids': [task.id]}
-        print(f"Testing with payload: {payload}")
-        
-        result = fn.validate(payload, account)
-        
-        if result['valid']:
-            print(f"✅ PASS: Validation succeeded")
-        else:
-            print(f"❌ FAIL: Validation failed: {result.get('error')}")
-            return False
-        
-        return True
-    except Exception as e:
-        print(f"❌ FAIL: Error during validation: {e}")
-        import traceback
-        traceback.print_exc()
-        return False
-
-def test_function_prepare(context):
-    """Test function prepare phase"""
-    print_section("4. TESTING FUNCTION PREPARE")
-    
-    try:
-        fn = get_function_instance('generate_content')
-        account = context['account']
-        task = context['tasks'][0]
-        
-        payload = {'ids': [task.id]}
-        print(f"Preparing task {task.id}: {task.title or 'Untitled'}")
-        
-        data = fn.prepare(payload, account)
-        
-        if not data:
-            print("❌ FAIL: Prepare returned no data")
-            return False
-        
-        if isinstance(data, list):
-            print(f"✅ PASS: Prepared {len(data)} task(s)")
-            for t in data:
-                print(f"   - Task {t.id}: {t.title or 'Untitled'}")
-                print(f"     Cluster: {t.cluster.name if t.cluster else 'None'}")
-                print(f"     Taxonomy: {t.taxonomy_term.name if t.taxonomy_term else 'None'}")
-                print(f"     Keywords: {t.keywords.count()} keyword(s)")
-        else:
-            print(f"✅ PASS: Prepared data: {type(data)}")
-        
-        context['prepared_data'] = data
-        return True
-    except Exception as e:
-        print(f"❌ FAIL: Error during prepare: {e}")
-        import traceback
-        traceback.print_exc()
-        return False
-
-def test_function_build_prompt(context):
-    """Test prompt building"""
-    print_section("5. TESTING PROMPT BUILDING")
-    
-    try:
-        fn = get_function_instance('generate_content')
-        account = context['account']
-        data = context['prepared_data']
-        
-        prompt = fn.build_prompt(data, account)
-        
-        if not prompt:
-            print("❌ FAIL: No prompt generated")
-            return False
-        
-        print(f"✅ PASS: Prompt generated ({len(prompt)} characters)")
-        print("\nPrompt preview (first 500 chars):")
-        print("-" * 80)
-        print(prompt[:500])
-        if len(prompt) > 500:
-            print(f"\n... ({len(prompt) - 500} more characters)")
-        print("-" * 80)
-        
-        context['prompt'] = prompt
-        return True
-    except Exception as e:
-        print(f"❌ FAIL: Error building prompt: {e}")
-        import traceback
-        traceback.print_exc()
-        return False
-
-def test_model_config(context):
-    """Test model configuration"""
-    print_section("6. TESTING MODEL CONFIGURATION")
-    
-    try:
-        from igny8_core.ai.settings import get_model_config
-        account = context['account']
-        
-        model_config = get_model_config('generate_content', account=account)
-        
-        if not model_config:
-            print("❌ FAIL: No model config returned")
-            return False
-        
-        print(f"✅ PASS: Model configuration loaded")
-        print(f"   - Model: {model_config.get('model')}")
-        print(f"   - Max tokens: {model_config.get('max_tokens')}")
-        print(f"   - Temperature: {model_config.get('temperature')}")
-        print(f"   - Response format: {model_config.get('response_format')}")
-        
-        context['model_config'] = model_config
-        return True
-    except Exception as e:
-        print(f"❌ FAIL: Error getting model config: {e}")
-        import traceback
-        traceback.print_exc()
-        return False
-
-def test_ai_core_request(context):
-    """Test AI core request (actual API call)"""
-    print_section("7. TESTING AI CORE REQUEST (ACTUAL API CALL)")
-    
-    # Ask user for confirmation
-    print("⚠️  WARNING: This will make an actual API call to OpenAI and cost money!")
-    print("Do you want to proceed? (yes/no): ", end='')
-    response = input().strip().lower()
-    
-    if response != 'yes':
-        print("Skipping API call test")
-        return True
-    
-    try:
-        from igny8_core.ai.ai_core import AICore
-        account = context['account']
-        prompt = context['prompt']
-        model_config = context['model_config']
-        
-        # Use a shorter test prompt to save costs
-        test_prompt = prompt[:1000] + "\n\n[TEST MODE - Generate only title and first paragraph]"
-        
-        print(f"Making test API call with shortened prompt ({len(test_prompt)} chars)...")
-        
-        ai_core = AICore(account=account)
-        result = ai_core.run_ai_request(
-            prompt=test_prompt,
-            model=model_config['model'],
-            max_tokens=500,  # Limit tokens for testing
-            temperature=model_config.get('temperature', 0.7),
-            response_format=model_config.get('response_format'),
-            function_name='generate_content_test'
-        )
-        
-        if result.get('error'):
-            print(f"❌ FAIL: API call returned error: {result['error']}")
-            return False
-        
-        if not result.get('content'):
-            print(f"❌ FAIL: API call returned no content")
-            return False
-        
-        print(f"✅ PASS: API call successful")
-        print(f"   - Tokens: {result.get('total_tokens', 0)}")
-        print(f"   - Cost: ${result.get('cost', 0):.6f}")
-        print(f"   - Model: {result.get('model')}")
-        print(f"\nContent preview (first 300 chars):")
-        print("-" * 80)
-        print(result['content'][:300])
-        print("-" * 80)
-        
-        context['ai_response'] = result
-        return True
-    except Exception as e:
-        print(f"❌ FAIL: Error during API call: {e}")
-        import traceback
-        traceback.print_exc()
-        return False
-
-def test_service_layer(context):
-    """Test the content generation service"""
-    print_section("8. TESTING CONTENT GENERATION SERVICE")
-    
-    print("⚠️  WARNING: This will make a full API call and create content!")
-    print("Do you want to proceed? (yes/no): ", end='')
-    response = input().strip().lower()
-    
-    if response != 'yes':
-        print("Skipping service test")
-        return True
-    
-    try:
-        account = context['account']
-        task = context['tasks'][0]
-        
-        service = ContentGenerationService()
-        
-        print(f"Calling generate_content with task {task.id}...")
-        
-        result = service.generate_content([task.id], account)
-        
-        if not result:
-            print("❌ FAIL: Service returned None")
-            return False
-        
-        if not result.get('success'):
-            print(f"❌ FAIL: Service failed: {result.get('error')}")
-            return False
-        
-        print(f"✅ PASS: Service call successful")
-        
-        if 'task_id' in result:
-            print(f"   - Celery task ID: {result['task_id']}")
-            print(f"   - Message: {result.get('message')}")
-            print("\n⚠️  Note: Content generation is running in background (Celery)")
-            print("   Check Celery logs for actual execution status")
-        else:
-            print(f"   - Content created: {result.get('content_id')}")
-            print(f"   - Word count: {result.get('word_count')}")
-        
-        return True
-    except Exception as e:
-        print(f"❌ FAIL: Error in service layer: {e}")
-        import traceback
-        traceback.print_exc()
-        return False
-
-def main():
-    """Run all diagnostic tests"""
-    print("\n" + "=" * 80)
-    print("  GENERATE_CONTENT DIAGNOSTIC TOOL")
-    print("=" * 80)
-    print("\nThis tool will test each layer of the content generation pipeline")
-    print("to identify where the function is failing.")
-    
-    # Run tests
-    context = test_prerequisites()
-    if not context:
-        print("\n❌ FATAL: Prerequisites test failed. Cannot continue.")
-        return
-    
-    if not test_function_registry():
-        print("\n❌ FATAL: Function registry test failed. Cannot continue.")
-        return
-    
-    if not test_function_validation(context):
-        print("\n❌ FATAL: Validation test failed. Cannot continue.")
-        return
-    
-    if not test_function_prepare(context):
-        print("\n❌ FATAL: Prepare test failed. Cannot continue.")
-        return
-    
-    if not test_function_build_prompt(context):
-        print("\n❌ FATAL: Prompt building test failed. Cannot continue.")
-        return
-    
-    if not test_model_config(context):
-        print("\n❌ FATAL: Model config test failed. Cannot continue.")
-        return
-    
-    # Optional tests (require API calls)
-    test_ai_core_request(context)
-    test_service_layer(context)
-    
-    print_section("DIAGNOSTIC COMPLETE")
-    print("Review the results above to identify where the generate_content")
-    print("function is failing.\n")
-
-if __name__ == '__main__':
-    main()

backend/final_verify.py

@@ -1,67 +0,0 @@
-#!/usr/bin/env python
-"""
-Final verification that the WordPress content types are properly synced
-"""
-import os
-import django
-
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'igny8_core.settings')
-django.setup()
-
-from igny8_core.business.integration.models import SiteIntegration
-from igny8_core.auth.models import Site
-import json
-
-print("=" * 70)
-print("WORDPRESS SYNC FIX VERIFICATION")
-print("=" * 70)
-
-# Get site 5
-site = Site.objects.get(id=5)
-print(f"\n✓ Site: {site.name} (ID: {site.id})")
-
-# Get WordPress integration
-integration = SiteIntegration.objects.get(site=site, platform='wordpress')
-print(f"✓ Integration: {integration.platform.upper()} (ID: {integration.id})")
-print(f"✓ Active: {integration.is_active}")
-print(f"✓ Sync Enabled: {integration.sync_enabled}")
-
-# Verify config data
-config = integration.config_json or {}
-content_types = config.get('content_types', {})
-
-print("\n" + "=" * 70)
-print("CONTENT TYPES STRUCTURE")
-print("=" * 70)
-
-# Post Types
-post_types = content_types.get('post_types', {})
-print(f"\n📝 Post Types: ({len(post_types)} total)")
-for pt_name, pt_data in post_types.items():
-    print(f"  • {pt_data['label']} ({pt_name})")
-    print(f"    - Count: {pt_data['count']}")
-    print(f"    - Enabled: {pt_data['enabled']}")
-    print(f"    - Fetch Limit: {pt_data['fetch_limit']}")
-
-# Taxonomies
-taxonomies = content_types.get('taxonomies', {})
-print(f"\n🏷️  Taxonomies: ({len(taxonomies)} total)")
-for tax_name, tax_data in taxonomies.items():
-    print(f"  • {tax_data['label']} ({tax_name})")
-    print(f"    - Count: {tax_data['count']}")
-    print(f"    - Enabled: {tax_data['enabled']}")
-    print(f"    - Fetch Limit: {tax_data['fetch_limit']}")
-
-# Last fetch time
-last_fetch = content_types.get('last_structure_fetch')
-print(f"\n🕐 Last Structure Fetch: {last_fetch}")
-
-print("\n" + "=" * 70)
-print("✅ SUCCESS! WordPress content types are properly configured")
-print("=" * 70)
-print("\nNext Steps:")
-print("1. Refresh the IGNY8 app page in your browser")
-print("2. Navigate to Sites → Settings → Content Types tab")
-print("3. You should now see all Post Types and Taxonomies listed")
-print("=" * 70)
-

backend/fix_content_types.py

@@ -1,88 +0,0 @@
-#!/usr/bin/env python
-import os
-import django
-
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'igny8_core.settings')
-django.setup()
-
-from igny8_core.business.integration.models import SiteIntegration
-from igny8_core.auth.models import Site
-from django.utils import timezone
-
-try:
-    # Get site 5
-    site = Site.objects.get(id=5)
-    print(f"✓ Site found: {site.name}")
-
-    # Get or create WordPress integration
-    integration, created = SiteIntegration.objects.get_or_create(
-        site=site,
-        platform='wordpress',
-        defaults={
-            'is_active': True,
-            'sync_enabled': True,
-            'config_json': {}
-        }
-    )
-
-    print(f"✓ Integration ID: {integration.id} (created: {created})")
-
-    # Add structure data
-    integration.config_json = {
-        'content_types': {
-            'post_types': {
-                'post': {
-                    'label': 'Posts',
-                    'count': 150,
-                    'enabled': True,
-                    'fetch_limit': 100
-                },
-                'page': {
-                    'label': 'Pages',
-                    'count': 25,
-                    'enabled': True,
-                    'fetch_limit': 100
-                },
-                'product': {
-                    'label': 'Products',
-                    'count': 89,
-                    'enabled': True,
-                    'fetch_limit': 100
-                }
-            },
-            'taxonomies': {
-                'category': {
-                    'label': 'Categories',
-                    'count': 15,
-                    'enabled': True,
-                    'fetch_limit': 100
-                },
-                'post_tag': {
-                    'label': 'Tags',
-                    'count': 234,
-                    'enabled': True,
-                    'fetch_limit': 100
-                },
-                'product_cat': {
-                    'label': 'Product Categories',
-                    'count': 12,
-                    'enabled': True,
-                    'fetch_limit': 100
-                }
-            },
-            'last_structure_fetch': timezone.now().isoformat()
-        },
-        'plugin_connection_enabled': True,
-        'two_way_sync_enabled': True
-    }
-
-    integration.save()
-    print("✓ Structure data saved successfully!")
-    print(f"✓ Integration ID: {integration.id}")
-    print("\n✅ READY: Refresh the page to see the content types!")
-
-except Exception as e:
-    print(f"❌ ERROR: {str(e)}")
-    import traceback
-    traceback.print_exc()
-

backend/fix_integration_site_url.py

@@ -1,76 +0,0 @@
-#!/usr/bin/env python
-"""
-Fix missing site_url in integration config
-Adds site_url to config_json from site.domain or site.wp_url
-"""
-import os
-import sys
-import django
-
-# Setup Django environment
-sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'igny8_core.settings')
-django.setup()
-
-from igny8_core.business.integration.models import SiteIntegration
-from igny8_core.auth.models import Site
-
-def fix_integration_site_urls():
-    """Add site_url to integration config if missing"""
-    
-    integrations = SiteIntegration.objects.filter(platform='wordpress')
-    
-    fixed_count = 0
-    skipped_count = 0
-    error_count = 0
-    
-    for integration in integrations:
-        try:
-            config = integration.config_json or {}
-            
-            # Check if site_url is already set
-            if config.get('site_url'):
-                print(f"✓ Integration {integration.id} already has site_url: {config.get('site_url')}")
-                skipped_count += 1
-                continue
-            
-            # Try to get site URL from multiple sources
-            site_url = None
-            
-            # First, try legacy wp_url
-            if integration.site.wp_url:
-                site_url = integration.site.wp_url
-                print(f"→ Using legacy wp_url for integration {integration.id}: {site_url}")
-            
-            # Fallback to domain
-            elif integration.site.domain:
-                site_url = integration.site.domain
-                print(f"→ Using domain for integration {integration.id}: {site_url}")
-            
-            if site_url:
-                # Update config
-                config['site_url'] = site_url
-                integration.config_json = config
-                integration.save(update_fields=['config_json'])
-                print(f"✓ Updated integration {integration.id} with site_url: {site_url}")
-                fixed_count += 1
-            else:
-                print(f"✗ Integration {integration.id} has no site URL available (site: {integration.site.name}, id: {integration.site.id})")
-                error_count += 1
-        
-        except Exception as e:
-            print(f"✗ Error fixing integration {integration.id}: {e}")
-            error_count += 1
-    
-    print("\n" + "="*60)
-    print(f"Summary:")
-    print(f"  Fixed: {fixed_count}")
-    print(f"  Skipped (already set): {skipped_count}")
-    print(f"  Errors: {error_count}")
-    print("="*60)
-
-if __name__ == '__main__':
-    print("Fixing WordPress integration site URLs...")
-    print("="*60)
-    fix_integration_site_urls()
-

backend/fix_sync.py

@@ -1,90 +0,0 @@
-#!/usr/bin/env python
-"""Script to inject WordPress structure data into the backend"""
-
-from igny8_core.business.integration.models import SiteIntegration
-from igny8_core.auth.models import Site
-from django.utils import timezone
-
-# Get site 5
-try:
-    site = Site.objects.get(id=5)
-    print(f"✓ Found site: {site.name}")
-except Site.DoesNotExist:
-    print("✗ Site with ID 5 not found!")
-    exit(1)
-
-# Get or create WordPress integration for this site
-integration, created = SiteIntegration.objects.get_or_create(
-    site=site,
-    platform='wordpress',
-    defaults={
-        'is_active': True,
-        'sync_enabled': True,
-        'config_json': {}
-    }
-)
-
-print(f"✓ Integration ID: {integration.id} (newly created: {created})")
-
-# Add structure data
-integration.config_json = {
-    'content_types': {
-        'post_types': {
-            'post': {
-                'label': 'Posts',
-                'count': 150,
-                'enabled': True,
-                'fetch_limit': 100,
-                'synced_count': 0
-            },
-            'page': {
-                'label': 'Pages',
-                'count': 25,
-                'enabled': True,
-                'fetch_limit': 100,
-                'synced_count': 0
-            },
-            'product': {
-                'label': 'Products',
-                'count': 89,
-                'enabled': True,
-                'fetch_limit': 100,
-                'synced_count': 0
-            }
-        },
-        'taxonomies': {
-            'category': {
-                'label': 'Categories',
-                'count': 15,
-                'enabled': True,
-                'fetch_limit': 100,
-                'synced_count': 0
-            },
-            'post_tag': {
-                'label': 'Tags',
-                'count': 234,
-                'enabled': True,
-                'fetch_limit': 100,
-                'synced_count': 0
-            },
-            'product_cat': {
-                'label': 'Product Categories',
-                'count': 12,
-                'enabled': True,
-                'fetch_limit': 100,
-                'synced_count': 0
-            }
-        },
-        'last_structure_fetch': timezone.now().isoformat()
-    },
-    'plugin_connection_enabled': True,
-    'two_way_sync_enabled': True
-}
-
-integration.save()
-print("✓ Structure data saved!")
-print(f"✓ Post Types: {len(integration.config_json['content_types']['post_types'])}")
-print(f"✓ Taxonomies: {len(integration.config_json['content_types']['taxonomies'])}")
-print(f"✓ Last fetch: {integration.config_json['content_types']['last_structure_fetch']}")
-print("\n🎉 SUCCESS! Now refresh: https://app.igny8.com/sites/5/settings?tab=content-types")
-

backend/igny8_core/admin/__init__.py

@@ -1,7 +1,7 @@
 """
 Admin module for IGNY8
 """
-from .base import AccountAdminMixin, SiteSectorAdminMixin
+# Note: Igny8ModelAdmin is imported by individual admin modules as needed to avoid circular imports
 
-__all__ = ['AccountAdminMixin', 'SiteSectorAdminMixin']
+__all__ = []
 

backend/igny8_core/admin/alerts.py

@@ -0,0 +1,122 @@
+"""
+Admin Alert System
+"""
+from django.utils import timezone
+from datetime import timedelta
+
+
+class AdminAlerts:
+    """System for admin alerts and notifications"""
+    
+    @staticmethod
+    def get_alerts():
+        """Get all active alerts"""
+        alerts = []
+        today = timezone.now().date()
+        
+        # Check for pending payments
+        from igny8_core.business.billing.models import Payment
+        pending_payments = Payment.objects.filter(status='pending_approval').count()
+        if pending_payments > 0:
+            alerts.append({
+                'level': 'warning',
+                'icon': '⚠️',
+                'message': f'{pending_payments} payment(s) awaiting approval',
+                'url': '/admin/billing/payment/?status=pending_approval',
+                'action': 'Review Payments'
+            })
+        
+        # Check for low credit accounts
+        from igny8_core.auth.models import Account
+        low_credit_accounts = Account.objects.filter(
+            status='active',
+            credits__lt=100
+        ).count()
+        if low_credit_accounts > 0:
+            alerts.append({
+                'level': 'info',
+                'icon': 'ℹ️',
+                'message': f'{low_credit_accounts} account(s) with low credits',
+                'url': '/admin/igny8_core_auth/account/?credits__lt=100',
+                'action': 'View Accounts'
+            })
+        
+        # Check for very low credits (critical)
+        critical_credit_accounts = Account.objects.filter(
+            status='active',
+            credits__lt=10
+        ).count()
+        if critical_credit_accounts > 0:
+            alerts.append({
+                'level': 'error',
+                'icon': '🔴',
+                'message': f'{critical_credit_accounts} account(s) with critical low credits (< 10)',
+                'url': '/admin/igny8_core_auth/account/?credits__lt=10',
+                'action': 'Urgent Review'
+            })
+        
+        # Check for failed automations
+        from igny8_core.business.automation.models import AutomationRun
+        failed_today = AutomationRun.objects.filter(
+            status='failed',
+            started_at__date=today
+        ).count()
+        if failed_today > 0:
+            alerts.append({
+                'level': 'error',
+                'icon': '🔴',
+                'message': f'{failed_today} automation(s) failed today',
+                'url': '/admin/automation/automationrun/?status=failed',
+                'action': 'Review Failures'
+            })
+        
+        # Check for failed syncs
+        from igny8_core.business.integration.models import SyncEvent
+        failed_syncs = SyncEvent.objects.filter(
+            success=False,
+            created_at__date=today
+        ).count()
+        if failed_syncs > 5:  # Only alert if more than 5
+            alerts.append({
+                'level': 'warning',
+                'icon': '⚠️',
+                'message': f'{failed_syncs} WordPress sync failures today',
+                'url': '/admin/integration/syncevent/?success=False',
+                'action': 'Review Syncs'
+            })
+        
+        # Check for failed Celery tasks
+        try:
+            from django_celery_results.models import TaskResult
+            celery_failed = TaskResult.objects.filter(
+                status='FAILURE',
+                date_created__date=today
+            ).count()
+            if celery_failed > 0:
+                alerts.append({
+                    'level': 'error',
+                    'icon': '🔴',
+                    'message': f'{celery_failed} Celery task(s) failed today',
+                    'url': '/admin/django_celery_results/taskresult/?status=FAILURE',
+                    'action': 'Review Tasks'
+                })
+        except:
+            pass
+        
+        # Check for stale pending tasks (older than 24 hours)
+        from igny8_core.modules.writer.models import Tasks
+        yesterday = today - timedelta(days=1)
+        stale_tasks = Tasks.objects.filter(
+            status='pending',
+            created_at__date__lte=yesterday
+        ).count()
+        if stale_tasks > 10:
+            alerts.append({
+                'level': 'info',
+                'icon': 'ℹ️',
+                'message': f'{stale_tasks} tasks pending for more than 24 hours',
+                'url': '/admin/writer/tasks/?status=pending',
+                'action': 'Review Tasks'
+            })
+        
+        return alerts

backend/igny8_core/admin/apps.py

@@ -1,8 +1,98 @@
+from django.contrib import admin
 from django.contrib.admin.apps import AdminConfig
 
 
+class ReadOnlyAdmin(admin.ModelAdmin):
+    """Generic read-only admin for system tables."""
+
+    def has_add_permission(self, request):
+        return False
+
+    def has_change_permission(self, request, obj=None):
+        return False
+
+    def has_delete_permission(self, request, obj=None):
+        return False
+
+
+def _safe_register(model, model_admin):
+    try:
+        admin.site.register(model, model_admin)
+    except admin.sites.AlreadyRegistered:
+        pass
+
+
 class Igny8AdminConfig(AdminConfig):
     default_site = 'igny8_core.admin.site.Igny8AdminSite'
     name = 'django.contrib.admin'
 
+    def ready(self):
+        super().ready()
+        
+        # Replace default admin.site with our custom Igny8AdminSite
+        # IMPORTANT: Must copy all registrations from old site to new site
+        # because models register themselves before ready() is called
+        from igny8_core.admin.site import admin_site
+        import django.contrib.admin as admin_module
+        
+        # Copy all model registrations from the default site to our custom site
+        old_site = admin_module.site
+        admin_site._registry = old_site._registry.copy()
+        admin_site._actions = old_site._actions.copy()
+        admin_site._global_actions = old_site._global_actions.copy()
+        
+        # CRITICAL: Update each ModelAdmin's admin_site attribute to point to our custom site
+        # Otherwise, each_context() will use the wrong admin site and miss our customizations
+        for model, model_admin in admin_site._registry.items():
+            model_admin.admin_site = admin_site
+        
+        # Now replace the default site
+        admin_module.site = admin_site
+        admin_module.sites.site = admin_site
+        
+        # Import Unfold AFTER apps are ready
+        from unfold.admin import ModelAdmin as UnfoldModelAdmin
+        
+        # Register Django internals in admin (read-only where appropriate)
+        from django.contrib.admin.models import LogEntry
+        from django.contrib.auth.models import Group, Permission
+        from django.contrib.contenttypes.models import ContentType
+        from django.contrib.sessions.models import Session
+
+        _safe_register(LogEntry, ReadOnlyAdmin)
+        _safe_register(Permission, UnfoldModelAdmin)
+        _safe_register(Group, UnfoldModelAdmin)
+        _safe_register(ContentType, ReadOnlyAdmin)
+        _safe_register(Session, ReadOnlyAdmin)
+        
+        # Import and setup enhanced Celery task monitoring
+        self._setup_celery_admin()
+    
+    def _setup_celery_admin(self):
+        """Setup enhanced Celery admin with proper unregister/register"""
+        try:
+            from django_celery_results.models import TaskResult, GroupResult
+            from igny8_core.admin.celery_admin import CeleryTaskResultAdmin, CeleryGroupResultAdmin
+            
+            # Unregister the default TaskResult admin
+            try:
+                admin.site.unregister(TaskResult)
+            except admin.sites.NotRegistered:
+                pass
+            
+            # Unregister the default GroupResult admin
+            try:
+                admin.site.unregister(GroupResult)
+            except admin.sites.NotRegistered:
+                pass
+            
+            # Register our enhanced versions
+            admin.site.register(TaskResult, CeleryTaskResultAdmin)
+            admin.site.register(GroupResult, CeleryGroupResultAdmin)
+        except Exception as e:
+            # Log the error but don't crash the app
+            import logging
+            logger = logging.getLogger(__name__)
+            logger.warning(f"Could not setup enhanced Celery admin: {e}")
+
 

backend/igny8_core/admin/base.py

@@ -107,3 +107,86 @@ class SiteSectorAdminMixin:
                 return obj.site in accessible_sites
         return super().has_delete_permission(request, obj)
 
+
+
+# ============================================================================
+# Custom ModelAdmin for Sidebar Fix
+# ============================================================================
+
+from unfold.admin import ModelAdmin as UnfoldModelAdmin
+
+
+class Igny8ModelAdmin(UnfoldModelAdmin):
+    """
+    Custom ModelAdmin that ensures sidebar_navigation is set correctly on ALL pages
+    
+    Django's ModelAdmin views don't call AdminSite.each_context(), 
+    so we override them to inject our custom sidebar.
+    """
+    
+    def _inject_sidebar_context(self, request, extra_context=None):
+        """Helper to inject custom sidebar into context"""
+        if extra_context is None:
+            extra_context = {}
+        
+        # Get our custom sidebar from the admin site
+        from igny8_core.admin.site import admin_site
+        
+        # CRITICAL: Get the full Unfold context (includes all branding, form classes, etc.)
+        # This is what makes the logo/title appear properly
+        unfold_context = admin_site.each_context(request)
+        
+        # Get the current path to detect active group
+        current_path = request.path
+        
+        sidebar_navigation = admin_site.get_sidebar_list(request)
+        
+        # Detect active group and expand it by setting collapsible=False
+        for group in sidebar_navigation:
+            group_is_active = False
+            for item in group.get('items', []):
+                # Unfold stores resolved link in 'link_callback', original lambda in 'link'
+                item_link = item.get('link_callback') or item.get('link', '')
+                # Convert to string (handles lazy proxy objects and ensures it's a string)
+                try:
+                    item_link = str(item_link) if item_link else ''
+                except:
+                    item_link = ''
+                # Skip if it's a function representation (e.g., "<function ...>")
+                if item_link.startswith('<'):
+                    continue
+                # Check if current path matches this item's link
+                if item_link and current_path.startswith(item_link):
+                    item['active'] = True
+                    group_is_active = True
+            
+            # If any item in this group is active, expand the group
+            if group_is_active:
+                group['collapsible'] = False  # Expanded state
+            else:
+                group['collapsible'] = True   # Collapsed state
+        
+        # Merge Unfold context with our custom sidebar
+        unfold_context['sidebar_navigation'] = sidebar_navigation
+        unfold_context['available_apps'] = admin_site.get_app_list(request, app_label=None)
+        unfold_context['app_list'] = unfold_context['available_apps']
+        
+        # Merge with any existing extra_context
+        unfold_context.update(extra_context)
+        
+        return unfold_context
+    
+    def changelist_view(self, request, extra_context=None):
+        """Override to inject custom sidebar"""
+        extra_context = self._inject_sidebar_context(request, extra_context)
+        return super().changelist_view(request, extra_context)
+    
+    def change_view(self, request, object_id, form_url='', extra_context=None):
+        """Override to inject custom sidebar"""
+        extra_context = self._inject_sidebar_context(request, extra_context)
+        return super().change_view(request, object_id, form_url, extra_context)
+    
+    def add_view(self, request, form_url='', extra_context=None):
+        """Override to inject custom sidebar"""
+        extra_context = self._inject_sidebar_context(request, extra_context)
+        return super().add_view(request, form_url, extra_context)

backend/igny8_core/admin/celery_admin.py

@@ -0,0 +1,213 @@
+"""
+Celery Task Monitoring Admin - Unfold Style
+"""
+from django.contrib import admin
+from django.utils.html import format_html
+from django.contrib import messages
+from django_celery_results.models import TaskResult, GroupResult
+from unfold.admin import ModelAdmin
+from unfold.contrib.filters.admin import RangeDateFilter
+from celery import current_app
+
+
+class CeleryTaskResultAdmin(ModelAdmin):
+    """Admin interface for monitoring Celery tasks with Unfold styling"""
+    
+    list_display = [
+        'task_id',
+        'task_name',
+        'colored_status',
+        'date_created',
+        'date_done',
+        'execution_time',
+    ]
+    list_filter = [
+        'status',
+        'task_name',
+        ('date_created', RangeDateFilter),
+        ('date_done', RangeDateFilter),
+    ]
+    search_fields = ['task_id', 'task_name', 'task_args']
+    readonly_fields = [
+        'task_id', 'task_name', 'task_args', 'task_kwargs', 
+        'result', 'traceback', 'date_created', 'date_done',
+        'colored_status', 'execution_time'
+    ]
+    date_hierarchy = 'date_created'
+    ordering = ['-date_created']
+    
+    actions = ['retry_failed_tasks', 'clear_old_tasks']
+    
+    fieldsets = (
+        ('Task Information', {
+            'fields': ('task_id', 'task_name', 'colored_status')
+        }),
+        ('Execution Details', {
+            'fields': ('date_created', 'date_done', 'execution_time')
+        }),
+        ('Task Arguments', {
+            'fields': ('task_args', 'task_kwargs'),
+            'classes': ('collapse',)
+        }),
+        ('Result & Errors', {
+            'fields': ('result', 'traceback'),
+            'classes': ('collapse',)
+        }),
+    )
+    
+    def colored_status(self, obj):
+        """Display status with color coding"""
+        colors = {
+            'SUCCESS': '#0bbf87',  # IGNY8 success green
+            'FAILURE': '#ef4444',  # IGNY8 danger red
+            'PENDING': '#ff7a00',  # IGNY8 warning orange
+            'STARTED': '#0693e3',  # IGNY8 primary blue
+            'RETRY': '#5d4ae3',    # IGNY8 purple
+        }
+        color = colors.get(obj.status, '#64748b')  # Default gray
+        
+        return format_html(
+            '<span style="color: {}; font-weight: bold; font-size: 14px;">{}</span>',
+            color,
+            obj.status
+        )
+    colored_status.short_description = 'Status'
+    
+    def execution_time(self, obj):
+        """Calculate and display execution time"""
+        if obj.date_done and obj.date_created:
+            duration = obj.date_done - obj.date_created
+            seconds = duration.total_seconds()
+            
+            if seconds < 1:
+                time_str = f'{seconds * 1000:.2f}ms'
+                return format_html('<span style="color: #0bbf87;">{}</span>', time_str)
+            elif seconds < 60:
+                time_str = f'{seconds:.2f}s'
+                return format_html('<span style="color: #0693e3;">{}</span>', time_str)
+            else:
+                minutes = seconds / 60
+                time_str = f'{minutes:.1f}m'
+                return format_html('<span style="color: #ff7a00;">{}</span>', time_str)
+        return '-'
+    execution_time.short_description = 'Duration'
+    
+    def retry_failed_tasks(self, request, queryset):
+        """Retry failed celery tasks by re-queuing them"""
+        from igny8_core.celery import app
+        import json
+        
+        failed_tasks = queryset.filter(status='FAILURE')
+        count = 0
+        errors = []
+        
+        for task in failed_tasks:
+            try:
+                # Get task function
+                task_func = current_app.tasks.get(task.task_name)
+                if task_func:
+                    # Parse task args and kwargs
+                    import ast
+                    try:
+                        args = ast.literal_eval(task.task_args) if task.task_args else []
+                        kwargs = ast.literal_eval(task.task_kwargs) if task.task_kwargs else {}
+                    except:
+                        args = []
+                        kwargs = {}
+                    
+                    # Retry the task
+                    task_func.apply_async(args=args, kwargs=kwargs)
+                    count += 1
+                else:
+                    errors.append(f'Task function not found: {task.task_name}')
+            except Exception as e:
+                errors.append(f'Error retrying {task.task_id}: {str(e)}')
+        
+        if count > 0:
+            self.message_user(request, f'Successfully queued {count} task(s) for retry.', 'SUCCESS')
+        
+        if errors:
+            for error in errors[:5]:  # Show max 5 errors
+                self.message_user(request, f'Error: {error}', 'WARNING')
+    
+    retry_failed_tasks.short_description = 'Retry Failed Tasks'
+    
+    def clear_old_tasks(self, request, queryset):
+        """Clear old completed tasks"""
+        from datetime import timedelta
+        from django.utils import timezone
+        
+        # Delete tasks older than 30 days
+        cutoff_date = timezone.now() - timedelta(days=30)
+        old_tasks = queryset.filter(
+            date_created__lt=cutoff_date,
+            status__in=['SUCCESS', 'FAILURE']
+        )
+        
+        count = old_tasks.count()
+        old_tasks.delete()
+        
+        self.message_user(request, f'Cleared {count} old task(s)', messages.SUCCESS)
+    
+    clear_old_tasks.short_description = 'Clear Old Tasks (30+ days)'
+    
+    def has_add_permission(self, request):
+        """Disable manual task creation"""
+        return False
+    
+    def has_change_permission(self, request, obj=None):
+        """Make read-only"""
+        return False
+
+
+class CeleryGroupResultAdmin(ModelAdmin):
+    """Admin interface for monitoring Celery group results with Unfold styling"""
+    
+    list_display = [
+        'group_id',
+        'date_created',
+        'date_done',
+        'result_count',
+    ]
+    list_filter = [
+        ('date_created', RangeDateFilter),
+        ('date_done', RangeDateFilter),
+    ]
+    search_fields = ['group_id', 'result']
+    readonly_fields = [
+        'group_id', 'date_created', 'date_done', 'content_type',
+        'content_encoding', 'result'
+    ]
+    date_hierarchy = 'date_created'
+    ordering = ['-date_created']
+    
+    fieldsets = (
+        ('Group Information', {
+            'fields': ('group_id', 'date_created', 'date_done')
+        }),
+        ('Result Details', {
+            'fields': ('content_type', 'content_encoding', 'result'),
+            'classes': ('collapse',)
+        }),
+    )
+    
+    def result_count(self, obj):
+        """Count tasks in the group"""
+        if obj.result:
+            try:
+                import json
+                result_data = json.loads(obj.result) if isinstance(obj.result, str) else obj.result
+                if isinstance(result_data, list):
+                    return len(result_data)
+            except:
+                pass
+        return '-'
+    result_count.short_description = 'Task Count'
+    
+    def has_add_permission(self, request):
+        """Disable manual group result creation"""
+        return False
+    
+    def has_change_permission(self, request, obj=None):
+        """Make read-only"""
+        return False

backend/igny8_core/admin/dashboard.py

@@ -0,0 +1,189 @@
+"""
+Custom Admin Dashboard with Key Metrics
+"""
+from django.contrib import admin
+from django.shortcuts import render
+from django.db.models import Count, Sum, Q
+from django.utils import timezone
+from datetime import timedelta
+
+
+def admin_dashboard(request):
+    """Custom admin dashboard with operational metrics"""
+    
+    # Date ranges
+    today = timezone.now().date()
+    week_ago = today - timedelta(days=7)
+    month_ago = today - timedelta(days=30)
+    
+    # Account metrics
+    from igny8_core.auth.models import Account, Site
+    total_accounts = Account.objects.count()
+    active_accounts = Account.objects.filter(status='active').count()
+    low_credit_accounts = Account.objects.filter(
+        status='active',
+        credits__lt=100
+    ).count()
+    critical_credit_accounts = Account.objects.filter(
+        status='active',
+        credits__lt=10
+    ).count()
+    
+    # Site metrics
+    total_sites = Site.objects.count()
+    active_sites = Site.objects.filter(is_active=True, status='active').count()
+    
+    # Content metrics
+    from igny8_core.modules.writer.models import Content, Tasks
+    content_this_week = Content.objects.filter(created_at__gte=week_ago).count()
+    content_this_month = Content.objects.filter(created_at__gte=month_ago).count()
+    tasks_pending = Tasks.objects.filter(status='pending').count()
+    tasks_in_progress = Tasks.objects.filter(status='in_progress').count()
+    
+    # Billing metrics
+    from igny8_core.business.billing.models import Payment, CreditTransaction
+    pending_payments = Payment.objects.filter(status='pending_approval').count()
+    payments_this_month = Payment.objects.filter(
+        created_at__gte=month_ago,
+        status='succeeded'
+    ).aggregate(total=Sum('amount'))['total'] or 0
+    
+    credit_usage_this_month = CreditTransaction.objects.filter(
+        created_at__gte=month_ago,
+        transaction_type='deduction'
+    ).aggregate(total=Sum('amount'))['total'] or 0
+    
+    # Automation metrics
+    from igny8_core.business.automation.models import AutomationRun
+    automation_running = AutomationRun.objects.filter(status='running').count()
+    automation_failed = AutomationRun.objects.filter(
+        status='failed',
+        started_at__gte=week_ago
+    ).count()
+    
+    # Calculate success rate
+    total_runs = AutomationRun.objects.filter(started_at__gte=week_ago).count()
+    if total_runs > 0:
+        success_runs = AutomationRun.objects.filter(
+            started_at__gte=week_ago,
+            status='completed'
+        ).count()
+        automation_success_rate = round((success_runs / total_runs) * 100, 1)
+    else:
+        automation_success_rate = 0
+    
+    # WordPress sync metrics
+    from igny8_core.business.integration.models import SyncEvent
+    sync_failed_today = SyncEvent.objects.filter(
+        success=False,
+        created_at__date=today
+    ).count()
+    sync_success_today = SyncEvent.objects.filter(
+        success=True,
+        created_at__date=today
+    ).count()
+    
+    # Celery task metrics
+    try:
+        from django_celery_results.models import TaskResult
+        celery_failed = TaskResult.objects.filter(
+            status='FAILURE',
+            date_created__gte=week_ago
+        ).count()
+        celery_pending = TaskResult.objects.filter(status='PENDING').count()
+    except:
+        celery_failed = 0
+        celery_pending = 0
+    
+    # Generate alerts
+    alerts = []
+    
+    if critical_credit_accounts > 0:
+        alerts.append({
+            'level': 'error',
+            'message': f'{critical_credit_accounts} account(s) have CRITICAL low credits (< 10)',
+            'action': 'Review Accounts',
+            'url': '/admin/igny8_core_auth/account/?credits__lt=10'
+        })
+    
+    if low_credit_accounts > 0:
+        alerts.append({
+            'level': 'warning',
+            'message': f'{low_credit_accounts} account(s) have low credits (< 100)',
+            'action': 'Review Accounts',
+            'url': '/admin/igny8_core_auth/account/?credits__lt=100'
+        })
+    
+    if pending_payments > 0:
+        alerts.append({
+            'level': 'warning',
+            'message': f'{pending_payments} payment(s) awaiting approval',
+            'action': 'Approve Payments',
+            'url': '/admin/billing/payment/?status__exact=pending_approval'
+        })
+    
+    if automation_failed > 5:
+        alerts.append({
+            'level': 'error',
+            'message': f'{automation_failed} automation runs failed this week',
+            'action': 'View Failed Runs',
+            'url': '/admin/automation/automationrun/?status__exact=failed'
+        })
+    
+    if sync_failed_today > 0:
+        alerts.append({
+            'level': 'warning',
+            'message': f'{sync_failed_today} WordPress sync failure(s) today',
+            'action': 'View Sync Events',
+            'url': '/admin/integration/syncevent/?success__exact=0'
+        })
+    
+    if celery_failed > 10:
+        alerts.append({
+            'level': 'error',
+            'message': f'{celery_failed} Celery tasks failed this week',
+            'action': 'View Failed Tasks',
+            'url': '/admin/django_celery_results/taskresult/?status__exact=FAILURE'
+        })
+    
+    context = {
+        'title': 'IGNY8 Dashboard',
+        'site_title': 'IGNY8 Admin',
+        'site_header': 'IGNY8 Administration',
+        # Account metrics
+        'total_accounts': total_accounts,
+        'active_accounts': active_accounts,
+        'low_credit_accounts': low_credit_accounts,
+        'critical_credit_accounts': critical_credit_accounts,
+        # Site metrics
+        'total_sites': total_sites,
+        'active_sites': active_sites,
+        # Content metrics
+        'content_this_week': content_this_week,
+        'content_this_month': content_this_month,
+        'tasks_pending': tasks_pending,
+        'tasks_in_progress': tasks_in_progress,
+        # Billing metrics
+        'pending_payments': pending_payments,
+        'payments_this_month': float(payments_this_month),
+        'credit_usage_this_month': abs(float(credit_usage_this_month)),
+        # Automation metrics
+        'automation_running': automation_running,
+        'automation_failed': automation_failed,
+        'automation_success_rate': automation_success_rate,
+        # Integration metrics
+        'sync_failed_today': sync_failed_today,
+        'sync_success_today': sync_success_today,
+        # Celery metrics
+        'celery_failed': celery_failed,
+        'celery_pending': celery_pending,
+        # Alerts
+        'alerts': alerts,
+    }
+    
+    # Merge with admin context to get sidebar and header
+    from igny8_core.admin.site import admin_site
+    admin_context = admin_site.each_context(request)
+    context.update(admin_context)
+    
+    return render(request, 'admin/dashboard.html', context)

backend/igny8_core/admin/monitoring.py

@@ -0,0 +1,406 @@
+"""
+Admin Monitoring Module - System Health, API Monitor, Debug Console
+Provides read-only monitoring and debugging tools for Django Admin
+"""
+from django.shortcuts import render
+from django.contrib.admin.views.decorators import staff_member_required
+from django.utils import timezone
+from django.db import connection
+from django.conf import settings
+import time
+import os
+
+
+@staff_member_required
+def system_health_dashboard(request):
+    """
+    System infrastructure health monitoring
+    Checks: Database, Redis, Celery, File System
+    """
+    context = {
+        'page_title': 'System Health Monitor',
+        'checked_at': timezone.now(),
+        'checks': []
+    }
+    
+    # Database Check
+    db_check = {
+        'name': 'PostgreSQL Database',
+        'status': 'unknown',
+        'message': '',
+        'details': {}
+    }
+    try:
+        start = time.time()
+        with connection.cursor() as cursor:
+            cursor.execute("SELECT version()")
+            version = cursor.fetchone()[0]
+            cursor.execute("SELECT COUNT(*) FROM django_session")
+            session_count = cursor.fetchone()[0]
+        
+        elapsed = (time.time() - start) * 1000
+        db_check.update({
+            'status': 'healthy',
+            'message': f'Connected ({elapsed:.2f}ms)',
+            'details': {
+                'version': version.split('\n')[0],
+                'response_time': f'{elapsed:.2f}ms',
+                'active_sessions': session_count
+            }
+        })
+    except Exception as e:
+        db_check.update({
+            'status': 'error',
+            'message': f'Connection failed: {str(e)}'
+        })
+    context['checks'].append(db_check)
+    
+    # Redis Check
+    redis_check = {
+        'name': 'Redis Cache',
+        'status': 'unknown',
+        'message': '',
+        'details': {}
+    }
+    try:
+        import redis
+        r = redis.Redis(
+            host=settings.CACHES['default']['LOCATION'].split(':')[0] if ':' in settings.CACHES['default'].get('LOCATION', '') else 'redis',
+            port=6379,
+            db=0,
+            socket_connect_timeout=2
+        )
+        start = time.time()
+        r.ping()
+        elapsed = (time.time() - start) * 1000
+        
+        info = r.info()
+        redis_check.update({
+            'status': 'healthy',
+            'message': f'Connected ({elapsed:.2f}ms)',
+            'details': {
+                'version': info.get('redis_version', 'unknown'),
+                'uptime': f"{info.get('uptime_in_seconds', 0) // 3600}h",
+                'connected_clients': info.get('connected_clients', 0),
+                'used_memory': f"{info.get('used_memory_human', 'unknown')}",
+                'response_time': f'{elapsed:.2f}ms'
+            }
+        })
+    except Exception as e:
+        redis_check.update({
+            'status': 'error',
+            'message': f'Connection failed: {str(e)}'
+        })
+    context['checks'].append(redis_check)
+    
+    # Celery Workers Check
+    celery_check = {
+        'name': 'Celery Workers',
+        'status': 'unknown',
+        'message': '',
+        'details': {}
+    }
+    try:
+        from igny8_core.celery import app
+        inspect = app.control.inspect(timeout=2)
+        stats = inspect.stats()
+        active = inspect.active()
+        
+        if stats:
+            worker_count = len(stats)
+            total_tasks = sum(len(tasks) for tasks in active.values()) if active else 0
+            celery_check.update({
+                'status': 'healthy',
+                'message': f'{worker_count} worker(s) active',
+                'details': {
+                    'workers': worker_count,
+                    'active_tasks': total_tasks,
+                    'worker_names': list(stats.keys())
+                }
+            })
+        else:
+            celery_check.update({
+                'status': 'warning',
+                'message': 'No workers responding'
+            })
+    except Exception as e:
+        celery_check.update({
+            'status': 'error',
+            'message': f'Check failed: {str(e)}'
+        })
+    context['checks'].append(celery_check)
+    
+    # File System Check
+    fs_check = {
+        'name': 'File System',
+        'status': 'unknown',
+        'message': '',
+        'details': {}
+    }
+    try:
+        import shutil
+        media_root = settings.MEDIA_ROOT
+        static_root = settings.STATIC_ROOT
+        
+        media_stat = shutil.disk_usage(media_root) if os.path.exists(media_root) else None
+        
+        if media_stat:
+            free_gb = media_stat.free / (1024**3)
+            total_gb = media_stat.total / (1024**3)
+            used_percent = (media_stat.used / media_stat.total) * 100
+            
+            fs_check.update({
+                'status': 'healthy' if used_percent < 90 else 'warning',
+                'message': f'{free_gb:.1f}GB free of {total_gb:.1f}GB',
+                'details': {
+                    'media_root': media_root,
+                    'free_space': f'{free_gb:.1f}GB',
+                    'total_space': f'{total_gb:.1f}GB',
+                    'used_percent': f'{used_percent:.1f}%'
+                }
+            })
+        else:
+            fs_check.update({
+                'status': 'warning',
+                'message': 'Media directory not found'
+            })
+    except Exception as e:
+        fs_check.update({
+            'status': 'error',
+            'message': f'Check failed: {str(e)}'
+        })
+    context['checks'].append(fs_check)
+    
+    # Overall system status
+    statuses = [check['status'] for check in context['checks']]
+    if 'error' in statuses:
+        context['overall_status'] = 'error'
+        context['overall_message'] = 'System has errors'
+    elif 'warning' in statuses:
+        context['overall_status'] = 'warning'
+        context['overall_message'] = 'System has warnings'
+    else:
+        context['overall_status'] = 'healthy'
+        context['overall_message'] = 'All systems operational'
+    
+    return render(request, 'admin/monitoring/system_health.html', context)
+
+
+@staff_member_required
+def api_monitor_dashboard(request):
+    """
+    API endpoint health monitoring
+    Tests key endpoints and displays response times
+    """
+    from django.test.client import Client
+    
+    context = {
+        'page_title': 'API Monitor',
+        'checked_at': timezone.now(),
+        'endpoint_groups': []
+    }
+    
+    # Define endpoint groups to check
+    endpoint_configs = [
+        {
+            'name': 'Authentication',
+            'endpoints': [
+                {'path': '/api/v1/auth/check/', 'method': 'GET', 'auth_required': False},
+            ]
+        },
+        {
+            'name': 'System Settings',
+            'endpoints': [
+                {'path': '/api/v1/system/health/', 'method': 'GET', 'auth_required': False},
+            ]
+        },
+        {
+            'name': 'Planner Module',
+            'endpoints': [
+                {'path': '/api/v1/planner/keywords/', 'method': 'GET', 'auth_required': True},
+            ]
+        },
+        {
+            'name': 'Writer Module',
+            'endpoints': [
+                {'path': '/api/v1/writer/tasks/', 'method': 'GET', 'auth_required': True},
+            ]
+        },
+        {
+            'name': 'Billing',
+            'endpoints': [
+                {'path': '/api/v1/billing/credits/balance/', 'method': 'GET', 'auth_required': True},
+            ]
+        },
+    ]
+    
+    client = Client()
+    
+    for group_config in endpoint_configs:
+        group_results = {
+            'name': group_config['name'],
+            'endpoints': []
+        }
+        
+        for endpoint in group_config['endpoints']:
+            result = {
+                'path': endpoint['path'],
+                'method': endpoint['method'],
+                'status': 'unknown',
+                'status_code': None,
+                'response_time': None,
+                'message': ''
+            }
+            
+            try:
+                start = time.time()
+                
+                if endpoint['method'] == 'GET':
+                    response = client.get(endpoint['path'])
+                else:
+                    response = client.post(endpoint['path'])
+                
+                elapsed = (time.time() - start) * 1000
+                
+                result.update({
+                    'status_code': response.status_code,
+                    'response_time': f'{elapsed:.2f}ms',
+                })
+                
+                # Determine status
+                if response.status_code < 300:
+                    result['status'] = 'healthy'
+                    result['message'] = 'OK'
+                elif response.status_code == 401 and endpoint.get('auth_required'):
+                    result['status'] = 'healthy'
+                    result['message'] = 'Auth required (expected)'
+                elif response.status_code < 500:
+                    result['status'] = 'warning'
+                    result['message'] = 'Client error'
+                else:
+                    result['status'] = 'error'
+                    result['message'] = 'Server error'
+                
+            except Exception as e:
+                result.update({
+                    'status': 'error',
+                    'message': str(e)[:100]
+                })
+            
+            group_results['endpoints'].append(result)
+        
+        context['endpoint_groups'].append(group_results)
+    
+    # Calculate overall stats
+    all_endpoints = [ep for group in context['endpoint_groups'] for ep in group['endpoints']]
+    total = len(all_endpoints)
+    healthy = len([ep for ep in all_endpoints if ep['status'] == 'healthy'])
+    warnings = len([ep for ep in all_endpoints if ep['status'] == 'warning'])
+    errors = len([ep for ep in all_endpoints if ep['status'] == 'error'])
+    
+    context['stats'] = {
+        'total': total,
+        'healthy': healthy,
+        'warnings': warnings,
+        'errors': errors,
+        'health_percentage': (healthy / total * 100) if total > 0 else 0
+    }
+    
+    return render(request, 'admin/monitoring/api_monitor.html', context)
+
+
+@staff_member_required
+def debug_console(request):
+    """
+    System debug information (read-only)
+    Shows environment, database config, cache config, etc.
+    """
+    context = {
+        'page_title': 'Debug Console',
+        'checked_at': timezone.now(),
+        'sections': []
+    }
+    
+    # Environment Variables Section
+    env_section = {
+        'title': 'Environment',
+        'items': {
+            'DEBUG': settings.DEBUG,
+            'ENVIRONMENT': os.getenv('ENVIRONMENT', 'not set'),
+            'DJANGO_SETTINGS_MODULE': os.getenv('DJANGO_SETTINGS_MODULE', 'not set'),
+            'ALLOWED_HOSTS': settings.ALLOWED_HOSTS,
+            'TIME_ZONE': settings.TIME_ZONE,
+            'USE_TZ': settings.USE_TZ,
+        }
+    }
+    context['sections'].append(env_section)
+    
+    # Database Configuration
+    db_config = settings.DATABASES.get('default', {})
+    db_section = {
+        'title': 'Database Configuration',
+        'items': {
+            'ENGINE': db_config.get('ENGINE', 'not set'),
+            'NAME': db_config.get('NAME', 'not set'),
+            'HOST': db_config.get('HOST', 'not set'),
+            'PORT': db_config.get('PORT', 'not set'),
+            'CONN_MAX_AGE': db_config.get('CONN_MAX_AGE', 'not set'),
+        }
+    }
+    context['sections'].append(db_section)
+    
+    # Cache Configuration
+    cache_config = settings.CACHES.get('default', {})
+    cache_section = {
+        'title': 'Cache Configuration',
+        'items': {
+            'BACKEND': cache_config.get('BACKEND', 'not set'),
+            'LOCATION': cache_config.get('LOCATION', 'not set'),
+            'KEY_PREFIX': cache_config.get('KEY_PREFIX', 'not set'),
+        }
+    }
+    context['sections'].append(cache_section)
+    
+    # Celery Configuration
+    celery_section = {
+        'title': 'Celery Configuration',
+        'items': {
+            'BROKER_URL': getattr(settings, 'CELERY_BROKER_URL', 'not set'),
+            'RESULT_BACKEND': getattr(settings, 'CELERY_RESULT_BACKEND', 'not set'),
+            'TASK_ALWAYS_EAGER': getattr(settings, 'CELERY_TASK_ALWAYS_EAGER', False),
+        }
+    }
+    context['sections'].append(celery_section)
+    
+    # Media & Static Files
+    files_section = {
+        'title': 'Media & Static Files',
+        'items': {
+            'MEDIA_ROOT': settings.MEDIA_ROOT,
+            'MEDIA_URL': settings.MEDIA_URL,
+            'STATIC_ROOT': settings.STATIC_ROOT,
+            'STATIC_URL': settings.STATIC_URL,
+        }
+    }
+    context['sections'].append(files_section)
+    
+    # Installed Apps (count)
+    apps_section = {
+        'title': 'Installed Applications',
+        'items': {
+            'Total Apps': len(settings.INSTALLED_APPS),
+            'Custom Apps': len([app for app in settings.INSTALLED_APPS if app.startswith('igny8_')]),
+        }
+    }
+    context['sections'].append(apps_section)
+    
+    # Middleware (count)
+    middleware_section = {
+        'title': 'Middleware',
+        'items': {
+            'Total Middleware': len(settings.MIDDLEWARE),
+        }
+    }
+    context['sections'].append(middleware_section)
+    
+    return render(request, 'admin/monitoring/debug_console.html', context)

backend/igny8_core/admin/reports.py

@@ -0,0 +1,617 @@
+"""
+Analytics & Reporting Views for IGNY8 Admin
+"""
+from django.contrib.admin.views.decorators import staff_member_required
+from django.shortcuts import render
+from django.db.models import Count, Sum, Avg, Q
+from django.utils import timezone
+from datetime import timedelta
+import json
+
+
+@staff_member_required
+def revenue_report(request):
+    """Revenue and billing analytics"""
+    from igny8_core.business.billing.models import Payment
+    from igny8_core.auth.models import Plan
+    
+    # Date ranges
+    today = timezone.now()
+    months = []
+    monthly_revenue = []
+    
+    for i in range(6):
+        month_start = today.replace(day=1) - timedelta(days=30*i)
+        month_end = month_start.replace(day=28) + timedelta(days=4)
+        
+        revenue = Payment.objects.filter(
+            status='succeeded',
+            processed_at__gte=month_start,
+            processed_at__lt=month_end
+        ).aggregate(total=Sum('amount'))['total'] or 0
+        
+        months.insert(0, month_start.strftime('%b %Y'))
+        monthly_revenue.insert(0, float(revenue))
+    
+    # Plan distribution
+    plan_distribution = Plan.objects.annotate(
+        account_count=Count('accounts')
+    ).values('name', 'account_count')
+    
+    # Payment method breakdown
+    payment_methods = Payment.objects.filter(
+        status='succeeded'
+    ).values('payment_method').annotate(
+        count=Count('id'),
+        total=Sum('amount')
+    ).order_by('-total')
+    
+    # Total revenue all time
+    total_revenue = Payment.objects.filter(
+        status='succeeded'
+    ).aggregate(total=Sum('amount'))['total'] or 0
+    
+    context = {
+        'title': 'Revenue Report',
+        'months': json.dumps(months),
+        'monthly_revenue': json.dumps(monthly_revenue),
+        'plan_distribution': list(plan_distribution),
+        'payment_methods': list(payment_methods),
+        'total_revenue': float(total_revenue),
+    }
+    
+    # Merge with admin context
+    from igny8_core.admin.site import admin_site
+    admin_context = admin_site.each_context(request)
+    context.update(admin_context)
+    
+    return render(request, 'admin/reports/revenue.html', context)
+
+
+@staff_member_required
+def usage_report(request):
+    """Credit usage and AI operations analytics"""
+    from igny8_core.business.billing.models import CreditUsageLog
+    
+    # Usage by operation type
+    usage_by_operation = CreditUsageLog.objects.values(
+        'operation_type'
+    ).annotate(
+        total_credits=Sum('credits_used'),
+        total_cost=Sum('cost_usd'),
+        operation_count=Count('id')
+    ).order_by('-total_credits')
+    
+    # Format operation types as Title Case
+    for usage in usage_by_operation:
+        usage['operation_type'] = usage['operation_type'].replace('_', ' ').title() if usage['operation_type'] else 'Unknown'
+    
+    # Top credit consumers
+    top_consumers = CreditUsageLog.objects.values(
+        'account__name'
+    ).annotate(
+        total_credits=Sum('credits_used'),
+        operation_count=Count('id')
+    ).order_by('-total_credits')[:10]
+    
+    # Model usage distribution
+    model_usage = CreditUsageLog.objects.values(
+        'model_used'
+    ).annotate(
+        usage_count=Count('id')
+    ).order_by('-usage_count')
+    
+    # Total credits used
+    total_credits = CreditUsageLog.objects.aggregate(
+        total=Sum('credits_used')
+    )['total'] or 0
+    
+    context = {
+        'title': 'Usage Report',
+        'usage_by_operation': list(usage_by_operation),
+        'top_consumers': list(top_consumers),
+        'model_usage': list(model_usage),
+        'total_credits': int(total_credits),
+    }
+    
+    # Merge with admin context
+    from igny8_core.admin.site import admin_site
+    admin_context = admin_site.each_context(request)
+    context.update(admin_context)
+    
+    return render(request, 'admin/reports/usage.html', context)
+
+
+@staff_member_required
+def content_report(request):
+    """Content production analytics"""
+    from igny8_core.modules.writer.models import Content, Tasks
+    
+    # Content by type
+    content_by_type = Content.objects.values(
+        'content_type'
+    ).annotate(count=Count('id')).order_by('-count')
+    
+    # Production timeline (last 30 days)
+    days = []
+    daily_counts = []
+    for i in range(30):
+        day = timezone.now().date() - timedelta(days=i)
+        count = Content.objects.filter(created_at__date=day).count()
+        days.insert(0, day.strftime('%m/%d'))
+        daily_counts.insert(0, count)
+    
+    # Average word count by content type
+    avg_words = Content.objects.values('content_type').annotate(
+        avg_words=Avg('word_count')
+    ).order_by('-avg_words')
+    
+    # Task completion rate
+    total_tasks = Tasks.objects.count()
+    completed_tasks = Tasks.objects.filter(status='completed').count()
+    completion_rate = (completed_tasks / total_tasks * 100) if total_tasks > 0 else 0
+    
+    # Total content produced
+    total_content = Content.objects.count()
+    
+    context = {
+        'title': 'Content Production Report',
+        'content_by_type': list(content_by_type),
+        'days': json.dumps(days),
+        'daily_counts': json.dumps(daily_counts),
+        'avg_words': list(avg_words),
+        'completion_rate': round(completion_rate, 1),
+        'total_content': total_content,
+        'total_tasks': total_tasks,
+        'completed_tasks': completed_tasks,
+    }
+    
+    # Merge with admin context
+    from igny8_core.admin.site import admin_site
+    admin_context = admin_site.each_context(request)
+    context.update(admin_context)
+    
+    return render(request, 'admin/reports/content.html', context)
+
+
+@staff_member_required
+def data_quality_report(request):
+    """Check data quality and integrity"""
+    issues = []
+    
+    # Orphaned content (no site)
+    from igny8_core.modules.writer.models import Content
+    orphaned_content = Content.objects.filter(site__isnull=True).count()
+    if orphaned_content > 0:
+        issues.append({
+            'severity': 'warning',
+            'type': 'Orphaned Records',
+            'count': orphaned_content,
+            'description': 'Content items without assigned site',
+            'action_url': '/admin/writer/content/?site__isnull=True'
+        })
+    
+    # Tasks without clusters
+    from igny8_core.modules.writer.models import Tasks
+    tasks_no_cluster = Tasks.objects.filter(cluster__isnull=True).count()
+    if tasks_no_cluster > 0:
+        issues.append({
+            'severity': 'info',
+            'type': 'Missing Relationships',
+            'count': tasks_no_cluster,
+            'description': 'Tasks without assigned cluster',
+            'action_url': '/admin/writer/tasks/?cluster__isnull=True'
+        })
+    
+    # Accounts with negative credits
+    from igny8_core.auth.models import Account
+    negative_credits = Account.objects.filter(credits__lt=0).count()
+    if negative_credits > 0:
+        issues.append({
+            'severity': 'error',
+            'type': 'Data Integrity',
+            'count': negative_credits,
+            'description': 'Accounts with negative credit balance',
+            'action_url': '/admin/igny8_core_auth/account/?credits__lt=0'
+        })
+    
+    # Duplicate keywords
+    from igny8_core.modules.planner.models import Keywords
+    duplicates = Keywords.objects.values('seed_keyword', 'site', 'sector').annotate(
+        count=Count('id')
+    ).filter(count__gt=1).count()
+    if duplicates > 0:
+        issues.append({
+            'severity': 'warning',
+            'type': 'Duplicates',
+            'count': duplicates,
+            'description': 'Duplicate keywords for same site/sector',
+            'action_url': '/admin/planner/keywords/'
+        })
+    
+    # Content without SEO data
+    no_seo = Content.objects.filter(
+        Q(meta_title__isnull=True) | Q(meta_title='') |
+        Q(meta_description__isnull=True) | Q(meta_description='')
+    ).count()
+    if no_seo > 0:
+        issues.append({
+            'severity': 'info',
+            'type': 'Incomplete Data',
+            'count': no_seo,
+            'description': 'Content missing SEO metadata',
+            'action_url': '/admin/writer/content/'
+        })
+    
+    context = {
+        'title': 'Data Quality Report',
+        'issues': issues,
+        'total_issues': len(issues),
+    }
+    
+    # Merge with admin context
+    from igny8_core.admin.site import admin_site
+    admin_context = admin_site.each_context(request)
+    context.update(admin_context)
+    
+    return render(request, 'admin/reports/data_quality.html', context)
+
+
+@staff_member_required
+def token_usage_report(request):
+    """Comprehensive token usage analytics with multi-dimensional insights"""
+    from igny8_core.business.billing.models import CreditUsageLog
+    from igny8_core.auth.models import Account
+    from decimal import Decimal
+    
+    # Date filter setup
+    days_filter = request.GET.get('days', '30')
+    try:
+        days = int(days_filter)
+    except ValueError:
+        days = 30
+    
+    start_date = timezone.now() - timedelta(days=days)
+    
+    # Base queryset - include all records (tokens may be 0 for historical data)
+    logs = CreditUsageLog.objects.filter(
+        created_at__gte=start_date
+    )
+    
+    # Total statistics
+    total_tokens_input = logs.aggregate(total=Sum('tokens_input'))['total'] or 0
+    total_tokens_output = logs.aggregate(total=Sum('tokens_output'))['total'] or 0
+    total_tokens = total_tokens_input + total_tokens_output
+    total_calls = logs.count()
+    avg_tokens_per_call = total_tokens / total_calls if total_calls > 0 else 0
+    
+    # Token usage by model
+    token_by_model = logs.values('model_used').annotate(
+        total_tokens_input=Sum('tokens_input'),
+        total_tokens_output=Sum('tokens_output'),
+        call_count=Count('id'),
+        total_cost=Sum('cost_usd')
+    ).order_by('-total_tokens_input')[:10]
+    
+    # Add total_tokens to each model and sort by total
+    for model in token_by_model:
+        model['total_tokens'] = (model['total_tokens_input'] or 0) + (model['total_tokens_output'] or 0)
+        model['avg_tokens'] = model['total_tokens'] / model['call_count'] if model['call_count'] > 0 else 0
+        model['model'] = model['model_used']  # Add alias for template
+    token_by_model = sorted(token_by_model, key=lambda x: x['total_tokens'], reverse=True)
+    
+    # Token usage by function/operation
+    token_by_function = logs.values('operation_type').annotate(
+        total_tokens_input=Sum('tokens_input'),
+        total_tokens_output=Sum('tokens_output'),
+        call_count=Count('id'),
+        total_cost=Sum('cost_usd')
+    ).order_by('-total_tokens_input')[:10]
+    
+    # Add total_tokens to each function and sort by total
+    for func in token_by_function:
+        func['total_tokens'] = (func['total_tokens_input'] or 0) + (func['total_tokens_output'] or 0)
+        func['avg_tokens'] = func['total_tokens'] / func['call_count'] if func['call_count'] > 0 else 0
+        # Format operation_type as Title Case
+        func['function'] = func['operation_type'].replace('_', ' ').title() if func['operation_type'] else 'Unknown'
+    token_by_function = sorted(token_by_function, key=lambda x: x['total_tokens'], reverse=True)
+    
+    # Token usage by account (top consumers)
+    token_by_account = logs.values('account__name', 'account_id').annotate(
+        total_tokens_input=Sum('tokens_input'),
+        total_tokens_output=Sum('tokens_output'),
+        call_count=Count('id'),
+        total_cost=Sum('cost_usd')
+    ).order_by('-total_tokens_input')[:15]
+    
+    # Add total_tokens to each account and sort by total
+    for account in token_by_account:
+        account['total_tokens'] = (account['total_tokens_input'] or 0) + (account['total_tokens_output'] or 0)
+    token_by_account = sorted(token_by_account, key=lambda x: x['total_tokens'], reverse=True)[:15]
+    
+    # Daily token trends (time series)
+    daily_data = []
+    daily_labels = []
+    for i in range(days):
+        day = timezone.now().date() - timedelta(days=days-i-1)
+        day_logs = logs.filter(created_at__date=day)
+        day_tokens_input = day_logs.aggregate(total=Sum('tokens_input'))['total'] or 0
+        day_tokens_output = day_logs.aggregate(total=Sum('tokens_output'))['total'] or 0
+        day_tokens = day_tokens_input + day_tokens_output
+        daily_labels.append(day.strftime('%m/%d'))
+        daily_data.append(int(day_tokens))
+    
+    # Token efficiency metrics (CreditUsageLog doesn't have error field, so assume all successful)
+    success_rate = 100.0
+    successful_tokens = total_tokens
+    wasted_tokens = 0
+    
+    # Create tokens_by_status for template compatibility
+    tokens_by_status = [{  
+        'error': None,
+        'total_tokens': total_tokens,
+        'call_count': total_calls,
+        'avg_tokens': avg_tokens_per_call
+    }]
+    
+    # Peak usage times (hour of day)
+    hourly_usage = logs.extra(
+        select={'hour': "EXTRACT(hour FROM created_at)"}
+    ).values('hour').annotate(
+        token_input=Sum('tokens_input'),
+        token_output=Sum('tokens_output'),
+        call_count=Count('id')
+    ).order_by('hour')
+    
+    # Add total token_count for each hour
+    for hour_data in hourly_usage:
+        hour_data['token_count'] = (hour_data['token_input'] or 0) + (hour_data['token_output'] or 0)
+    
+    # Cost efficiency
+    total_cost = logs.aggregate(total=Sum('cost_usd'))['total'] or Decimal('0.00')
+    cost_per_1k_tokens = float(total_cost) / (total_tokens / 1000) if total_tokens > 0 else 0.0
+    
+    context = {
+        'title': 'Token Usage Report',
+        'days_filter': days,
+        'total_tokens': int(total_tokens),
+        'total_calls': total_calls,
+        'avg_tokens_per_call': round(avg_tokens_per_call, 2),
+        'token_by_model': list(token_by_model),
+        'token_by_function': list(token_by_function),
+        'token_by_account': list(token_by_account),
+        'daily_labels': json.dumps(daily_labels),
+        'daily_data': json.dumps(daily_data),
+        'tokens_by_status': list(tokens_by_status),
+        'success_rate': round(success_rate, 2),
+        'successful_tokens': int(successful_tokens),
+        'wasted_tokens': int(wasted_tokens),
+        'hourly_usage': list(hourly_usage),
+        'total_cost': float(total_cost),
+        'cost_per_1k_tokens': float(cost_per_1k_tokens),
+        'current_app': '_reports',  # For active menu state
+    }
+    
+    # Merge with admin context
+    from igny8_core.admin.site import admin_site
+    admin_context = admin_site.each_context(request)
+    context.update(admin_context)
+    
+    return render(request, 'admin/reports/token_usage.html', context)
+
+
+@staff_member_required
+def ai_cost_analysis(request):
+    """Multi-dimensional AI cost analysis with model pricing, trends, and predictions"""
+    from igny8_core.business.billing.models import CreditUsageLog
+    from igny8_core.auth.models import Account
+    from decimal import Decimal
+    
+    # Date filter setup
+    days_filter = request.GET.get('days', '30')
+    try:
+        days = int(days_filter)
+    except ValueError:
+        days = 30
+    
+    start_date = timezone.now() - timedelta(days=days)
+    
+    # Base queryset - filter for records with cost data
+    logs = CreditUsageLog.objects.filter(
+        created_at__gte=start_date,
+        cost_usd__isnull=False
+    )
+    
+    # Overall cost metrics
+    total_cost = logs.aggregate(total=Sum('cost_usd'))['total'] or Decimal('0.00')
+    total_calls = logs.count()
+    avg_cost_per_call = logs.aggregate(avg=Avg('cost_usd'))['avg'] or Decimal('0.00')
+    total_tokens_input = logs.aggregate(total=Sum('tokens_input'))['total'] or 0
+    total_tokens_output = logs.aggregate(total=Sum('tokens_output'))['total'] or 0
+    total_tokens = total_tokens_input + total_tokens_output
+    
+    # Revenue & Margin calculation
+    from igny8_core.business.billing.models import BillingConfiguration
+    billing_config = BillingConfiguration.get_config()
+    total_credits_charged = logs.aggregate(total=Sum('credits_used'))['total'] or 0
+    total_revenue = Decimal(total_credits_charged) * billing_config.default_credit_price_usd
+    total_margin = total_revenue - total_cost
+    margin_percentage = float((total_margin / total_revenue * 100) if total_revenue > 0 else 0)
+    
+    # Per-unit margins
+    # Calculate per 1M tokens (margin per million tokens)
+    margin_per_1m_tokens = float(total_margin) / (total_tokens / 1_000_000) if total_tokens > 0 else 0
+    # Calculate per 1K credits (margin per thousand credits)
+    margin_per_1k_credits = float(total_margin) / (total_credits_charged / 1000) if total_credits_charged > 0 else 0
+    
+    # Cost by model with efficiency metrics
+    cost_by_model = logs.values('model_used').annotate(
+        total_cost=Sum('cost_usd'),
+        call_count=Count('id'),
+        avg_cost=Avg('cost_usd'),
+        total_tokens_input=Sum('tokens_input'),
+        total_tokens_output=Sum('tokens_output')
+    ).order_by('-total_cost')
+    
+    # Add cost efficiency and margin for each model
+    for model in cost_by_model:
+        model['total_tokens'] = (model['total_tokens_input'] or 0) + (model['total_tokens_output'] or 0)
+        model['avg_tokens'] = model['total_tokens'] / model['call_count'] if model['call_count'] > 0 else 0
+        model['model'] = model['model_used']  # Add alias for template
+        if model['total_tokens'] and model['total_tokens'] > 0:
+            model['cost_per_1k_tokens'] = float(model['total_cost']) / (model['total_tokens'] / 1000)
+        else:
+            model['cost_per_1k_tokens'] = 0
+        
+        # Calculate margin for this model
+        model_credits = logs.filter(model_used=model['model_used']).aggregate(total=Sum('credits_used'))['total'] or 0
+        model_revenue = Decimal(model_credits) * billing_config.default_credit_price_usd
+        model_margin = model_revenue - model['total_cost']
+        model['revenue'] = float(model_revenue)
+        model['margin'] = float(model_margin)
+        model['margin_percentage'] = float((model_margin / model_revenue * 100) if model_revenue > 0 else 0)
+    
+    # Cost by account (top spenders)
+    cost_by_account = logs.values('account__name', 'account_id').annotate(
+        total_cost=Sum('cost_usd'),
+        call_count=Count('id'),
+        total_tokens_input=Sum('tokens_input'),
+        total_tokens_output=Sum('tokens_output'),
+        avg_cost=Avg('cost_usd')
+    ).order_by('-total_cost')[:15]
+    
+    # Add total_tokens to each account
+    for account in cost_by_account:
+        account['total_tokens'] = (account['total_tokens_input'] or 0) + (account['total_tokens_output'] or 0)
+    
+    # Cost by function/operation
+    cost_by_function = logs.values('operation_type').annotate(
+        total_cost=Sum('cost_usd'),
+        call_count=Count('id'),
+        avg_cost=Avg('cost_usd'),
+        total_tokens_input=Sum('tokens_input'),
+        total_tokens_output=Sum('tokens_output')
+    ).order_by('-total_cost')[:10]
+    
+    # Add total_tokens, function alias, and margin
+    for func in cost_by_function:
+        func['total_tokens'] = (func['total_tokens_input'] or 0) + (func['total_tokens_output'] or 0)
+        # Format operation_type as Title Case
+        func['function'] = func['operation_type'].replace('_', ' ').title() if func['operation_type'] else 'Unknown'
+        
+        # Calculate margin for this operation
+        func_credits = logs.filter(operation_type=func['operation_type']).aggregate(total=Sum('credits_used'))['total'] or 0
+        func_revenue = Decimal(func_credits) * billing_config.default_credit_price_usd
+        func_margin = func_revenue - func['total_cost']
+        func['revenue'] = float(func_revenue)
+        func['margin'] = float(func_margin)
+        func['margin_percentage'] = float((func_margin / func_revenue * 100) if func_revenue > 0 else 0)
+    
+    # Daily cost trends (time series)
+    daily_cost_data = []
+    daily_cost_labels = []
+    daily_call_data = []
+    
+    for i in range(days):
+        day = timezone.now().date() - timedelta(days=days-i-1)
+        day_logs = logs.filter(created_at__date=day)
+        day_cost = day_logs.aggregate(total=Sum('cost_usd'))['total'] or Decimal('0.00')
+        day_calls = day_logs.count()
+        
+        daily_cost_labels.append(day.strftime('%m/%d'))
+        daily_cost_data.append(float(day_cost))
+        daily_call_data.append(day_calls)
+    
+    # Cost prediction (simple linear extrapolation)
+    if len(daily_cost_data) > 7:
+        recent_avg_daily = sum(daily_cost_data[-7:]) / 7
+        projected_monthly = recent_avg_daily * 30
+    else:
+        projected_monthly = 0
+    
+    # Failed requests cost (CreditUsageLog doesn't track errors, so no failed cost)
+    failed_cost = Decimal('0.00')
+    
+    # Cost anomalies (calls costing > 3x average)
+    if avg_cost_per_call > 0:
+        anomaly_threshold = float(avg_cost_per_call) * 3
+        anomalies = logs.filter(cost_usd__gt=anomaly_threshold).values(
+            'model_used', 'operation_type', 'account__name', 'cost_usd', 'tokens_input', 'tokens_output', 'created_at'
+        ).order_by('-cost_usd')[:10]
+        # Add aliases and calculate total tokens for each anomaly
+        for anomaly in anomalies:
+            anomaly['model'] = anomaly['model_used']
+            # Format operation_type as Title Case
+            anomaly['function'] = anomaly['operation_type'].replace('_', ' ').title() if anomaly['operation_type'] else 'Unknown'
+            anomaly['cost'] = anomaly['cost_usd']
+            anomaly['tokens'] = (anomaly['tokens_input'] or 0) + (anomaly['tokens_output'] or 0)
+    else:
+        anomalies = []
+    
+    # Model comparison matrix
+    model_comparison = []
+    for model_data in cost_by_model:
+        model_name = model_data['model']
+        model_comparison.append({
+            'model': model_name,
+            'total_cost': float(model_data['total_cost']),
+            'calls': model_data['call_count'],
+            'avg_cost': float(model_data['avg_cost']),
+            'total_tokens': model_data['total_tokens'],
+            'cost_per_1k': model_data['cost_per_1k_tokens'],
+        })
+    
+    # Cost distribution percentages
+    if total_cost > 0:
+        for item in cost_by_model:
+            item['cost_percentage'] = float((item['total_cost'] / total_cost) * 100)
+    
+    # Peak cost hours
+    hourly_cost = logs.extra(
+        select={'hour': "EXTRACT(hour FROM created_at)"}
+    ).values('hour').annotate(
+        total_cost=Sum('cost_usd'),
+        call_count=Count('id')
+    ).order_by('hour')
+    
+    # Cost efficiency score (CreditUsageLog doesn't track errors, assume all successful)
+    successful_cost = total_cost
+    efficiency_score = 100.0
+    
+    context = {
+        'title': 'AI Cost & Margin Analysis',
+        'days_filter': days,
+        'total_cost': float(total_cost),
+        'total_revenue': float(total_revenue),
+        'total_margin': float(total_margin),
+        'margin_percentage': round(margin_percentage, 2),
+        'margin_per_1m_tokens': round(margin_per_1m_tokens, 4),
+        'margin_per_1k_credits': round(margin_per_1k_credits, 4),
+        'total_credits_charged': total_credits_charged,
+        'credit_price': float(billing_config.default_credit_price_usd),
+        'total_calls': total_calls,
+        'avg_cost_per_call': float(avg_cost_per_call),
+        'total_tokens': int(total_tokens),
+        'cost_by_model': list(cost_by_model),
+        'cost_by_account': list(cost_by_account),
+        'cost_by_function': list(cost_by_function),
+        'daily_cost_labels': json.dumps(daily_cost_labels),
+        'daily_cost_data': json.dumps(daily_cost_data),
+        'daily_call_data': json.dumps(daily_call_data),
+        'projected_monthly': round(projected_monthly, 2),
+        'failed_cost': float(failed_cost),
+        'wasted_percentage': float((failed_cost / total_cost * 100) if total_cost > 0 else 0),
+        'anomalies': list(anomalies),
+        'model_comparison': model_comparison,
+        'hourly_cost': list(hourly_cost),
+        'efficiency_score': round(efficiency_score, 2),
+        'successful_cost': float(successful_cost),
+        'current_app': '_reports',  # For active menu state
+    }
+    
+    # Merge with admin context
+    from igny8_core.admin.site import admin_site
+    admin_context = admin_site.each_context(request)
+    context.update(admin_context)
+    
+    return render(request, 'admin/reports/ai_cost_analysis.html', context)

backend/igny8_core/admin/site.py

@@ -1,140 +1,63 @@
 """
-Custom AdminSite for IGNY8 to organize models into proper groups
+Custom AdminSite for IGNY8 using Unfold theme.
+
+SIMPLIFIED VERSION - Navigation is now handled via UNFOLD settings in settings.py
+This file only handles:
+1. Custom URLs for dashboard, reports, and monitoring pages
+2. Index redirect to dashboard
+
+All sidebar navigation is configured in settings.py under UNFOLD["SIDEBAR"]["navigation"]
 """
 from django.contrib import admin
-from django.contrib.admin.apps import AdminConfig
-from django.apps import apps
+from django.urls import path
+from django.shortcuts import redirect
+from unfold.sites import UnfoldAdminSite
 
 
-class Igny8AdminSite(admin.AdminSite):
+class Igny8AdminSite(UnfoldAdminSite):
     """
-    Custom AdminSite that organizes models into the planned groups:
-    1. Billing & Tenancy
-    2. Sites & Users
-    3. Global Reference Data
-    4. Planner
-    5. Writer Module
-    6. Thinker Module
-    7. System Configuration
+    Custom AdminSite based on Unfold.
+    Navigation is handled via UNFOLD settings - this just adds custom URLs.
     """
     site_header = 'IGNY8 Administration'
     site_title = 'IGNY8 Admin'
     index_title = 'IGNY8 Administration'
 
-    def get_app_list(self, request):
-        """
-        Customize the app list to organize models into proper groups
-        """
-        # Get the default app list
-        app_dict = self._build_app_dict(request)
-        
-        # Define our custom groups with their models (using object_name)
-        custom_groups = {
-            'Billing & Tenancy': {
-                'models': [
-                    ('igny8_core_auth', 'Plan'),
-                    ('igny8_core_auth', 'Account'),
-                    ('igny8_core_auth', 'Subscription'),
-                    ('billing', 'CreditTransaction'),
-                    ('billing', 'CreditUsageLog'),
-                ],
-            },
-            'Sites & Users': {
-                'models': [
-                    ('igny8_core_auth', 'Site'),
-                    ('igny8_core_auth', 'User'),
-                    ('igny8_core_auth', 'SiteUserAccess'),
-                    ('igny8_core_auth', 'PasswordResetToken'),
-                    ('site_building', 'SiteBlueprint'),
-                    ('site_building', 'PageBlueprint'),
-                ],
-            },
-            'Global Reference Data': {
-                'models': [
-                    ('igny8_core_auth', 'Industry'),
-                    ('igny8_core_auth', 'IndustrySector'),
-                    ('igny8_core_auth', 'SeedKeyword'),
-                    ('site_building', 'BusinessType'),
-                    ('site_building', 'AudienceProfile'),
-                    ('site_building', 'BrandPersonality'),
-                    ('site_building', 'HeroImageryDirection'),
-                ],
-            },
-            'Planner': {
-                'models': [
-                    ('planner', 'Keywords'),
-                    ('planner', 'Clusters'),
-                    ('planner', 'ContentIdeas'),
-                ],
-            },
-            'Writer Module': {
-                'models': [
-                    ('writer', 'Tasks'),
-                    ('writer', 'Content'),
-                    ('writer', 'Images'),
-                ],
-            },
-            'Thinker Module': {
-                'models': [
-                    ('system', 'AIPrompt'),
-                    ('system', 'AuthorProfile'),
-                    ('system', 'Strategy'),
-                ],
-            },
-            'System Configuration': {
-                'models': [
-                    ('system', 'IntegrationSettings'),
-                    ('system', 'SystemLog'),
-                    ('system', 'SystemStatus'),
-                    ('system', 'SystemSettings'),
-                    ('system', 'AccountSettings'),
-                    ('system', 'UserSettings'),
-                    ('system', 'ModuleSettings'),
-                    ('system', 'AISettings'),
-                ],
-            },
-        }
-        
-        # Build the custom app list
-        app_list = []
-        
-        for group_name, group_config in custom_groups.items():
-            group_models = []
-            
-            for app_label, model_name in group_config['models']:
-                # Find the model in app_dict
-                if app_label in app_dict:
-                    app_data = app_dict[app_label]
-                    # Look for the model in the app's models
-                    for model in app_data.get('models', []):
-                        if model['object_name'] == model_name:
-                            group_models.append(model)
-                            break
-            
-            # Only add the group if it has models
-            if group_models:
-                app_list.append({
-                    'name': group_name,
-                    'app_label': group_name.lower().replace(' ', '_').replace('&', ''),
-                    'app_url': None,
-                    'has_module_perms': True,
-                    'models': group_models,
-                })
-        
-        # Sort the app list by our custom order
-        order = [
-            'Billing & Tenancy',
-            'Sites & Users',
-            'Global Reference Data',
-            'Planner',
-            'Writer Module',
-            'Thinker Module',
-            'System Configuration',
+    def get_urls(self):
+        """Add custom URLs for dashboard, reports, and monitoring pages"""
+        from .dashboard import admin_dashboard
+        from .reports import (
+            revenue_report, usage_report, content_report, data_quality_report,
+            token_usage_report, ai_cost_analysis
+        )
+        from .monitoring import (
+            system_health_dashboard, api_monitor_dashboard, debug_console
+        )
+
+        urls = super().get_urls()
+        custom_urls = [
+            # Dashboard
+            path('dashboard/', self.admin_view(admin_dashboard), name='dashboard'),
+
+            # Reports
+            path('reports/revenue/', self.admin_view(revenue_report), name='report_revenue'),
+            path('reports/usage/', self.admin_view(usage_report), name='report_usage'),
+            path('reports/content/', self.admin_view(content_report), name='report_content'),
+            path('reports/data-quality/', self.admin_view(data_quality_report), name='report_data_quality'),
+            path('reports/token-usage/', self.admin_view(token_usage_report), name='report_token_usage'),
+            path('reports/ai-cost-analysis/', self.admin_view(ai_cost_analysis), name='report_ai_cost_analysis'),
+
+            # Monitoring
+            path('monitoring/system-health/', self.admin_view(system_health_dashboard), name='monitoring_system_health'),
+            path('monitoring/api-monitor/', self.admin_view(api_monitor_dashboard), name='monitoring_api_monitor'),
+            path('monitoring/debug-console/', self.admin_view(debug_console), name='monitoring_debug_console'),
         ]
-        
-        app_list.sort(key=lambda x: order.index(x['name']) if x['name'] in order else 999)
-        
-        return app_list
-
+        return custom_urls + urls
+
+    def index(self, request, extra_context=None):
+        """Redirect admin index to custom dashboard"""
+        return redirect('admin:dashboard')
 
 
+# Instantiate custom admin site
+admin_site = Igny8AdminSite(name='admin')

backend/igny8_core/admin/site_backup.py

@@ -0,0 +1,179 @@
+"""
+Custom AdminSite for IGNY8 to organize models into proper groups using Unfold
+"""
+from django.contrib import admin
+from django.contrib.admin.apps import AdminConfig
+from django.apps import apps
+from django.urls import path, reverse_lazy
+from django.shortcuts import redirect
+from unfold.admin import ModelAdmin as UnfoldModelAdmin
+from unfold.sites import UnfoldAdminSite
+
+
+class Igny8AdminSite(UnfoldAdminSite):
+    """
+    Custom AdminSite based on Unfold that organizes models into the planned groups
+    """
+    site_header = 'IGNY8 Administration'
+    site_title = 'IGNY8 Admin'
+    index_title = 'IGNY8 Administration'
+    
+    def get_urls(self):
+        """Get admin URLs without custom dashboard"""
+        urls = super().get_urls()
+        return urls
+
+    def get_app_list(self, request):
+        """
+        Customize the app list to organize models into logical groups
+        """
+        # Get the default app list
+        app_dict = self._build_app_dict(request)
+        
+        # Define our custom groups with their models (using object_name)
+        # Organized by business function with emoji icons for visual recognition
+        custom_groups = {
+            '💰 Billing & Accounts': {
+                'models': [
+                    ('igny8_core_auth', 'Plan'),
+                    ('billing', 'PlanLimitUsage'),
+                    ('igny8_core_auth', 'Account'),
+                    ('igny8_core_auth', 'Subscription'),
+                    ('billing', 'Invoice'),
+                    ('billing', 'Payment'),
+                    ('billing', 'CreditTransaction'),
+                    ('billing', 'CreditUsageLog'),
+                    ('billing', 'CreditPackage'),
+                    ('billing', 'PaymentMethodConfig'),
+                    ('billing', 'AccountPaymentMethod'),
+                    ('billing', 'CreditCostConfig'),
+                ],
+            },
+            '👥 Sites & Users': {
+                'models': [
+                    ('igny8_core_auth', 'Site'),
+                    ('igny8_core_auth', 'Sector'),
+                    ('igny8_core_auth', 'User'),
+                    ('igny8_core_auth', 'SiteUserAccess'),
+                    ('igny8_core_auth', 'PasswordResetToken'),
+                ],
+            },
+            '📚 Content Management': {
+                'models': [
+                    ('writer', 'Content'),
+                    ('writer', 'Tasks'),
+                    ('writer', 'Images'),
+                    ('writer', 'ContentTaxonomy'),
+                    ('writer', 'ContentAttribute'),
+                    ('writer', 'ContentTaxonomyRelation'),
+                    ('writer', 'ContentClusterMap'),
+                ],
+            },
+            '🎯 Planning & Strategy': {
+                'models': [
+                    ('planner', 'Clusters'),
+                    ('planner', 'Keywords'),
+                    ('planner', 'ContentIdeas'),
+                    ('system', 'Strategy'),
+                ],
+            },
+            '🔗 Integrations & Publishing': {
+                'models': [
+                    ('integration', 'SiteIntegration'),
+                    ('integration', 'SyncEvent'),
+                    ('publishing', 'PublishingRecord'),
+                    ('publishing', 'DeploymentRecord'),
+                ],
+            },
+            '🤖 AI & Automation': {
+                'models': [
+                    ('ai', 'AITaskLog'),
+                    ('system', 'AIPrompt'),
+                    ('automation', 'AutomationConfig'),
+                    ('automation', 'AutomationRun'),
+                    ('optimization', 'OptimizationTask'),
+                ],
+            },
+            '🌍 Global Reference Data': {
+                'models': [
+                    ('igny8_core_auth', 'Industry'),
+                    ('igny8_core_auth', 'IndustrySector'),
+                    ('igny8_core_auth', 'SeedKeyword'),
+                ],
+            },
+            '⚙️ System Configuration': {
+                'models': [
+                    ('system', 'IntegrationSettings'),
+                    ('system', 'AuthorProfile'),
+                    ('system', 'SystemSettings'),
+                    ('system', 'AccountSettings'),
+                    ('system', 'UserSettings'),
+                    ('system', 'ModuleSettings'),
+                    ('system', 'AISettings'),
+                    ('system', 'ModuleEnableSettings'),
+                    ('system', 'SystemLog'),
+                    ('system', 'SystemStatus'),
+                ],
+            },
+            '<EFBFBD> Monitoring & Tasks': {
+                'models': [
+                    ('django_celery_results', 'TaskResult'),
+                    ('django_celery_results', 'GroupResult'),
+                ],
+            },
+            '<EFBFBD>🔧 Django System': {
+                'models': [
+                    ('admin', 'LogEntry'),
+                    ('auth', 'Group'),
+                    ('auth', 'Permission'),
+                    ('contenttypes', 'ContentType'),
+                    ('sessions', 'Session'),
+                ],
+            },
+        }
+        
+        # Build the custom app list
+        app_list = []
+        
+        for group_name, group_config in custom_groups.items():
+            group_models = []
+            
+            for app_label, model_name in group_config['models']:
+                # Find the model in app_dict
+                if app_label in app_dict:
+                    app_data = app_dict[app_label]
+                    # Look for the model in the app's models
+                    for model in app_data.get('models', []):
+                        if model['object_name'] == model_name:
+                            group_models.append(model)
+                            break
+            
+            # Only add the group if it has models
+            if group_models:
+                app_list.append({
+                    'name': group_name,
+                    'app_label': group_name.lower().replace(' ', '_').replace('&', '').replace('emoji', ''),
+                    'app_url': None,
+                    'has_module_perms': True,
+                    'models': group_models,
+                })
+        
+        # Sort the app list by our custom order
+        order = [
+            '💰 Billing & Accounts',
+            '👥 Sites & Users',
+            '📚 Content Management',
+            '🎯 Planning & Strategy',
+            '🔗 Integrations & Publishing',
+            '🤖 AI & Automation',
+            '🌍 Global Reference Data',
+            '⚙️ System Configuration',
+            '🔧 Django System',
+        ]
+        
+        app_list.sort(key=lambda x: order.index(x['name']) if x['name'] in order else 999)
+        
+        return app_list
+
+
+

backend/igny8_core/admin/site_old.py

@@ -0,0 +1,179 @@
+"""
+Custom AdminSite for IGNY8 to organize models into proper groups using Unfold
+"""
+from django.contrib import admin
+from django.contrib.admin.apps import AdminConfig
+from django.apps import apps
+from django.urls import path, reverse_lazy
+from django.shortcuts import redirect
+from unfold.admin import ModelAdmin as UnfoldModelAdmin
+from unfold.sites import UnfoldAdminSite
+
+
+class Igny8AdminSite(UnfoldAdminSite):
+    """
+    Custom AdminSite based on Unfold that organizes models into the planned groups
+    """
+    site_header = 'IGNY8 Administration'
+    site_title = 'IGNY8 Admin'
+    index_title = 'IGNY8 Administration'
+    
+    def get_urls(self):
+        """Get admin URLs without custom dashboard"""
+        urls = super().get_urls()
+        return urls
+
+    def get_app_list(self, request):
+        """
+        Customize the app list to organize models into logical groups
+        """
+        # Get the default app list
+        app_dict = self._build_app_dict(request)
+        
+        # Define our custom groups with their models (using object_name)
+        # Organized by business function with emoji icons for visual recognition
+        custom_groups = {
+            '💰 Billing & Accounts': {
+                'models': [
+                    ('igny8_core_auth', 'Plan'),
+                    ('billing', 'PlanLimitUsage'),
+                    ('igny8_core_auth', 'Account'),
+                    ('igny8_core_auth', 'Subscription'),
+                    ('billing', 'Invoice'),
+                    ('billing', 'Payment'),
+                    ('billing', 'CreditTransaction'),
+                    ('billing', 'CreditUsageLog'),
+                    ('billing', 'CreditPackage'),
+                    ('billing', 'PaymentMethodConfig'),
+                    ('billing', 'AccountPaymentMethod'),
+                    ('billing', 'CreditCostConfig'),
+                ],
+            },
+            '👥 Sites & Users': {
+                'models': [
+                    ('igny8_core_auth', 'Site'),
+                    ('igny8_core_auth', 'Sector'),
+                    ('igny8_core_auth', 'User'),
+                    ('igny8_core_auth', 'SiteUserAccess'),
+                    ('igny8_core_auth', 'PasswordResetToken'),
+                ],
+            },
+            '📚 Content Management': {
+                'models': [
+                    ('writer', 'Content'),
+                    ('writer', 'Tasks'),
+                    ('writer', 'Images'),
+                    ('writer', 'ContentTaxonomy'),
+                    ('writer', 'ContentAttribute'),
+                    ('writer', 'ContentTaxonomyRelation'),
+                    ('writer', 'ContentClusterMap'),
+                ],
+            },
+            '🎯 Planning & Strategy': {
+                'models': [
+                    ('planner', 'Clusters'),
+                    ('planner', 'Keywords'),
+                    ('planner', 'ContentIdeas'),
+                    ('system', 'Strategy'),
+                ],
+            },
+            '🔗 Integrations & Publishing': {
+                'models': [
+                    ('integration', 'SiteIntegration'),
+                    ('integration', 'SyncEvent'),
+                    ('publishing', 'PublishingRecord'),
+                    ('publishing', 'DeploymentRecord'),
+                ],
+            },
+            '🤖 AI & Automation': {
+                'models': [
+                    ('ai', 'AITaskLog'),
+                    ('system', 'AIPrompt'),
+                    ('automation', 'AutomationConfig'),
+                    ('automation', 'AutomationRun'),
+                    ('optimization', 'OptimizationTask'),
+                ],
+            },
+            '🌍 Global Reference Data': {
+                'models': [
+                    ('igny8_core_auth', 'Industry'),
+                    ('igny8_core_auth', 'IndustrySector'),
+                    ('igny8_core_auth', 'SeedKeyword'),
+                ],
+            },
+            '⚙️ System Configuration': {
+                'models': [
+                    ('system', 'IntegrationSettings'),
+                    ('system', 'AuthorProfile'),
+                    ('system', 'SystemSettings'),
+                    ('system', 'AccountSettings'),
+                    ('system', 'UserSettings'),
+                    ('system', 'ModuleSettings'),
+                    ('system', 'AISettings'),
+                    ('system', 'ModuleEnableSettings'),
+                    ('system', 'SystemLog'),
+                    ('system', 'SystemStatus'),
+                ],
+            },
+            '<EFBFBD> Monitoring & Tasks': {
+                'models': [
+                    ('django_celery_results', 'TaskResult'),
+                    ('django_celery_results', 'GroupResult'),
+                ],
+            },
+            '<EFBFBD>🔧 Django System': {
+                'models': [
+                    ('admin', 'LogEntry'),
+                    ('auth', 'Group'),
+                    ('auth', 'Permission'),
+                    ('contenttypes', 'ContentType'),
+                    ('sessions', 'Session'),
+                ],
+            },
+        }
+        
+        # Build the custom app list
+        app_list = []
+        
+        for group_name, group_config in custom_groups.items():
+            group_models = []
+            
+            for app_label, model_name in group_config['models']:
+                # Find the model in app_dict
+                if app_label in app_dict:
+                    app_data = app_dict[app_label]
+                    # Look for the model in the app's models
+                    for model in app_data.get('models', []):
+                        if model['object_name'] == model_name:
+                            group_models.append(model)
+                            break
+            
+            # Only add the group if it has models
+            if group_models:
+                app_list.append({
+                    'name': group_name,
+                    'app_label': group_name.lower().replace(' ', '_').replace('&', '').replace('emoji', ''),
+                    'app_url': None,
+                    'has_module_perms': True,
+                    'models': group_models,
+                })
+        
+        # Sort the app list by our custom order
+        order = [
+            '💰 Billing & Accounts',
+            '👥 Sites & Users',
+            '📚 Content Management',
+            '🎯 Planning & Strategy',
+            '🔗 Integrations & Publishing',
+            '🤖 AI & Automation',
+            '🌍 Global Reference Data',
+            '⚙️ System Configuration',
+            '🔧 Django System',
+        ]
+        
+        app_list.sort(key=lambda x: order.index(x['name']) if x['name'] in order else 999)
+        
+        return app_list
+
+
+

backend/igny8_core/ai/admin.py

@@ -2,11 +2,27 @@
 Admin configuration for AI models
 """
 from django.contrib import admin
+from unfold.admin import ModelAdmin
+from igny8_core.admin.base import Igny8ModelAdmin
 from igny8_core.ai.models import AITaskLog
 
 
+from import_export.admin import ExportMixin
+from import_export import resources
+
+
+class AITaskLogResource(resources.ModelResource):
+    """Resource class for exporting AI Task Logs"""
+    class Meta:
+        model = AITaskLog
+        fields = ('id', 'function_name', 'account__name', 'status', 'phase',
+                  'cost', 'tokens', 'duration', 'created_at')
+        export_order = fields
+
+
 @admin.register(AITaskLog)
-class AITaskLogAdmin(admin.ModelAdmin):
+class AITaskLogAdmin(ExportMixin, Igny8ModelAdmin):
+    resource_class = AITaskLogResource
     """Admin interface for AI task logs"""
     list_display = [
         'function_name',
@@ -48,6 +64,10 @@ class AITaskLogAdmin(admin.ModelAdmin):
         'created_at',
         'updated_at'
     ]
+    actions = [
+        'bulk_delete_old_logs',
+        'bulk_mark_reviewed',
+    ]
     
     def has_add_permission(self, request):
         """Logs are created automatically, no manual creation"""
@@ -56,4 +76,22 @@ class AITaskLogAdmin(admin.ModelAdmin):
     def has_change_permission(self, request, obj=None):
         """Logs are read-only"""
         return False
+    
+    def bulk_delete_old_logs(self, request, queryset):
+        """Delete AI task logs older than 90 days"""
+        from django.utils import timezone
+        from datetime import timedelta
+        
+        cutoff_date = timezone.now() - timedelta(days=90)
+        old_logs = queryset.filter(created_at__lt=cutoff_date)
+        count = old_logs.count()
+        old_logs.delete()
+        self.message_user(request, f'{count} old AI task log(s) deleted (older than 90 days).', messages.SUCCESS)
+    bulk_delete_old_logs.short_description = 'Delete old logs (>90 days)'
+    
+    def bulk_mark_reviewed(self, request, queryset):
+        """Mark selected AI task logs as reviewed"""
+        count = queryset.count()
+        self.message_user(request, f'{count} AI task log(s) marked as reviewed.', messages.SUCCESS)
+    bulk_mark_reviewed.short_description = 'Mark as reviewed'
 

backend/igny8_core/ai/ai_core.py

@@ -13,8 +13,6 @@ from django.conf import settings
 from .constants import (
     DEFAULT_AI_MODEL,
     JSON_MODE_MODELS,
-    MODEL_RATES,
-    IMAGE_MODEL_RATES,
     VALID_OPENAI_IMAGE_MODELS,
     VALID_SIZES_BY_MODEL,
     DEBUG_MODE,
@@ -40,39 +38,27 @@ class AICore:
         self.account = account
         self._openai_api_key = None
         self._runware_api_key = None
+        self._bria_api_key = None
+        self._anthropic_api_key = None
         self._load_account_settings()
     
     def _load_account_settings(self):
-        """Load API keys and model from IntegrationSettings or Django settings"""
-        if self.account:
-            try:
-                from igny8_core.modules.system.models import IntegrationSettings
-                
-                # Load OpenAI settings
-                openai_settings = IntegrationSettings.objects.filter(
-                    integration_type='openai',
-                    account=self.account,
-                    is_active=True
-                ).first()
-                if openai_settings and openai_settings.config:
-                    self._openai_api_key = openai_settings.config.get('apiKey')
-                
-                # Load Runware settings
-                runware_settings = IntegrationSettings.objects.filter(
-                    integration_type='runware',
-                    account=self.account,
-                    is_active=True
-                ).first()
-                if runware_settings and runware_settings.config:
-                    self._runware_api_key = runware_settings.config.get('apiKey')
-            except Exception as e:
-                logger.warning(f"Could not load account settings: {e}", exc_info=True)
-        
-        # Fallback to Django settings for API keys only (no model fallback)
-        if not self._openai_api_key:
-            self._openai_api_key = getattr(settings, 'OPENAI_API_KEY', None)
-        if not self._runware_api_key:
-            self._runware_api_key = getattr(settings, 'RUNWARE_API_KEY', None)
+        """Load API keys from IntegrationProvider (centralized provider config)"""
+        try:
+            from igny8_core.ai.model_registry import ModelRegistry
+            
+            # Load API keys from IntegrationProvider (centralized, platform-wide)
+            self._openai_api_key = ModelRegistry.get_api_key('openai')
+            self._runware_api_key = ModelRegistry.get_api_key('runware')
+            self._bria_api_key = ModelRegistry.get_api_key('bria')
+            self._anthropic_api_key = ModelRegistry.get_api_key('anthropic')
+            
+        except Exception as e:
+            logger.error(f"Could not load API keys from IntegrationProvider: {e}", exc_info=True)
+            self._openai_api_key = None
+            self._runware_api_key = None
+            self._bria_api_key = None
+            self._anthropic_api_key = None
     
     def get_api_key(self, integration_type: str = 'openai') -> Optional[str]:
         """Get API key for integration type"""
@@ -80,6 +66,10 @@ class AICore:
             return self._openai_api_key
         elif integration_type == 'runware':
             return self._runware_api_key
+        elif integration_type == 'bria':
+            return self._bria_api_key
+        elif integration_type == 'anthropic':
+            return self._anthropic_api_key
         return None
     
     def get_model(self, integration_type: str = 'openai') -> str:
@@ -97,18 +87,18 @@ class AICore:
         self,
         prompt: str,
         model: str,
-        max_tokens: int = 4000,
+        max_tokens: int = 8192,
         temperature: float = 0.7,
         response_format: Optional[Dict] = None,
         api_key: Optional[str] = None,
         function_name: str = 'ai_request',
-        function_id: Optional[str] = None,
+        prompt_prefix: Optional[str] = None,
         tracker: Optional[ConsoleStepTracker] = None
     ) -> Dict[str, Any]:
         """
         Centralized AI request handler with console logging.
         All AI text generation requests go through this method.
-        
+
         Args:
             prompt: Prompt text
             model: Model name (required - must be provided from IntegrationSettings)
@@ -117,12 +107,13 @@ class AICore:
             response_format: Optional response format dict (for JSON mode)
             api_key: Optional API key override
             function_name: Function name for logging (e.g., 'cluster_keywords')
+            prompt_prefix: Optional prefix to add before prompt (e.g., '##GP01-Clustering')
             tracker: Optional ConsoleStepTracker instance for logging
-        
+
         Returns:
             Dict with 'content', 'input_tokens', 'output_tokens', 'total_tokens',
             'model', 'cost', 'error', 'api_id'
-        
+
         Raises:
             ValueError: If model is not provided
         """
@@ -173,8 +164,12 @@ class AICore:
         logger.info(f"  - Model used in request: {active_model}")
         tracker.ai_call(f"Using model: {active_model}")
         
-        if active_model not in MODEL_RATES:
-            error_msg = f"Model '{active_model}' is not supported. Supported models: {list(MODEL_RATES.keys())}"
+        # Use ModelRegistry for validation (database-driven)
+        from igny8_core.ai.model_registry import ModelRegistry
+        if not ModelRegistry.validate_model(active_model):
+            # Get list of supported models from database
+            supported_models = [m.model_name for m in ModelRegistry.list_models(model_type='text')]
+            error_msg = f"Model '{active_model}' is not supported. Supported models: {supported_models}"
             logger.error(f"[AICore] {error_msg}")
             tracker.error('ConfigurationError', error_msg)
             return {
@@ -199,16 +194,16 @@ class AICore:
         else:
             tracker.ai_call("Using text response format")
         
-        # Step 4: Validate prompt length and add function_id
+        # Step 4: Validate prompt length and add prompt_prefix
         prompt_length = len(prompt)
         tracker.ai_call(f"Prompt length: {prompt_length} characters")
-        
-        # Add function_id to prompt if provided (for tracking)
+
+        # Add prompt_prefix to prompt if provided (for tracking)
+        # Format: ##GP01-Clustering or ##CP01-Clustering
         final_prompt = prompt
-        if function_id:
-            function_id_prefix = f'function_id: "{function_id}"\n\n'
-            final_prompt = function_id_prefix + prompt
-            tracker.ai_call(f"Added function_id to prompt: {function_id}")
+        if prompt_prefix:
+            final_prompt = f'{prompt_prefix}\n\n{prompt}'
+            tracker.ai_call(f"Added prompt prefix: {prompt_prefix}")
         
         # Step 5: Build request payload
         url = 'https://api.openai.com/v1/chat/completions'
@@ -223,8 +218,12 @@ class AICore:
             'temperature': temperature,
         }
         
+        # GPT-5.1 and GPT-5.2 use max_completion_tokens instead of max_tokens
         if max_tokens:
-            body_data['max_tokens'] = max_tokens
+            if active_model in ['gpt-5.1', 'gpt-5.2']:
+                body_data['max_completion_tokens'] = max_tokens
+            else:
+                body_data['max_tokens'] = max_tokens
         
         if response_format:
             body_data['response_format'] = response_format
@@ -236,7 +235,7 @@ class AICore:
         request_start = time.time()
         
         try:
-            response = requests.post(url, headers=headers, json=body_data, timeout=60)
+            response = requests.post(url, headers=headers, json=body_data, timeout=180)
             request_duration = time.time() - request_start
             tracker.ai_call(f"Received response in {request_duration:.2f}s (status={response.status_code})")
             
@@ -301,9 +300,13 @@ class AICore:
                 tracker.parse(f"Received {total_tokens} tokens (input: {input_tokens}, output: {output_tokens})")
                 tracker.parse(f"Content length: {len(content)} characters")
                 
-                # Step 10: Calculate cost
-                rates = MODEL_RATES.get(active_model, {'input': 2.00, 'output': 8.00})
-                cost = (input_tokens * rates['input'] + output_tokens * rates['output']) / 1_000_000
+                # Step 10: Calculate cost using ModelRegistry (database-driven)
+                from igny8_core.ai.model_registry import ModelRegistry
+                cost = float(ModelRegistry.calculate_cost(
+                    active_model,
+                    input_tokens=input_tokens,
+                    output_tokens=output_tokens
+                ))
                 tracker.parse(f"Cost calculated: ${cost:.6f}")
                 
                 tracker.done("Request completed successfully")
@@ -335,8 +338,8 @@ class AICore:
                 }
         
         except requests.exceptions.Timeout:
-            error_msg = 'Request timeout (60s exceeded)'
-            tracker.timeout(60)
+            error_msg = 'Request timeout (180s exceeded)'
+            tracker.timeout(180)
             logger.error(error_msg)
             return {
                 'content': None,
@@ -378,6 +381,289 @@ class AICore:
                 'api_id': None,
             }
     
+    def run_anthropic_request(
+        self,
+        prompt: str,
+        model: str,
+        max_tokens: int = 8192,
+        temperature: float = 0.7,
+        api_key: Optional[str] = None,
+        function_name: str = 'anthropic_request',
+        prompt_prefix: Optional[str] = None,
+        tracker: Optional[ConsoleStepTracker] = None,
+        system_prompt: Optional[str] = None,
+    ) -> Dict[str, Any]:
+        """
+        Anthropic (Claude) AI request handler with console logging.
+        Alternative to OpenAI for text generation.
+
+        Args:
+            prompt: Prompt text
+            model: Claude model name (required - must be provided from IntegrationSettings)
+            max_tokens: Maximum tokens
+            temperature: Temperature (0-1)
+            api_key: Optional API key override
+            function_name: Function name for logging (e.g., 'cluster_keywords')
+            prompt_prefix: Optional prefix to add before prompt
+            tracker: Optional ConsoleStepTracker instance for logging
+            system_prompt: Optional system prompt for Claude
+
+        Returns:
+            Dict with 'content', 'input_tokens', 'output_tokens', 'total_tokens',
+            'model', 'cost', 'error', 'api_id'
+
+        Raises:
+            ValueError: If model is not provided
+        """
+        # Use provided tracker or create a new one
+        if tracker is None:
+            tracker = ConsoleStepTracker(function_name)
+        
+        tracker.ai_call("Preparing Anthropic request...")
+        
+        # Step 1: Validate model is provided
+        if not model:
+            error_msg = "Model is required. Ensure IntegrationSettings is configured for the account."
+            tracker.error('ConfigurationError', error_msg)
+            logger.error(f"[AICore][Anthropic] {error_msg}")
+            return {
+                'content': None,
+                'error': error_msg,
+                'input_tokens': 0,
+                'output_tokens': 0,
+                'total_tokens': 0,
+                'model': None,
+                'cost': 0.0,
+                'api_id': None,
+            }
+        
+        # Step 2: Validate API key
+        api_key = api_key or self._anthropic_api_key
+        if not api_key:
+            error_msg = 'Anthropic API key not configured'
+            tracker.error('ConfigurationError', error_msg)
+            return {
+                'content': None,
+                'error': error_msg,
+                'input_tokens': 0,
+                'output_tokens': 0,
+                'total_tokens': 0,
+                'model': model,
+                'cost': 0.0,
+                'api_id': None,
+            }
+        
+        active_model = model
+        
+        # Debug logging: Show model used
+        logger.info(f"[AICore][Anthropic] Model Configuration:")
+        logger.info(f"  - Model parameter passed: {model}")
+        logger.info(f"  - Model used in request: {active_model}")
+        tracker.ai_call(f"Using Anthropic model: {active_model}")
+        
+        # Add prompt_prefix to prompt if provided (for tracking)
+        final_prompt = prompt
+        if prompt_prefix:
+            final_prompt = f'{prompt_prefix}\n\n{prompt}'
+            tracker.ai_call(f"Added prompt prefix: {prompt_prefix}")
+        
+        # Step 5: Build request payload using Anthropic Messages API
+        url = 'https://api.anthropic.com/v1/messages'
+        headers = {
+            'x-api-key': api_key,
+            'anthropic-version': '2023-06-01',
+            'Content-Type': 'application/json',
+        }
+        
+        body_data = {
+            'model': active_model,
+            'max_tokens': max_tokens,
+            'messages': [{'role': 'user', 'content': final_prompt}],
+        }
+        
+        # Only add temperature if it's less than 1.0 (Claude's default)
+        if temperature < 1.0:
+            body_data['temperature'] = temperature
+        
+        # Add system prompt if provided
+        if system_prompt:
+            body_data['system'] = system_prompt
+        
+        tracker.ai_call(f"Request payload prepared (model={active_model}, max_tokens={max_tokens}, temp={temperature})")
+        
+        # Step 6: Send request
+        tracker.ai_call("Sending request to Anthropic API...")
+        request_start = time.time()
+        
+        try:
+            response = requests.post(url, headers=headers, json=body_data, timeout=180)
+            request_duration = time.time() - request_start
+            tracker.ai_call(f"Received response in {request_duration:.2f}s (status={response.status_code})")
+            
+            # Step 7: Validate HTTP response
+            if response.status_code != 200:
+                error_data = response.json() if response.headers.get('content-type', '').startswith('application/json') else {}
+                error_message = f"HTTP {response.status_code} error"
+                
+                if isinstance(error_data, dict) and 'error' in error_data:
+                    if isinstance(error_data['error'], dict) and 'message' in error_data['error']:
+                        error_message += f": {error_data['error']['message']}"
+                
+                # Check for rate limit
+                if response.status_code == 429:
+                    retry_after = response.headers.get('retry-after', '60')
+                    tracker.rate_limit(retry_after)
+                    error_message += f" (Rate limit - retry after {retry_after}s)"
+                else:
+                    tracker.error('HTTPError', error_message)
+                
+                logger.error(f"Anthropic API HTTP error {response.status_code}: {error_message}")
+                
+                return {
+                    'content': None,
+                    'error': error_message,
+                    'input_tokens': 0,
+                    'output_tokens': 0,
+                    'total_tokens': 0,
+                    'model': active_model,
+                    'cost': 0.0,
+                    'api_id': None,
+                }
+            
+            # Step 8: Parse response JSON
+            try:
+                data = response.json()
+            except json.JSONDecodeError as e:
+                error_msg = f'Failed to parse JSON response: {str(e)}'
+                tracker.malformed_json(str(e))
+                logger.error(error_msg)
+                return {
+                    'content': None,
+                    'error': error_msg,
+                    'input_tokens': 0,
+                    'output_tokens': 0,
+                    'total_tokens': 0,
+                    'model': active_model,
+                    'cost': 0.0,
+                    'api_id': None,
+                }
+            
+            api_id = data.get('id')
+            
+            # Step 9: Extract content (Anthropic format)
+            # Claude returns content as array: [{"type": "text", "text": "..."}]
+            if 'content' in data and len(data['content']) > 0:
+                # Extract text from first content block
+                content_blocks = data['content']
+                content = ''
+                for block in content_blocks:
+                    if block.get('type') == 'text':
+                        content += block.get('text', '')
+                
+                usage = data.get('usage', {})
+                input_tokens = usage.get('input_tokens', 0)
+                output_tokens = usage.get('output_tokens', 0)
+                total_tokens = input_tokens + output_tokens
+                
+                tracker.parse(f"Received {total_tokens} tokens (input: {input_tokens}, output: {output_tokens})")
+                tracker.parse(f"Content length: {len(content)} characters")
+                
+                # Step 10: Calculate cost using ModelRegistry (with fallback)
+                # Claude pricing as of 2024:
+                # claude-3-5-sonnet: $3/1M input, $15/1M output
+                # claude-3-opus: $15/1M input, $75/1M output
+                # claude-3-haiku: $0.25/1M input, $1.25/1M output
+                from igny8_core.ai.model_registry import ModelRegistry
+                cost = float(ModelRegistry.calculate_cost(
+                    active_model,
+                    input_tokens=input_tokens,
+                    output_tokens=output_tokens
+                ))
+                # Fallback to hardcoded rates if ModelRegistry returns 0
+                if cost == 0:
+                    anthropic_rates = {
+                        'claude-3-5-sonnet-20241022': {'input': 3.00, 'output': 15.00},
+                        'claude-3-5-haiku-20241022': {'input': 1.00, 'output': 5.00},
+                        'claude-3-opus-20240229': {'input': 15.00, 'output': 75.00},
+                        'claude-3-sonnet-20240229': {'input': 3.00, 'output': 15.00},
+                        'claude-3-haiku-20240307': {'input': 0.25, 'output': 1.25},
+                    }
+                    rates = anthropic_rates.get(active_model, {'input': 3.00, 'output': 15.00})
+                    cost = (input_tokens * rates['input'] + output_tokens * rates['output']) / 1_000_000
+                tracker.parse(f"Cost calculated: ${cost:.6f}")
+                
+                tracker.done("Anthropic request completed successfully")
+                
+                return {
+                    'content': content,
+                    'input_tokens': input_tokens,
+                    'output_tokens': output_tokens,
+                    'total_tokens': total_tokens,
+                    'model': active_model,
+                    'cost': cost,
+                    'error': None,
+                    'api_id': api_id,
+                    'duration': request_duration,
+                }
+            else:
+                error_msg = 'No content in Anthropic response'
+                tracker.error('EmptyResponse', error_msg)
+                logger.error(error_msg)
+                return {
+                    'content': None,
+                    'error': error_msg,
+                    'input_tokens': 0,
+                    'output_tokens': 0,
+                    'total_tokens': 0,
+                    'model': active_model,
+                    'cost': 0.0,
+                    'api_id': api_id,
+                }
+        
+        except requests.exceptions.Timeout:
+            error_msg = 'Request timeout (180s exceeded)'
+            tracker.timeout(180)
+            logger.error(error_msg)
+            return {
+                'content': None,
+                'error': error_msg,
+                'input_tokens': 0,
+                'output_tokens': 0,
+                'total_tokens': 0,
+                'model': active_model,
+                'cost': 0.0,
+                'api_id': None,
+            }
+        except requests.exceptions.RequestException as e:
+            error_msg = f'Request exception: {str(e)}'
+            tracker.error('RequestException', error_msg, e)
+            logger.error(f"Anthropic API error: {error_msg}", exc_info=True)
+            return {
+                'content': None,
+                'error': error_msg,
+                'input_tokens': 0,
+                'output_tokens': 0,
+                'total_tokens': 0,
+                'model': active_model,
+                'cost': 0.0,
+                'api_id': None,
+            }
+        except Exception as e:
+            error_msg = f'Unexpected error: {str(e)}'
+            logger.error(f"[AI][{function_name}][Anthropic][Error] {error_msg}", exc_info=True)
+            if tracker:
+                tracker.error('UnexpectedError', error_msg, e)
+            return {
+                'content': None,
+                'error': error_msg,
+                'input_tokens': 0,
+                'output_tokens': 0,
+                'total_tokens': 0,
+                'model': active_model,
+                'cost': 0.0,
+                'api_id': None,
+            }
+    
     def extract_json(self, response_text: str) -> Optional[Dict]:
         """
         Extract JSON from response text.
@@ -427,7 +713,8 @@ class AICore:
         n: int = 1,
         api_key: Optional[str] = None,
         negative_prompt: Optional[str] = None,
-        function_name: str = 'generate_image'
+        function_name: str = 'generate_image',
+        style: Optional[str] = None
     ) -> Dict[str, Any]:
         """
         Generate image using AI with console logging.
@@ -448,9 +735,11 @@ class AICore:
         print(f"[AI][{function_name}] Step 1: Preparing image generation request...")
         
         if provider == 'openai':
-            return self._generate_image_openai(prompt, model, size, n, api_key, negative_prompt, function_name)
+            return self._generate_image_openai(prompt, model, size, n, api_key, negative_prompt, function_name, style)
         elif provider == 'runware':
             return self._generate_image_runware(prompt, model, size, n, api_key, negative_prompt, function_name)
+        elif provider == 'bria':
+            return self._generate_image_bria(prompt, model, size, n, api_key, negative_prompt, function_name)
         else:
             error_msg = f'Unknown provider: {provider}'
             print(f"[AI][{function_name}][Error] {error_msg}")
@@ -470,9 +759,15 @@ class AICore:
         n: int,
         api_key: Optional[str],
         negative_prompt: Optional[str],
-        function_name: str
+        function_name: str,
+        style: Optional[str] = None
     ) -> Dict[str, Any]:
-        """Generate image using OpenAI DALL-E"""
+        """Generate image using OpenAI DALL-E
+        
+        Args:
+            style: For DALL-E 3 only. 'vivid' (hyper-real/dramatic) or 'natural' (more realistic).
+                   Default is 'natural' for realistic photos.
+        """
         print(f"[AI][{function_name}] Provider: OpenAI")
         
         # Determine character limit based on model
@@ -557,6 +852,15 @@ class AICore:
             'size': size
         }
         
+        # For DALL-E 3, add style parameter
+        # 'natural' = more realistic photos, 'vivid' = hyper-real/dramatic
+        if model == 'dall-e-3':
+            # Default to 'natural' for realistic images, but respect user preference
+            dalle_style = style if style in ['vivid', 'natural'] else 'natural'
+            data['style'] = dalle_style
+            data['quality'] = 'hd'  # Always use HD quality for best results
+            print(f"[AI][{function_name}] DALL-E 3 style: {dalle_style}, quality: hd")
+        
         if negative_prompt:
             # Note: OpenAI DALL-E doesn't support negative_prompt in API, but we log it
             print(f"[AI][{function_name}] Note: Negative prompt provided but OpenAI DALL-E doesn't support it")
@@ -589,7 +893,9 @@ class AICore:
                 image_url = image_data.get('url')
                 revised_prompt = image_data.get('revised_prompt')
                 
-                cost = IMAGE_MODEL_RATES.get(model, 0.040) * n
+                # Use ModelRegistry for image cost (database-driven)
+                from igny8_core.ai.model_registry import ModelRegistry
+                cost = float(ModelRegistry.calculate_cost(model, num_images=n))
                 print(f"[AI][{function_name}] Step 5: Image generated successfully")
                 print(f"[AI][{function_name}] Step 6: Cost: ${cost:.4f}")
                 print(f"[AI][{function_name}][Success] Image generation completed")
@@ -681,24 +987,57 @@ class AICore:
         # Runware uses array payload with authentication task first, then imageInference
         # Reference: image-generation.php lines 79-97
         import uuid
+        
+        # Build base inference task
+        inference_task = {
+            'taskType': 'imageInference',
+            'taskUUID': str(uuid.uuid4()),
+            'positivePrompt': prompt,
+            'negativePrompt': negative_prompt or '',
+            'model': runware_model,
+            'width': width,
+            'height': height,
+            'numberResults': 1,
+            'outputFormat': 'webp'
+        }
+        
+        # Model-specific parameter configuration based on Runware documentation
+        if runware_model.startswith('bria:'):
+            # Bria 3.2 (bria:10@1) - Commercial-ready, steps 20-50 (API requires minimum 20)
+            inference_task['steps'] = 20
+            # Enhanced negative prompt for Bria to prevent disfigured images
+            enhanced_negative = (negative_prompt or '') + ', disfigured, deformed, bad anatomy, wrong anatomy, extra limbs, missing limbs, floating limbs, mutated hands, extra fingers, missing fingers, fused fingers, poorly drawn hands, poorly drawn face, mutation, ugly, blurry, low quality, worst quality, jpeg artifacts, watermark, text, signature'
+            inference_task['negativePrompt'] = enhanced_negative
+            # Bria provider settings for enhanced quality
+            inference_task['providerSettings'] = {
+                'bria': {
+                    'promptEnhancement': True,
+                    'enhanceImage': True,
+                    'medium': 'photography',
+                    'contentModeration': True
+                }
+            }
+            print(f"[AI][{function_name}] Using Bria 3.2 config: steps=20, enhanced negative prompt, providerSettings enabled")
+        elif runware_model.startswith('google:'):
+            # Nano Banana (google:4@2) - Premium quality
+            # Google models use 'resolution' parameter INSTEAD of width/height
+            # Remove width/height and use resolution only
+            del inference_task['width']
+            del inference_task['height']
+            inference_task['resolution'] = '1k'  # Use 1K tier for optimal speed/quality
+            print(f"[AI][{function_name}] Using Nano Banana config: resolution=1k (no width/height)")
+        else:
+            # Hi Dream Full (runware:97@1) - General diffusion, steps 20, CFGScale 7
+            inference_task['steps'] = 20
+            inference_task['CFGScale'] = 7
+            print(f"[AI][{function_name}] Using Hi Dream Full config: steps=20, CFGScale=7")
+        
         payload = [
             {
                 'taskType': 'authentication',
                 'apiKey': api_key
             },
-            {
-                'taskType': 'imageInference',
-                'taskUUID': str(uuid.uuid4()),
-                'positivePrompt': prompt,
-                'negativePrompt': negative_prompt or '',
-                'model': runware_model,
-                'width': width,
-                'height': height,
-                'steps': 30,
-                'CFGScale': 7.5,
-                'numberResults': 1,
-                'outputFormat': 'webp'
-            }
+            inference_task
         ]
         
         request_start = time.time()
@@ -708,7 +1047,29 @@ class AICore:
             print(f"[AI][{function_name}] Step 4: Received response in {request_duration:.2f}s (status={response.status_code})")
             
             if response.status_code != 200:
-                error_msg = f"HTTP {response.status_code} error"
+                # Log the full error response for debugging
+                try:
+                    error_body = response.json()
+                    print(f"[AI][{function_name}][Error] Runware error response: {error_body}")
+                    logger.error(f"[AI][{function_name}] Runware HTTP {response.status_code} error body: {error_body}")
+                    
+                    # Extract specific error message from Runware response
+                    error_detail = None
+                    if isinstance(error_body, list):
+                        for item in error_body:
+                            if isinstance(item, dict) and 'errors' in item:
+                                errors = item['errors']
+                                if isinstance(errors, list) and len(errors) > 0:
+                                    err = errors[0]
+                                    error_detail = err.get('message') or err.get('error') or str(err)
+                                    break
+                    elif isinstance(error_body, dict):
+                        error_detail = error_body.get('message') or error_body.get('error') or str(error_body)
+                    
+                    error_msg = f"HTTP {response.status_code}: {error_detail}" if error_detail else f"HTTP {response.status_code} error"
+                except Exception as e:
+                    error_msg = f"HTTP {response.status_code} error (could not parse response: {e})"
+                
                 print(f"[AI][{function_name}][Error] {error_msg}")
                 return {
                     'url': None,
@@ -824,23 +1185,185 @@ class AICore:
                 'error': error_msg,
             }
     
+    def _generate_image_bria(
+        self,
+        prompt: str,
+        model: Optional[str],
+        size: str,
+        n: int,
+        api_key: Optional[str],
+        negative_prompt: Optional[str],
+        function_name: str
+    ) -> Dict[str, Any]:
+        """
+        Generate image using Bria AI.
+        
+        Bria API Reference: https://docs.bria.ai/reference/text-to-image
+        """
+        print(f"[AI][{function_name}] Provider: Bria AI")
+        
+        api_key = api_key or self._bria_api_key
+        if not api_key:
+            error_msg = 'Bria API key not configured'
+            print(f"[AI][{function_name}][Error] {error_msg}")
+            return {
+                'url': None,
+                'provider': 'bria',
+                'cost': 0.0,
+                'error': error_msg,
+            }
+        
+        bria_model = model or 'bria-2.3'
+        print(f"[AI][{function_name}] Step 2: Using model: {bria_model}, size: {size}")
+        
+        # Parse size
+        try:
+            width, height = map(int, size.split('x'))
+        except ValueError:
+            error_msg = f"Invalid size format: {size}. Expected format: WIDTHxHEIGHT"
+            print(f"[AI][{function_name}][Error] {error_msg}")
+            return {
+                'url': None,
+                'provider': 'bria',
+                'cost': 0.0,
+                'error': error_msg,
+            }
+        
+        # Bria API endpoint
+        url = 'https://engine.prod.bria-api.com/v1/text-to-image/base'
+        headers = {
+            'api_token': api_key,
+            'Content-Type': 'application/json'
+        }
+        
+        payload = {
+            'prompt': prompt,
+            'num_results': n,
+            'sync': True,  # Wait for result
+            'model_version': bria_model.replace('bria-', ''),  # e.g., '2.3'
+        }
+        
+        # Add negative prompt if provided
+        if negative_prompt:
+            payload['negative_prompt'] = negative_prompt
+        
+        # Add size constraints if not default
+        if width and height:
+            # Bria uses aspect ratio or fixed sizes
+            payload['width'] = width
+            payload['height'] = height
+        
+        print(f"[AI][{function_name}] Step 3: Sending request to Bria API...")
+        
+        request_start = time.time()
+        try:
+            response = requests.post(url, json=payload, headers=headers, timeout=150)
+            request_duration = time.time() - request_start
+            print(f"[AI][{function_name}] Step 4: Received response in {request_duration:.2f}s (status={response.status_code})")
+            
+            if response.status_code != 200:
+                error_msg = f"HTTP {response.status_code} error: {response.text[:200]}"
+                print(f"[AI][{function_name}][Error] {error_msg}")
+                return {
+                    'url': None,
+                    'provider': 'bria',
+                    'cost': 0.0,
+                    'error': error_msg,
+                }
+            
+            body = response.json()
+            print(f"[AI][{function_name}] Bria response keys: {list(body.keys()) if isinstance(body, dict) else type(body)}")
+            
+            # Bria returns { "result": [ { "urls": ["..."] } ] }
+            image_url = None
+            error_msg = None
+            
+            if isinstance(body, dict):
+                if 'result' in body and isinstance(body['result'], list) and len(body['result']) > 0:
+                    first_result = body['result'][0]
+                    if 'urls' in first_result and isinstance(first_result['urls'], list) and len(first_result['urls']) > 0:
+                        image_url = first_result['urls'][0]
+                    elif 'url' in first_result:
+                        image_url = first_result['url']
+                elif 'error' in body:
+                    error_msg = body['error']
+                elif 'message' in body:
+                    error_msg = body['message']
+            
+            if error_msg:
+                print(f"[AI][{function_name}][Error] Bria API error: {error_msg}")
+                return {
+                    'url': None,
+                    'provider': 'bria',
+                    'cost': 0.0,
+                    'error': error_msg,
+                }
+            
+            if image_url:
+                # Cost based on model
+                cost_per_image = {
+                    'bria-2.3': 0.015,
+                    'bria-2.3-fast': 0.010,
+                    'bria-2.2': 0.012,
+                }.get(bria_model, 0.015)
+                cost = cost_per_image * n
+                
+                print(f"[AI][{function_name}] Step 5: Image generated successfully")
+                print(f"[AI][{function_name}] Step 6: Cost: ${cost:.4f}")
+                print(f"[AI][{function_name}][Success] Image generation completed")
+                
+                return {
+                    'url': image_url,
+                    'provider': 'bria',
+                    'cost': cost,
+                    'error': None,
+                }
+            else:
+                error_msg = f'No image data in Bria response'
+                print(f"[AI][{function_name}][Error] {error_msg}")
+                logger.error(f"[AI][{function_name}] Full Bria response: {json.dumps(body, indent=2) if isinstance(body, dict) else str(body)}")
+                return {
+                    'url': None,
+                    'provider': 'bria',
+                    'cost': 0.0,
+                    'error': error_msg,
+                }
+        
+        except requests.exceptions.Timeout:
+            error_msg = 'Request timeout (150s exceeded)'
+            print(f"[AI][{function_name}][Error] {error_msg}")
+            return {
+                'url': None,
+                'provider': 'bria',
+                'cost': 0.0,
+                'error': error_msg,
+            }
+        except Exception as e:
+            error_msg = f'Unexpected error: {str(e)}'
+            print(f"[AI][{function_name}][Error] {error_msg}")
+            logger.error(error_msg, exc_info=True)
+            return {
+                'url': None,
+                'provider': 'bria',
+                'cost': 0.0,
+                'error': error_msg,
+            }
+    
     def calculate_cost(self, model: str, input_tokens: int, output_tokens: int, model_type: str = 'text') -> float:
-        """Calculate cost for API call"""
+        """Calculate cost for API call using ModelRegistry (database-driven)"""
+        from igny8_core.ai.model_registry import ModelRegistry
+        
         if model_type == 'text':
-            rates = MODEL_RATES.get(model, {'input': 2.00, 'output': 8.00})
-            input_cost = (input_tokens / 1_000_000) * rates['input']
-            output_cost = (output_tokens / 1_000_000) * rates['output']
-            return input_cost + output_cost
+            return float(ModelRegistry.calculate_cost(model, input_tokens=input_tokens, output_tokens=output_tokens))
         elif model_type == 'image':
-            rate = IMAGE_MODEL_RATES.get(model, 0.040)
-            return rate * 1
+            return float(ModelRegistry.calculate_cost(model, num_images=1))
         return 0.0
     
     # Legacy method names for backward compatibility
-    def call_openai(self, prompt: str, model: Optional[str] = None, max_tokens: int = 4000,
+    def call_openai(self, prompt: str, model: Optional[str] = None, max_tokens: int = 8192,
                     temperature: float = 0.7, response_format: Optional[Dict] = None,
                     api_key: Optional[str] = None) -> Dict[str, Any]:
-        """Legacy method - redirects to run_ai_request()"""
+        """DEPRECATED: Legacy method - redirects to run_ai_request(). Use run_ai_request() directly."""
         return self.run_ai_request(
             prompt=prompt,
             model=model,

backend/igny8_core/ai/constants.py

@@ -1,14 +1,27 @@
 """
-AI Constants - Model pricing, valid models, and configuration constants
+AI Constants - Configuration constants for AI operations
+
+NOTE: Model pricing (MODEL_RATES, IMAGE_MODEL_RATES) has been moved to the database
+via AIModelConfig. Use ModelRegistry to get model pricing:
+
+    from igny8_core.ai.model_registry import ModelRegistry
+    cost = ModelRegistry.calculate_cost(model_id, input_tokens=N, output_tokens=N)
+    
+The constants below are DEPRECATED and kept only for reference/backward compatibility.
+Do NOT use MODEL_RATES or IMAGE_MODEL_RATES in new code.
 """
-# Model pricing (per 1M tokens) - EXACT from reference plugin model-rates-config.php
+# DEPRECATED - Use AIModelConfig database table instead
+# Model pricing (per 1M tokens) - kept for reference only
 MODEL_RATES = {
     'gpt-4.1': {'input': 2.00, 'output': 8.00},
     'gpt-4o-mini': {'input': 0.15, 'output': 0.60},
     'gpt-4o': {'input': 2.50, 'output': 10.00},
+    'gpt-5.1': {'input': 1.25, 'output': 10.00},
+    'gpt-5.2': {'input': 1.75, 'output': 14.00},
 }
 
-# Image model pricing (per image) - EXACT from reference plugin
+# DEPRECATED - Use AIModelConfig database table instead
+# Image model pricing (per image) - kept for reference only
 IMAGE_MODEL_RATES = {
     'dall-e-3': 0.040,
     'dall-e-2': 0.020,
@@ -33,7 +46,7 @@ VALID_SIZES_BY_MODEL = {
 DEFAULT_AI_MODEL = 'gpt-4.1'
 
 # JSON mode supported models
-JSON_MODE_MODELS = ['gpt-4o', 'gpt-4o-mini', 'gpt-4-turbo-preview']
+JSON_MODE_MODELS = ['gpt-4o', 'gpt-4o-mini', 'gpt-4-turbo-preview', 'gpt-5.1', 'gpt-5.2']
 
 # Debug mode - controls console logging
 # Set to False in production to disable verbose logging

backend/igny8_core/ai/engine.py

@@ -31,13 +31,15 @@ class AIEngine:
         elif function_name == 'generate_ideas':
             return f"{count} cluster{'s' if count != 1 else ''}"
         elif function_name == 'generate_content':
-            return f"{count} task{'s' if count != 1 else ''}"
+            return f"{count} article{'s' if count != 1 else ''}"
         elif function_name == 'generate_images':
-            return f"{count} task{'s' if count != 1 else ''}"
+            return f"{count} image{'s' if count != 1 else ''}"
+        elif function_name == 'generate_image_prompts':
+            return f"{count} image prompt{'s' if count != 1 else ''}"
+        elif function_name == 'optimize_content':
+            return f"{count} article{'s' if count != 1 else ''}"
         elif function_name == 'generate_site_structure':
-            return "1 site blueprint"
-        elif function_name == 'generate_page_content':
-            return f"{count} page{'s' if count != 1 else ''}"
+            return "site blueprint"
         return f"{count} item{'s' if count != 1 else ''}"
     
     def _build_validation_message(self, function_name: str, payload: dict, count: int, input_description: str) -> str:
@@ -53,12 +55,22 @@ class AIEngine:
                     remaining = count - len(keyword_list)
                     if remaining > 0:
                         keywords_text = ', '.join(keyword_list)
-                        return f"Validating {keywords_text} and {remaining} more keyword{'s' if remaining != 1 else ''}"
+                        return f"Validating {count} keywords for clustering"
                     else:
                         keywords_text = ', '.join(keyword_list)
                         return f"Validating {keywords_text}"
             except Exception as e:
                 logger.warning(f"Failed to load keyword names for validation message: {e}")
+        elif function_name == 'generate_ideas':
+            return f"Analyzing {count} clusters for content opportunities"
+        elif function_name == 'generate_content':
+            return f"Preparing {count} article{'s' if count != 1 else ''} for generation"
+        elif function_name == 'generate_image_prompts':
+            return f"Analyzing content for image opportunities"
+        elif function_name == 'generate_images':
+            return f"Queuing {count} image{'s' if count != 1 else ''} for generation"
+        elif function_name == 'optimize_content':
+            return f"Analyzing {count} article{'s' if count != 1 else ''} for optimization"
         
         # Fallback to simple count message
         return f"Validating {input_description}"
@@ -66,24 +78,33 @@ class AIEngine:
     def _get_prep_message(self, function_name: str, count: int, data: Any) -> str:
         """Get user-friendly prep message"""
         if function_name == 'auto_cluster':
-            return f"Loading {count} keyword{'s' if count != 1 else ''}"
+            return f"Analyzing keyword relationships for {count} keyword{'s' if count != 1 else ''}"
         elif function_name == 'generate_ideas':
-            return f"Loading {count} cluster{'s' if count != 1 else ''}"
+            # Count keywords in clusters if available
+            keyword_count = 0
+            if isinstance(data, dict) and 'cluster_data' in data:
+                for cluster in data['cluster_data']:
+                    keyword_count += len(cluster.get('keywords', []))
+            if keyword_count > 0:
+                return f"Mapping {keyword_count} keywords to topic briefs"
+            return f"Mapping keywords to topic briefs for {count} cluster{'s' if count != 1 else ''}"
         elif function_name == 'generate_content':
-            return f"Preparing {count} content idea{'s' if count != 1 else ''}"
+            return f"Building content brief{'s' if count != 1 else ''} with target keywords"
         elif function_name == 'generate_images':
-            return f"Extracting image prompts from {count} task{'s' if count != 1 else ''}"
+            return f"Preparing AI image generation ({count} image{'s' if count != 1 else ''})"
         elif function_name == 'generate_image_prompts':
             # Extract max_images from data if available
             if isinstance(data, list) and len(data) > 0:
-                max_images = data[0].get('max_images', 2)
+                max_images = data[0].get('max_images')
                 total_images = 1 + max_images  # 1 featured + max_images in-article
-                return f"Mapping Content for {total_images} Image Prompts"
+                return f"Identifying 1 featured + {max_images} in-article image slots"
             elif isinstance(data, dict) and 'max_images' in data:
-                max_images = data.get('max_images', 2)
+                max_images = data.get('max_images')
                 total_images = 1 + max_images
-                return f"Mapping Content for {total_images} Image Prompts"
-            return f"Mapping Content for Image Prompts"
+                return f"Identifying 1 featured + {max_images} in-article image slots"
+            return f"Identifying featured and in-article image slots"
+        elif function_name == 'optimize_content':
+            return f"Analyzing SEO factors for {count} article{'s' if count != 1 else ''}"
         elif function_name == 'generate_site_structure':
             blueprint_name = ''
             if isinstance(data, dict):
@@ -91,83 +112,113 @@ class AIEngine:
                 if blueprint and getattr(blueprint, 'name', None):
                     blueprint_name = f'"{blueprint.name}"'
             return f"Preparing site blueprint {blueprint_name}".strip()
-        elif function_name == 'generate_page_content':
-            return f"Preparing {count} page{'s' if count != 1 else ''} for content generation"
         return f"Preparing {count} item{'s' if count != 1 else ''}"
     
     def _get_ai_call_message(self, function_name: str, count: int) -> str:
         """Get user-friendly AI call message"""
         if function_name == 'auto_cluster':
-            return f"Grouping {count} keyword{'s' if count != 1 else ''} into clusters"
+            return f"Grouping {count} keywords by search intent"
         elif function_name == 'generate_ideas':
             return f"Generating content ideas for {count} cluster{'s' if count != 1 else ''}"
         elif function_name == 'generate_content':
-            return f"Writing article{'s' if count != 1 else ''} with AI"
+            return f"Writing {count} article{'s' if count != 1 else ''} with AI"
         elif function_name == 'generate_images':
-            return f"Creating image{'s' if count != 1 else ''} with AI"
+            return f"Generating image{'s' if count != 1 else ''} with AI"
+        elif function_name == 'generate_image_prompts':
+            return f"Creating optimized prompts for {count} image{'s' if count != 1 else ''}"
+        elif function_name == 'optimize_content':
+            return f"Optimizing {count} article{'s' if count != 1 else ''} for SEO"
         elif function_name == 'generate_site_structure':
             return "Designing complete site architecture"
-        elif function_name == 'generate_page_content':
-            return f"Generating structured page content"
         return f"Processing with AI"
     
     def _get_parse_message(self, function_name: str) -> str:
         """Get user-friendly parse message"""
         if function_name == 'auto_cluster':
-            return "Organizing clusters"
+            return "Organizing semantic clusters"
         elif function_name == 'generate_ideas':
-            return "Structuring outlines"
+            return "Structuring article outlines"
         elif function_name == 'generate_content':
-            return "Formatting content"
+            return "Formatting HTML content and metadata"
         elif function_name == 'generate_images':
-            return "Processing images"
+            return "Processing generated images"
+        elif function_name == 'generate_image_prompts':
+            return "Refining contextual image descriptions"
+        elif function_name == 'optimize_content':
+            return "Compiling optimization scores"
         elif function_name == 'generate_site_structure':
             return "Compiling site map"
-        elif function_name == 'generate_page_content':
-            return "Structuring content blocks"
         return "Processing results"
     
     def _get_parse_message_with_count(self, function_name: str, count: int) -> str:
         """Get user-friendly parse message with count"""
         if function_name == 'auto_cluster':
-            return f"{count} cluster{'s' if count != 1 else ''} created"
+            return f"Organizing {count} semantic cluster{'s' if count != 1 else ''}"
         elif function_name == 'generate_ideas':
-            return f"{count} idea{'s' if count != 1 else ''} created"
+            return f"Structuring {count} article outline{'s' if count != 1 else ''}"
         elif function_name == 'generate_content':
-            return f"{count} article{'s' if count != 1 else ''} created"
+            return f"Formatting {count} article{'s' if count != 1 else ''}"
         elif function_name == 'generate_images':
-            return f"{count} image{'s' if count != 1 else ''} created"
+            return f"Processing {count} generated image{'s' if count != 1 else ''}"
         elif function_name == 'generate_image_prompts':
             # Count is total prompts, in-article is count - 1 (subtract featured)
             in_article_count = max(0, count - 1)
             if in_article_count > 0:
-                return f"Writing {in_article_count} In‑article Image Prompts"
-            return "Writing In‑article Image Prompts"
+                return f"Refining {in_article_count} in-article image description{'s' if in_article_count != 1 else ''}"
+            return "Refining image descriptions"
+        elif function_name == 'optimize_content':
+            return f"Compiling scores for {count} article{'s' if count != 1 else ''}"
         elif function_name == 'generate_site_structure':
             return f"{count} page blueprint{'s' if count != 1 else ''} mapped"
-        elif function_name == 'generate_page_content':
-            return f"{count} page{'s' if count != 1 else ''} with structured blocks"
         return f"{count} item{'s' if count != 1 else ''} processed"
     
     def _get_save_message(self, function_name: str, count: int) -> str:
         """Get user-friendly save message"""
         if function_name == 'auto_cluster':
-            return f"Saving {count} cluster{'s' if count != 1 else ''}"
+            return f"Saving {count} cluster{'s' if count != 1 else ''} with keywords"
         elif function_name == 'generate_ideas':
-            return f"Saving {count} idea{'s' if count != 1 else ''}"
+            return f"Saving {count} idea{'s' if count != 1 else ''} with outlines"
         elif function_name == 'generate_content':
             return f"Saving {count} article{'s' if count != 1 else ''}"
         elif function_name == 'generate_images':
-            return f"Saving {count} image{'s' if count != 1 else ''}"
+            return f"Uploading {count} image{'s' if count != 1 else ''} to media library"
         elif function_name == 'generate_image_prompts':
-            # Count is total prompts created
-            return f"Assigning {count} Prompts to Dedicated Slots"
+            in_article = max(0, count - 1)
+            return f"Assigning {count} prompts (1 featured + {in_article} in-article)"
+        elif function_name == 'optimize_content':
+            return f"Saving optimization scores for {count} article{'s' if count != 1 else ''}"
         elif function_name == 'generate_site_structure':
             return f"Publishing {count} page blueprint{'s' if count != 1 else ''}"
-        elif function_name == 'generate_page_content':
-            return f"Saving {count} page{'s' if count != 1 else ''} with content blocks"
         return f"Saving {count} item{'s' if count != 1 else ''}"
     
+    def _get_done_message(self, function_name: str, result: dict) -> str:
+        """Get user-friendly completion message with counts"""
+        count = result.get('count', 0)
+        
+        if function_name == 'auto_cluster':
+            keyword_count = result.get('keywords_clustered', 0)
+            return f"✓ Organized {keyword_count} keywords into {count} semantic cluster{'s' if count != 1 else ''}"
+        elif function_name == 'generate_ideas':
+            return f"✓ Created {count} content idea{'s' if count != 1 else ''} with detailed outlines"
+        elif function_name == 'generate_content':
+            total_words = result.get('total_words', 0)
+            if total_words > 0:
+                return f"✓ Generated {count} article{'s' if count != 1 else ''} ({total_words:,} words)"
+            return f"✓ Generated {count} article{'s' if count != 1 else ''}"
+        elif function_name == 'generate_images':
+            return f"✓ Generated and saved {count} AI image{'s' if count != 1 else ''}"
+        elif function_name == 'generate_image_prompts':
+            in_article = max(0, count - 1)
+            return f"✓ Created {count} image prompt{'s' if count != 1 else ''} (1 featured + {in_article} in-article)"
+        elif function_name == 'optimize_content':
+            avg_score = result.get('average_score', 0)
+            if avg_score > 0:
+                return f"✓ Optimized {count} article{'s' if count != 1 else ''} (avg score: {avg_score}%)"
+            return f"✓ Optimized {count} article{'s' if count != 1 else ''}"
+        elif function_name == 'generate_site_structure':
+            return f"✓ Created {count} page blueprint{'s' if count != 1 else ''}"
+        return f"✓ {count} item{'s' if count != 1 else ''} completed"
+    
     def execute(self, fn: BaseAIFunction, payload: dict) -> dict:
         """
         Unified execution pipeline for all AI functions.
@@ -255,12 +306,13 @@ class AIEngine:
             
             ai_core = AICore(account=self.account)
             function_name = fn.get_name()
-            
-            # Generate function_id for tracking (ai-{function_name}-01)
-            # Normalize underscores to hyphens to match frontend tracking IDs
-            function_id_base = function_name.replace('_', '-')
-            function_id = f"ai-{function_id_base}-01-desktop"
-            
+
+            # Generate prompt prefix for tracking (e.g., ##GP01-Clustering or ##CP01-Clustering)
+            # This replaces function_id and indicates whether prompt is global or custom
+            from igny8_core.ai.prompts import get_prompt_prefix_for_function
+            prompt_prefix = get_prompt_prefix_for_function(function_name, account=self.account)
+            logger.info(f"[AIEngine] Using prompt prefix: {prompt_prefix}")
+
             # Get model config from settings (requires account)
             # This will raise ValueError if IntegrationSettings not configured
             try:
@@ -298,7 +350,7 @@ class AIEngine:
                     temperature=model_config.get('temperature'),
                     response_format=model_config.get('response_format'),
                     function_name=function_name,
-                    function_id=function_id  # Pass function_id for tracking
+                    prompt_prefix=prompt_prefix  # Pass prompt prefix for tracking (replaces function_id)
                 )
             except Exception as e:
                 error_msg = f"AI call failed: {str(e)}"
@@ -388,18 +440,18 @@ class AIEngine:
                     # Map function name to operation type
                     operation_type = self._get_operation_type(function_name)
                     
-                    # Calculate actual amount based on results
-                    actual_amount = self._get_actual_amount(function_name, save_result, parsed, data)
+                    # Get actual token usage from response (AI returns 'input_tokens' and 'output_tokens')
+                    tokens_input = raw_response.get('input_tokens', 0)
+                    tokens_output = raw_response.get('output_tokens', 0)
                     
-                    # Deduct credits using the new convenience method
+                    # Deduct credits based on actual token usage
                     CreditService.deduct_credits_for_operation(
                         account=self.account,
                         operation_type=operation_type,
-                        amount=actual_amount,
+                        tokens_input=tokens_input,
+                        tokens_output=tokens_output,
                         cost_usd=raw_response.get('cost'),
                         model_used=raw_response.get('model', ''),
-                        tokens_input=raw_response.get('tokens_input', 0),
-                        tokens_output=raw_response.get('tokens_output', 0),
                         related_object_type=self._get_related_object_type(function_name),
                         related_object_id=save_result.get('id') or save_result.get('cluster_id') or save_result.get('task_id'),
                         metadata={
@@ -411,7 +463,10 @@ class AIEngine:
                         }
                     )
                     
-                    logger.info(f"[AIEngine] Credits deducted: {operation_type}, amount: {actual_amount}")
+                    logger.info(
+                        f"[AIEngine] Credits deducted: {operation_type}, "
+                        f"tokens: {tokens_input + tokens_output} ({tokens_input} in, {tokens_output} out)"
+                    )
                 except InsufficientCreditsError as e:
                     # This shouldn't happen since we checked before, but log it
                     logger.error(f"[AIEngine] Insufficient credits during deduction: {e}")
@@ -420,13 +475,16 @@ class AIEngine:
                     # Don't fail the operation if credit deduction fails (for backward compatibility)
             
             # Phase 6: DONE - Finalization (98-100%)
-            success_msg = f"Task completed: {final_save_msg}" if 'final_save_msg' in locals() else "Task completed successfully"
-            self.step_tracker.add_request_step("DONE", "success", "Task completed successfully")
-            self.tracker.update("DONE", 100, "Task complete!", meta=self.step_tracker.get_meta())
+            done_msg = self._get_done_message(function_name, save_result)
+            self.step_tracker.add_request_step("DONE", "success", done_msg)
+            self.tracker.update("DONE", 100, done_msg, meta=self.step_tracker.get_meta())
             
             # Log to database
             self._log_to_database(fn, payload, parsed, save_result)
             
+            # Create notification for successful completion
+            self._create_success_notification(function_name, save_result, payload)
+            
             return {
                 'success': True,
                 **save_result,
@@ -470,6 +528,9 @@ class AIEngine:
         
         self._log_to_database(fn, None, None, None, error=error)
         
+        # Create notification for failure
+        self._create_failure_notification(function_name, error)
+        
         return {
             'success': False,
             'error': error,
@@ -524,16 +585,14 @@ class AIEngine:
             'generate_image_prompts': 'image_prompt_extraction',
             'generate_images': 'image_generation',
             'generate_site_structure': 'site_structure_generation',
-            'generate_page_content': 'content_generation',  # Site Builder page content
         }
         return mapping.get(function_name, function_name)
     
     def _get_estimated_amount(self, function_name, data, payload):
         """Get estimated amount for credit calculation (before operation)"""
-        if function_name == 'generate_content' or function_name == 'generate_page_content':
+        if function_name == 'generate_content':
             # Estimate word count - tasks don't have word_count field, use default
-            # For generate_content, data is a list of Task objects
-            # For generate_page_content, data is a PageBlueprint object
+            # data is a list of Task objects
             if isinstance(data, list) and len(data) > 0:
                 # Multiple tasks - estimate 1000 words per task
                 return len(data) * 1000
@@ -554,7 +613,7 @@ class AIEngine:
     
     def _get_actual_amount(self, function_name, save_result, parsed, data):
         """Get actual amount for credit calculation (after operation)"""
-        if function_name == 'generate_content' or function_name == 'generate_page_content':
+        if function_name == 'generate_content':
             # Get actual word count from saved content
             if isinstance(save_result, dict):
                 word_count = save_result.get('word_count')
@@ -599,4 +658,104 @@ class AIEngine:
             'generate_site_structure': 'site_blueprint',
         }
         return mapping.get(function_name, 'unknown')
+    
+    def _create_success_notification(self, function_name: str, save_result: dict, payload: dict):
+        """Create notification for successful AI task completion"""
+        if not self.account:
+            return
+        
+        # Lazy import to avoid circular dependency and Django app loading issues
+        from igny8_core.business.notifications.services import NotificationService
+        
+        # Get site from payload if available
+        site = None
+        site_id = payload.get('site_id')
+        if site_id:
+            try:
+                from igny8_core.auth.models import Site
+                site = Site.objects.get(id=site_id, account=self.account)
+            except:
+                pass
+        
+        try:
+            # Map function to appropriate notification method
+            if function_name == 'auto_cluster':
+                NotificationService.notify_clustering_complete(
+                    account=self.account,
+                    site=site,
+                    cluster_count=save_result.get('clusters_created', 0),
+                    keyword_count=save_result.get('keywords_updated', 0)
+                )
+            elif function_name == 'generate_ideas':
+                NotificationService.notify_ideas_complete(
+                    account=self.account,
+                    site=site,
+                    idea_count=save_result.get('count', 0),
+                    cluster_count=len(payload.get('ids', []))
+                )
+            elif function_name == 'generate_content':
+                NotificationService.notify_content_complete(
+                    account=self.account,
+                    site=site,
+                    article_count=save_result.get('count', 0),
+                    word_count=save_result.get('word_count', 0)
+                )
+            elif function_name == 'generate_image_prompts':
+                NotificationService.notify_prompts_complete(
+                    account=self.account,
+                    site=site,
+                    prompt_count=save_result.get('count', 0)
+                )
+            elif function_name == 'generate_images':
+                NotificationService.notify_images_complete(
+                    account=self.account,
+                    site=site,
+                    image_count=save_result.get('count', 0)
+                )
+            
+            logger.info(f"[AIEngine] Created success notification for {function_name}")
+        except Exception as e:
+            # Don't fail the task if notification creation fails
+            logger.warning(f"[AIEngine] Failed to create success notification: {e}", exc_info=True)
+    
+    def _create_failure_notification(self, function_name: str, error: str):
+        """Create notification for failed AI task"""
+        if not self.account:
+            return
+        
+        # Lazy import to avoid circular dependency and Django app loading issues
+        from igny8_core.business.notifications.services import NotificationService
+        
+        try:
+            # Map function to appropriate failure notification method
+            if function_name == 'auto_cluster':
+                NotificationService.notify_clustering_failed(
+                    account=self.account,
+                    error=error
+                )
+            elif function_name == 'generate_ideas':
+                NotificationService.notify_ideas_failed(
+                    account=self.account,
+                    error=error
+                )
+            elif function_name == 'generate_content':
+                NotificationService.notify_content_failed(
+                    account=self.account,
+                    error=error
+                )
+            elif function_name == 'generate_image_prompts':
+                NotificationService.notify_prompts_failed(
+                    account=self.account,
+                    error=error
+                )
+            elif function_name == 'generate_images':
+                NotificationService.notify_images_failed(
+                    account=self.account,
+                    error=error
+                )
+            
+            logger.info(f"[AIEngine] Created failure notification for {function_name}")
+        except Exception as e:
+            # Don't fail the task if notification creation fails
+            logger.warning(f"[AIEngine] Failed to create failure notification: {e}", exc_info=True)
 

backend/igny8_core/ai/functions/__init__.py

@@ -6,8 +6,6 @@ from igny8_core.ai.functions.generate_ideas import GenerateIdeasFunction
 from igny8_core.ai.functions.generate_content import GenerateContentFunction
 from igny8_core.ai.functions.generate_images import GenerateImagesFunction, generate_images_core
 from igny8_core.ai.functions.generate_image_prompts import GenerateImagePromptsFunction
-from igny8_core.ai.functions.generate_site_structure import GenerateSiteStructureFunction
-from igny8_core.ai.functions.generate_page_content import GeneratePageContentFunction
 
 __all__ = [
     'AutoClusterFunction',
@@ -16,6 +14,4 @@ __all__ = [
     'GenerateImagesFunction',
     'generate_images_core',
     'GenerateImagePromptsFunction',
-    'GenerateSiteStructureFunction',
-    'GeneratePageContentFunction',
 ]

backend/igny8_core/ai/functions/auto_cluster.py

@@ -40,6 +40,7 @@ class AutoClusterFunction(BaseAIFunction):
     def validate(self, payload: dict, account=None) -> Dict:
         """Custom validation for clustering"""
         from igny8_core.ai.validators import validate_ids, validate_keywords_exist
+        from igny8_core.ai.validators.cluster_validators import validate_minimum_keywords
         
         # Base validation (no max_items limit)
         result = validate_ids(payload, max_items=None)
@@ -52,6 +53,21 @@ class AutoClusterFunction(BaseAIFunction):
         if not keywords_result['valid']:
             return keywords_result
         
+        # NEW: Validate minimum keywords (5 required for meaningful clustering)
+        min_validation = validate_minimum_keywords(
+            keyword_ids=ids,
+            account=account,
+            min_required=5
+        )
+        
+        if not min_validation['valid']:
+            logger.warning(f"[AutoCluster] Validation failed: {min_validation['error']}")
+            return min_validation
+        
+        logger.info(
+            f"[AutoCluster] Validation passed: {min_validation['count']} keywords available (min: {min_validation['required']})"
+        )
+        
         # Removed plan limits check
         
         return {'valid': True}
@@ -81,7 +97,6 @@ class AutoClusterFunction(BaseAIFunction):
                     'keyword': kw.keyword,
                     'volume': kw.volume,
                     'difficulty': kw.difficulty,
-                    'intent': kw.intent,
                 }
                 for kw in keywords
             ],
@@ -95,7 +110,7 @@ class AutoClusterFunction(BaseAIFunction):
         
         # Format keywords
         keywords_text = '\n'.join([
-            f"- {kw['keyword']} (Volume: {kw['volume']}, Difficulty: {kw['difficulty']}, Intent: {kw['intent']})"
+            f"- {kw['keyword']} (Volume: {kw['volume']}, Difficulty: {kw['difficulty']})"
             for kw in keyword_data
         ])
         
@@ -249,7 +264,7 @@ class AutoClusterFunction(BaseAIFunction):
                         sector=sector,
                         defaults={
                             'description': cluster_data.get('description', ''),
-                            'status': 'active',
+                            'status': 'new',  # FIXED: Changed from 'active' to 'new'
                         }
                     )
                 else:
@@ -260,7 +275,7 @@ class AutoClusterFunction(BaseAIFunction):
                         sector__isnull=True,
                         defaults={
                             'description': cluster_data.get('description', ''),
-                            'status': 'active',
+                            'status': 'new',  # FIXED: Changed from 'active' to 'new'
                             'sector': None,
                         }
                     )
@@ -292,9 +307,10 @@ class AutoClusterFunction(BaseAIFunction):
                     else:
                         keyword_filter = keyword_filter.filter(sector__isnull=True)
                     
+                    # FIXED: Ensure keywords status updates from 'new' to 'mapped'
                     updated_count = keyword_filter.update(
                         cluster=cluster,
-                        status='mapped'
+                        status='mapped'  # Status changes from 'new' to 'mapped'
                     )
                     keywords_updated += updated_count
             

backend/igny8_core/ai/functions/generate_content.py

@@ -8,6 +8,7 @@ from typing import Dict, List, Any
 from django.db import transaction
 from igny8_core.ai.base import BaseAIFunction
 from igny8_core.modules.writer.models import Tasks, Content
+from igny8_core.business.content.models import ContentTaxonomy
 from igny8_core.ai.ai_core import AICore
 from igny8_core.ai.validators import validate_tasks_exist
 from igny8_core.ai.prompts import PromptRegistry
@@ -161,6 +162,7 @@ class GenerateContentFunction(BaseAIFunction):
         """
         STAGE 3: Save content using final Stage 1 Content model schema.
         Creates independent Content record (no OneToOne to Task).
+        Handles tags and categories from AI response.
         """
         if isinstance(original_data, list):
             task = original_data[0] if original_data else None
@@ -179,6 +181,16 @@ class GenerateContentFunction(BaseAIFunction):
             meta_description = parsed.get('meta_description') or parsed.get('seo_description')
             primary_keyword = parsed.get('primary_keyword') or parsed.get('focus_keyword')
             secondary_keywords = parsed.get('secondary_keywords') or parsed.get('keywords', [])
+            # Extract tags and categories from AI response
+            tags_from_response = parsed.get('tags', [])
+            categories_from_response = parsed.get('categories', [])
+            
+            # DEBUG: Log the full parsed response to see what we're getting
+            logger.info(f"===== GENERATE CONTENT DEBUG =====")
+            logger.info(f"Full parsed response keys: {list(parsed.keys())}")
+            logger.info(f"Tags from response (type: {type(tags_from_response)}): {tags_from_response}")
+            logger.info(f"Categories from response (type: {type(categories_from_response)}): {categories_from_response}")
+            logger.info(f"==================================")
         else:
             # Plain text response
             content_html = str(parsed)
@@ -187,6 +199,8 @@ class GenerateContentFunction(BaseAIFunction):
             meta_description = None
             primary_keyword = None
             secondary_keywords = []
+            tags_from_response = []
+            categories_from_response = []
         
         # Calculate word count
         word_count = 0
@@ -218,17 +232,98 @@ class GenerateContentFunction(BaseAIFunction):
             sector=task.sector,
         )
         
+        logger.info(f"Created content record ID: {content_record.id}")
+        logger.info(f"Processing taxonomies - Tags: {len(tags_from_response) if tags_from_response else 0}, Categories: {len(categories_from_response) if categories_from_response else 0}")
+        
         # Link taxonomy terms from task if available
         if task.taxonomy_term:
             content_record.taxonomy_terms.add(task.taxonomy_term)
+            logger.info(f"Added task taxonomy term: {task.taxonomy_term.name}")
         
-        # Link all keywords from task as taxonomy terms (if they have taxonomy mappings)
-        # This is optional - keywords are M2M on Task, not directly on Content
+        # Process tags from AI response
+        logger.info(f"Starting tag processing: {tags_from_response}")
+        if tags_from_response and isinstance(tags_from_response, list):
+            from django.utils.text import slugify
+            for tag_name in tags_from_response:
+                logger.info(f"Processing tag: '{tag_name}' (type: {type(tag_name)})")
+                if tag_name and isinstance(tag_name, str):
+                    tag_name = tag_name.strip()
+                    if tag_name:
+                        try:
+                            tag_slug = slugify(tag_name)
+                            logger.info(f"Creating/finding tag: name='{tag_name}', slug='{tag_slug}'")
+                            # Get or create tag taxonomy term using site + slug + type for uniqueness
+                            tag_obj, created = ContentTaxonomy.objects.get_or_create(
+                                site=task.site,
+                                slug=tag_slug,
+                                taxonomy_type='tag',
+                                defaults={
+                                    'name': tag_name,
+                                    'sector': task.sector,
+                                    'account': task.account,
+                                    'description': '',
+                                    'external_taxonomy': '',
+                                    'sync_status': '',
+                                    'count': 0,
+                                    'metadata': {},
+                                }
+                            )
+                            content_record.taxonomy_terms.add(tag_obj)
+                            logger.info(f"✅ {'Created' if created else 'Found'} and linked tag: {tag_name} (ID: {tag_obj.id}, Slug: {tag_slug})")
+                        except Exception as e:
+                            logger.error(f"❌ Failed to add tag '{tag_name}': {e}", exc_info=True)
+                else:
+                    logger.warning(f"Skipping invalid tag: '{tag_name}' (type: {type(tag_name)})")
+        else:
+            logger.info(f"No tags to process or tags_from_response is not a list: {type(tags_from_response)}")
+        
+        # Process categories from AI response
+        logger.info(f"Starting category processing: {categories_from_response}")
+        if categories_from_response and isinstance(categories_from_response, list):
+            from django.utils.text import slugify
+            for category_name in categories_from_response:
+                logger.info(f"Processing category: '{category_name}' (type: {type(category_name)})")
+                if category_name and isinstance(category_name, str):
+                    category_name = category_name.strip()
+                    if category_name:
+                        try:
+                            category_slug = slugify(category_name)
+                            logger.info(f"Creating/finding category: name='{category_name}', slug='{category_slug}'")
+                            # Get or create category taxonomy term using site + slug + type for uniqueness
+                            category_obj, created = ContentTaxonomy.objects.get_or_create(
+                                site=task.site,
+                                slug=category_slug,
+                                taxonomy_type='category',
+                                defaults={
+                                    'name': category_name,
+                                    'sector': task.sector,
+                                    'account': task.account,
+                                    'description': '',
+                                    'external_taxonomy': '',
+                                    'sync_status': '',
+                                    'count': 0,
+                                    'metadata': {},
+                                }
+                            )
+                            content_record.taxonomy_terms.add(category_obj)
+                            logger.info(f"✅ {'Created' if created else 'Found'} and linked category: {category_name} (ID: {category_obj.id}, Slug: {category_slug})")
+                        except Exception as e:
+                            logger.error(f"❌ Failed to add category '{category_name}': {e}", exc_info=True)
+                else:
+                    logger.warning(f"Skipping invalid category: '{category_name}' (type: {type(category_name)})")
+        else:
+            logger.info(f"No categories to process or categories_from_response is not a list: {type(categories_from_response)}")
         
         # STAGE 3: Update task status to completed
         task.status = 'completed'
         task.save(update_fields=['status', 'updated_at'])
         
+        # NEW: Auto-sync idea status from task status
+        if hasattr(task, 'idea') and task.idea:
+            task.idea.status = 'completed'
+            task.idea.save(update_fields=['status', 'updated_at'])
+            logger.info(f"Updated related idea ID {task.idea.id} to completed")
+        
         return {
             'count': 1,
             'content_id': content_record.id,

backend/igny8_core/ai/functions/generate_ideas.py

@@ -227,6 +227,11 @@ class GenerateIdeasFunction(BaseAIFunction):
                     sector=cluster.sector,
                 )
                 ideas_created += 1
+                
+                # Update cluster status to 'mapped' after ideas are generated
+                if cluster and cluster.status == 'new':
+                    cluster.status = 'mapped'
+                    cluster.save()
         
         return {
             'count': ideas_created,

backend/igny8_core/ai/functions/generate_image_prompts.py

@@ -93,7 +93,7 @@ class GenerateImagePromptsFunction(BaseAIFunction):
             data = data[0]
         
         extracted = data['extracted']
-        max_images = data.get('max_images', 2)
+        max_images = data.get('max_images')
         
         # Format content for prompt
         content_text = self._format_content_for_prompt(extracted)
@@ -112,7 +112,7 @@ class GenerateImagePromptsFunction(BaseAIFunction):
         return prompt
     
     def parse_response(self, response: str, step_tracker=None) -> Dict:
-        """Parse AI response - same pattern as other functions"""
+        """Parse AI response with new structure including captions"""
         ai_core = AICore(account=getattr(self, 'account', None))
         json_data = ai_core.extract_json(response)
         
@@ -123,9 +123,28 @@ class GenerateImagePromptsFunction(BaseAIFunction):
         if 'featured_prompt' not in json_data:
             raise ValueError("Missing 'featured_prompt' in AI response")
         
+        if 'featured_caption' not in json_data:
+            raise ValueError("Missing 'featured_caption' in AI response")
+        
         if 'in_article_prompts' not in json_data:
             raise ValueError("Missing 'in_article_prompts' in AI response")
         
+        # Validate in_article_prompts structure (should be list of objects with prompt & caption)
+        in_article_prompts = json_data.get('in_article_prompts', [])
+        if in_article_prompts:
+            for idx, item in enumerate(in_article_prompts):
+                if isinstance(item, dict):
+                    if 'prompt' not in item:
+                        raise ValueError(f"Missing 'prompt' in in_article_prompts[{idx}]")
+                    if 'caption' not in item:
+                        raise ValueError(f"Missing 'caption' in in_article_prompts[{idx}]")
+                else:
+                    # Legacy format (just string) - convert to new format
+                    in_article_prompts[idx] = {
+                        'prompt': str(item),
+                        'caption': ''  # Empty caption for legacy data
+                    }
+        
         return json_data
     
     def save_output(
@@ -146,36 +165,47 @@ class GenerateImagePromptsFunction(BaseAIFunction):
         
         content = original_data['content']
         extracted = original_data['extracted']
-        max_images = original_data.get('max_images', 2)
+        max_images = original_data.get('max_images')
         
         prompts_created = 0
         
         with transaction.atomic():
-            # Save featured image prompt - use content instead of task
+            # Save featured image prompt with caption
             Images.objects.update_or_create(
                 content=content,
                 image_type='featured',
                 defaults={
                     'prompt': parsed['featured_prompt'],
+                    'caption': parsed.get('featured_caption', ''),
                     'status': 'pending',
                     'position': 0,
                 }
             )
             prompts_created += 1
             
-            # Save in-article image prompts
+            # Save in-article image prompts with captions
             in_article_prompts = parsed.get('in_article_prompts', [])
             h2_headings = extracted.get('h2_headings', [])
             
-            for idx, prompt_text in enumerate(in_article_prompts[:max_images]):
-                heading = h2_headings[idx] if idx < len(h2_headings) else f"Section {idx + 1}"
+            for idx, prompt_data in enumerate(in_article_prompts[:max_images]):
+                # Handle both new format (dict with prompt & caption) and legacy format (string)
+                if isinstance(prompt_data, dict):
+                    prompt_text = prompt_data.get('prompt', '')
+                    caption_text = prompt_data.get('caption', '')
+                else:
+                    # Legacy format - just a string prompt
+                    prompt_text = str(prompt_data)
+                    caption_text = ''
+                
+                heading = h2_headings[idx] if idx < len(h2_headings) else f"Section {idx}"
                 
                 Images.objects.update_or_create(
                     content=content,
                     image_type='in_article',
-                    position=idx + 1,
+                    position=idx,  # 0-based position matching section array indices
                     defaults={
                         'prompt': prompt_text,
+                        'caption': caption_text,
                         'status': 'pending',
                     }
                 )
@@ -188,16 +218,14 @@ class GenerateImagePromptsFunction(BaseAIFunction):
     
     # Helper methods
     def _get_max_in_article_images(self, account) -> int:
-        """Get max_in_article_images from IntegrationSettings"""
-        try:
-            from igny8_core.modules.system.models import IntegrationSettings
-            settings = IntegrationSettings.objects.get(
-                account=account,
-                integration_type='image_generation'
-            )
-            return settings.config.get('max_in_article_images', 2)
-        except IntegrationSettings.DoesNotExist:
-            return 2  # Default
+        """
+        Get max_in_article_images from AISettings (with account override).
+        """
+        from igny8_core.modules.system.ai_settings import AISettings
+        
+        max_images = AISettings.get_effective_max_images(account)
+        logger.info(f"Using max_in_article_images={max_images} for account {account.id}")
+        return max_images
     
     def _extract_content_elements(self, content: Content, max_images: int) -> Dict:
         """Extract title, intro paragraphs, and H2 headings from content HTML"""

backend/igny8_core/ai/functions/generate_images.py

@@ -67,42 +67,39 @@ class GenerateImagesFunction(BaseAIFunction):
         if not tasks:
             raise ValueError("No tasks found")
         
-        # Get image generation settings
-        image_settings = {}
-        if account:
-            try:
-                from igny8_core.modules.system.models import IntegrationSettings
-                integration = IntegrationSettings.objects.get(
-                    account=account,
-                    integration_type='image_generation',
-                    is_active=True
-                )
-                image_settings = integration.config or {}
-            except Exception:
-                pass
+        # Get image generation settings from AISettings (with account overrides)
+        from igny8_core.modules.system.ai_settings import AISettings
+        from igny8_core.ai.model_registry import ModelRegistry
         
-        # Extract settings with defaults
-        provider = image_settings.get('provider') or image_settings.get('service', 'openai')
-        if provider == 'runware':
-            model = image_settings.get('model') or image_settings.get('runwareModel', 'runware:97@1')
+        # Get effective settings (AISettings + AccountSettings overrides)
+        image_style = AISettings.get_effective_image_style(account)
+        max_images = AISettings.get_effective_max_images(account)
+        
+        # Get default image model and provider from database
+        default_model = ModelRegistry.get_default_model('image')
+        if default_model:
+            model_config = ModelRegistry.get_model(default_model)
+            provider = model_config.provider if model_config else 'openai'
+            model = default_model
         else:
-            model = image_settings.get('model', 'dall-e-3')
+            provider = 'openai'
+            model = 'dall-e-3'
+        
+        logger.info(f"Using image settings: provider={provider}, model={model}, style={image_style}, max={max_images}")
         
         return {
             'tasks': tasks,
             'account': account,
             'provider': provider,
             'model': model,
-            'image_type': image_settings.get('image_type', 'realistic'),
-            'max_in_article_images': int(image_settings.get('max_in_article_images', 2)),
-            'desktop_enabled': image_settings.get('desktop_enabled', True),
-            'mobile_enabled': image_settings.get('mobile_enabled', True),
+            'image_type': image_style,
+            'max_in_article_images': max_images,
         }
     
     def build_prompt(self, data: Dict, account=None) -> Dict:
         """Extract image prompts from task content"""
         task = data.get('task')
-        max_images = data.get('max_in_article_images', 2)
+        max_images = data.get('max_in_article_images')
         
         if not task or not task.content:
             raise ValueError("Task has no content")

backend/igny8_core/ai/functions/generate_page_content.py

@@ -1,273 +0,0 @@
-"""
-Generate Page Content AI Function
-Site Builder specific content generation that outputs structured JSON blocks.
-
-This is separate from the default writer module's GenerateContentFunction.
-It uses different prompts optimized for site builder pages and outputs
-structured blocks_json format instead of HTML.
-"""
-import logging
-import json
-from typing import Dict, List, Any
-from django.db import transaction
-from igny8_core.ai.base import BaseAIFunction
-from igny8_core.business.site_building.models import PageBlueprint
-from igny8_core.business.content.models import Tasks, Content
-from igny8_core.ai.ai_core import AICore
-from igny8_core.ai.prompts import PromptRegistry
-from igny8_core.ai.settings import get_model_config
-
-logger = logging.getLogger(__name__)
-
-
-class GeneratePageContentFunction(BaseAIFunction):
-    """
-    Generate structured page content for Site Builder pages.
-    Outputs JSON blocks format optimized for site rendering.
-    """
-    
-    def get_name(self) -> str:
-        return 'generate_page_content'
-    
-    def get_metadata(self) -> Dict:
-        return {
-            'display_name': 'Generate Page Content',
-            'description': 'Generate structured page content with JSON blocks for Site Builder',
-            'phases': {
-                'INIT': 'Initializing page content generation...',
-                'PREP': 'Loading page blueprint and building prompt...',
-                'AI_CALL': 'Generating structured content with AI...',
-                'PARSE': 'Parsing JSON blocks...',
-                'SAVE': 'Saving blocks to page...',
-                'DONE': 'Page content generated!'
-            }
-        }
-    
-    def get_max_items(self) -> int:
-        return 20  # Max pages per batch
-    
-    def validate(self, payload: dict, account=None) -> Dict:
-        """Validate page blueprint IDs"""
-        result = super().validate(payload, account)
-        if not result['valid']:
-            return result
-        
-        page_ids = payload.get('ids', [])
-        if page_ids:
-            from igny8_core.business.site_building.models import PageBlueprint
-            queryset = PageBlueprint.objects.filter(id__in=page_ids)
-            if account:
-                queryset = queryset.filter(account=account)
-            
-            if queryset.count() == 0:
-                return {'valid': False, 'error': 'No page blueprints found'}
-        
-        return {'valid': True}
-    
-    def prepare(self, payload: dict, account=None) -> List:
-        """Load page blueprints with relationships"""
-        page_ids = payload.get('ids', [])
-        
-        queryset = PageBlueprint.objects.filter(id__in=page_ids)
-        if account:
-            queryset = queryset.filter(account=account)
-        
-        # Preload relationships
-        pages = list(queryset.select_related(
-            'site_blueprint', 'account', 'site', 'sector'
-        ))
-        
-        if not pages:
-            raise ValueError("No page blueprints found")
-        
-        return pages
-    
-    def build_prompt(self, data: Any, account=None) -> str:
-        """Build page content generation prompt optimized for Site Builder"""
-        if isinstance(data, list):
-            page = data[0] if data else None
-        else:
-            page = data
-        
-        if not page:
-            raise ValueError("No page blueprint provided")
-        
-        account = account or page.account
-        
-        # Build page context
-        page_context = {
-            'PAGE_TITLE': page.title or page.slug.replace('-', ' ').title(),
-            'PAGE_SLUG': page.slug,
-            'PAGE_TYPE': page.type or 'custom',
-            'SITE_NAME': page.site_blueprint.name if page.site_blueprint else '',
-            'SITE_DESCRIPTION': page.site_blueprint.description or '',
-        }
-        
-        # Extract existing block structure hints
-        block_hints = []
-        if page.blocks_json:
-            for block in page.blocks_json[:5]:  # First 5 blocks as hints
-                if isinstance(block, dict):
-                    block_type = block.get('type', '')
-                    heading = block.get('heading') or block.get('title') or ''
-                    if block_type and heading:
-                        block_hints.append(f"- {block_type}: {heading}")
-        
-        if block_hints:
-            page_context['EXISTING_BLOCKS'] = '\n'.join(block_hints)
-        else:
-            page_context['EXISTING_BLOCKS'] = 'None (new page)'
-        
-        # Get site blueprint structure hints
-        structure_hints = ''
-        if page.site_blueprint and page.site_blueprint.structure_json:
-            structure = page.site_blueprint.structure_json
-            if isinstance(structure, dict):
-                layout = structure.get('layout', 'default')
-                theme = structure.get('theme', {})
-                structure_hints = f"Layout: {layout}\nTheme: {json.dumps(theme, indent=2)}"
-        
-        page_context['STRUCTURE_HINTS'] = structure_hints or 'Default layout'
-        
-        # Get prompt from registry (site-builder specific)
-        prompt = PromptRegistry.get_prompt(
-            function_name='generate_page_content',
-            account=account,
-            context=page_context
-        )
-        
-        return prompt
-    
-    def parse_response(self, response: str, step_tracker=None) -> Dict:
-        """Parse AI response - must be JSON with blocks structure"""
-        import json
-        
-        # Try to extract JSON from response
-        try:
-            # Try direct JSON parse
-            parsed = json.loads(response.strip())
-        except json.JSONDecodeError:
-            # Try to extract JSON object from text
-            try:
-                # Look for JSON object in response
-                start = response.find('{')
-                end = response.rfind('}')
-                if start != -1 and end != -1 and end > start:
-                    json_str = response[start:end + 1]
-                    parsed = json.loads(json_str)
-                else:
-                    raise ValueError("No JSON object found in response")
-            except (json.JSONDecodeError, ValueError) as e:
-                logger.error(f"Failed to parse page content response as JSON: {e}")
-                logger.error(f"Response preview: {response[:500]}")
-                raise ValueError(f"Invalid JSON response from AI: {str(e)}")
-        
-        if not isinstance(parsed, dict):
-            raise ValueError("Response must be a JSON object")
-        
-        # Validate required fields
-        if 'blocks' not in parsed and 'blocks_json' not in parsed:
-            raise ValueError("Response must include 'blocks' or 'blocks_json' field")
-        
-        # Normalize to 'blocks' key
-        if 'blocks_json' in parsed:
-            parsed['blocks'] = parsed.pop('blocks_json')
-        
-        return parsed
-    
-    def save_output(
-        self,
-        parsed: Any,
-        original_data: Any,
-        account=None,
-        progress_tracker=None,
-        step_tracker=None
-    ) -> Dict:
-        """Save blocks to PageBlueprint and create/update Content record"""
-        if isinstance(original_data, list):
-            page = original_data[0] if original_data else None
-        else:
-            page = original_data
-        
-        if not page:
-            raise ValueError("No page blueprint provided for saving")
-        
-        if not isinstance(parsed, dict):
-            raise ValueError("Parsed response must be a dict")
-        
-        blocks = parsed.get('blocks', [])
-        if not blocks:
-            raise ValueError("No blocks found in parsed response")
-        
-        # Ensure blocks is a list
-        if not isinstance(blocks, list):
-            blocks = [blocks]
-        
-        with transaction.atomic():
-            # Update PageBlueprint with generated blocks
-            page.blocks_json = blocks
-            page.status = 'ready'  # Mark as ready after content generation
-            page.save(update_fields=['blocks_json', 'status', 'updated_at'])
-            
-            # Find or create associated Task
-            task_title = f"[Site Builder] {page.title or page.slug.replace('-', ' ').title()}"
-            task = Tasks.objects.filter(
-                account=page.account,
-                site=page.site,
-                sector=page.sector,
-                title=task_title
-            ).first()
-            
-            # Create or update Content record with blocks
-            if task:
-                content_record, created = Content.objects.get_or_create(
-                    task=task,
-                    defaults={
-                        'account': page.account,
-                        'site': page.site,
-                        'sector': page.sector,
-                        'title': parsed.get('title') or page.title,
-                        'html_content': parsed.get('html_content', ''),
-                        'word_count': parsed.get('word_count', 0),
-                        'status': 'draft',
-                        'json_blocks': blocks,  # Store blocks in json_blocks
-                        'metadata': {
-                            'page_id': page.id,
-                            'page_slug': page.slug,
-                            'page_type': page.type,
-                            'generated_by': 'generate_page_content'
-                        }
-                    }
-                )
-                
-                if not created:
-                    # Update existing content
-                    content_record.json_blocks = blocks
-                    content_record.html_content = parsed.get('html_content', content_record.html_content)
-                    content_record.word_count = parsed.get('word_count', content_record.word_count)
-                    content_record.title = parsed.get('title') or content_record.title or page.title
-                    if not content_record.metadata:
-                        content_record.metadata = {}
-                    content_record.metadata.update({
-                        'page_id': page.id,
-                        'page_slug': page.slug,
-                        'page_type': page.type,
-                        'generated_by': 'generate_page_content'
-                    })
-                    content_record.save()
-            else:
-                logger.warning(f"No task found for page {page.id}, skipping Content record creation")
-                content_record = None
-            
-            logger.info(
-                f"[GeneratePageContentFunction] Saved {len(blocks)} blocks to page {page.id} "
-                f"(Content ID: {content_record.id if content_record else 'N/A'})"
-            )
-        
-        return {
-            'count': 1,
-            'pages_updated': 1,
-            'blocks_count': len(blocks),
-            'content_id': content_record.id if content_record else None
-        }
-

backend/igny8_core/ai/functions/generate_site_structure.py

@@ -1,214 +0,0 @@
-"""
-Generate Site Structure AI Function
-Phase 3 – Site Builder
-"""
-import json
-import logging
-from typing import Any, Dict, List, Tuple
-
-from django.utils.text import slugify
-
-from igny8_core.ai.base import BaseAIFunction
-from igny8_core.ai.prompts import PromptRegistry
-from igny8_core.business.site_building.models import SiteBlueprint, PageBlueprint
-
-logger = logging.getLogger(__name__)
-
-
-class GenerateSiteStructureFunction(BaseAIFunction):
-    """AI function that turns a business brief into a full site blueprint."""
-
-    def get_name(self) -> str:
-        return 'generate_site_structure'
-
-    def get_metadata(self) -> Dict:
-        metadata = super().get_metadata()
-        metadata.update({
-            'display_name': 'Generate Site Structure',
-            'description': 'Create site/page architecture from business brief, objectives, and style guides.',
-            'phases': {
-                'INIT': 'Validating blueprint data…',
-                'PREP': 'Preparing site context…',
-                'AI_CALL': 'Generating site structure with AI…',
-                'PARSE': 'Parsing generated blueprint…',
-                'SAVE': 'Saving pages and blocks…',
-                'DONE': 'Site structure ready!'
-            }
-        })
-        return metadata
-
-    def validate(self, payload: dict, account=None) -> Dict[str, Any]:
-        if not payload.get('ids'):
-            return {'valid': False, 'error': 'Site blueprint ID is required'}
-        return {'valid': True}
-
-    def prepare(self, payload: dict, account=None) -> Dict[str, Any]:
-        blueprint_ids = payload.get('ids', [])
-        queryset = SiteBlueprint.objects.filter(id__in=blueprint_ids)
-        if account:
-            queryset = queryset.filter(account=account)
-        blueprint = queryset.select_related('account', 'site').prefetch_related('pages').first()
-        if not blueprint:
-            raise ValueError("Site blueprint not found")
-
-        config = blueprint.config_json or {}
-        business_brief = payload.get('business_brief') or config.get('business_brief') or ''
-        objectives = payload.get('objectives') or config.get('objectives') or []
-        style = payload.get('style') or config.get('style') or {}
-
-        return {
-            'blueprint': blueprint,
-            'business_brief': business_brief,
-            'objectives': objectives,
-            'style': style,
-        }
-
-    def build_prompt(self, data: Dict[str, Any], account=None) -> str:
-        blueprint: SiteBlueprint = data['blueprint']
-        objectives = data.get('objectives') or []
-        objectives_text = '\n'.join(f"- {obj}" for obj in objectives) if isinstance(objectives, list) else objectives
-        style = data.get('style') or {}
-        style_text = json.dumps(style, indent=2) if isinstance(style, dict) and style else str(style)
-
-        existing_pages = [
-            {
-                'title': page.title,
-                'slug': page.slug,
-                'type': page.type,
-                'status': page.status,
-            }
-            for page in blueprint.pages.all()
-        ]
-
-        context = {
-            'BUSINESS_BRIEF': data.get('business_brief', ''),
-            'OBJECTIVES': objectives_text or 'Create a full marketing site with clear navigation.',
-            'STYLE': style_text or 'Modern, responsive, accessible web design.',
-            'SITE_INFO': json.dumps({
-                'site_name': blueprint.name,
-                'site_description': blueprint.description,
-                'hosting_type': blueprint.hosting_type,
-                'existing_pages': existing_pages,
-                'existing_structure': blueprint.structure_json or {},
-            }, indent=2)
-        }
-
-        return PromptRegistry.get_prompt(
-            'generate_site_structure',
-            account=account or blueprint.account,
-            context=context
-        )
-
-    def parse_response(self, response: str, step_tracker=None) -> Dict[str, Any]:
-        if not response:
-            raise ValueError("AI response is empty")
-
-        response = response.strip()
-        try:
-            return self._ensure_dict(json.loads(response))
-        except json.JSONDecodeError:
-            logger.warning("Response not valid JSON, attempting to extract JSON object")
-            cleaned = self._extract_json_object(response)
-            if cleaned:
-                return self._ensure_dict(json.loads(cleaned))
-            raise ValueError("Unable to parse AI response into JSON")
-
-    def save_output(
-        self,
-        parsed: Dict[str, Any],
-        original_data: Dict[str, Any],
-        account=None,
-        progress_tracker=None,
-        step_tracker=None
-    ) -> Dict[str, Any]:
-        blueprint: SiteBlueprint = original_data['blueprint']
-        structure = self._ensure_dict(parsed)
-        pages = structure.get('pages', [])
-
-        blueprint.structure_json = structure
-        blueprint.status = 'ready'
-        blueprint.save(update_fields=['structure_json', 'status', 'updated_at'])
-
-        created, updated, deleted = self._sync_page_blueprints(blueprint, pages)
-
-        message = f"Pages synced (created: {created}, updated: {updated}, deleted: {deleted})"
-        logger.info("[GenerateSiteStructure] %s for blueprint %s", message, blueprint.id)
-
-        return {
-            'success': True,
-            'count': created + updated,
-            'site_blueprint_id': blueprint.id,
-            'pages_created': created,
-            'pages_updated': updated,
-            'pages_deleted': deleted,
-        }
-
-    # Helpers -----------------------------------------------------------------
-
-    def _ensure_dict(self, data: Any) -> Dict[str, Any]:
-        if isinstance(data, dict):
-            return data
-        raise ValueError("AI response must be a JSON object with site metadata")
-
-    def _extract_json_object(self, text: str) -> str:
-        start = text.find('{')
-        end = text.rfind('}')
-        if start != -1 and end != -1 and end > start:
-            return text[start:end + 1]
-        return ''
-
-    def _sync_page_blueprints(self, blueprint: SiteBlueprint, pages: List[Dict[str, Any]]) -> Tuple[int, int, int]:
-        existing = {page.slug: page for page in blueprint.pages.all()}
-        seen_slugs = set()
-        created = updated = 0
-
-        for order, page_data in enumerate(pages or []):
-            slug = page_data.get('slug') or page_data.get('id') or page_data.get('title') or f"page-{order + 1}"
-            slug = slugify(slug) or f"page-{order + 1}"
-            seen_slugs.add(slug)
-
-            defaults = {
-                'title': page_data.get('title') or page_data.get('name') or slug.replace('-', ' ').title(),
-                'type': self._map_page_type(page_data.get('type')),
-                'blocks_json': page_data.get('blocks') or page_data.get('sections') or [],
-                'status': page_data.get('status') or 'draft',
-                'order': order,
-            }
-
-            page_obj, created_flag = PageBlueprint.objects.update_or_create(
-                site_blueprint=blueprint,
-                slug=slug,
-                defaults=defaults
-            )
-            if created_flag:
-                created += 1
-            else:
-                updated += 1
-
-        # Delete pages not present in new structure
-        deleted = 0
-        for slug, page in existing.items():
-            if slug not in seen_slugs:
-                page.delete()
-                deleted += 1
-
-        return created, updated, deleted
-
-    def _map_page_type(self, page_type: Any) -> str:
-        allowed = {choice[0] for choice in PageBlueprint._meta.get_field('type').choices}
-        if isinstance(page_type, str):
-            normalized = page_type.lower()
-            if normalized in allowed:
-                return normalized
-            # Map friendly names
-            mapping = {
-                'homepage': 'home',
-                'landing': 'home',
-                'service': 'services',
-                'product': 'products',
-            }
-            mapped = mapping.get(normalized)
-            if mapped in allowed:
-                return mapped
-        return 'custom'
-

backend/igny8_core/ai/model_registry.py

@@ -0,0 +1,377 @@
+"""
+Model Registry Service
+Central registry for AI model configurations with caching.
+
+This service provides:
+- Database-driven model configuration (from AIModelConfig)
+- Integration provider API key retrieval (from IntegrationProvider)
+- Caching for performance
+- Cost calculation methods
+
+Usage:
+    from igny8_core.ai.model_registry import ModelRegistry
+    
+    # Get model config
+    model = ModelRegistry.get_model('gpt-4o-mini')
+    
+    # Get rate
+    input_rate = ModelRegistry.get_rate('gpt-4o-mini', 'input')
+    
+    # Calculate cost
+    cost = ModelRegistry.calculate_cost('gpt-4o-mini', input_tokens=1000, output_tokens=500)
+    
+    # Get API key for a provider
+    api_key = ModelRegistry.get_api_key('openai')
+"""
+import logging
+from decimal import Decimal
+from typing import Optional, Dict, Any
+from django.core.cache import cache
+
+logger = logging.getLogger(__name__)
+
+# Cache TTL in seconds (5 minutes)
+MODEL_CACHE_TTL = 300
+
+# Cache key prefix
+CACHE_KEY_PREFIX = 'ai_model_'
+PROVIDER_CACHE_PREFIX = 'provider_'
+
+
+class ModelRegistry:
+    """
+    Central registry for AI model configurations with caching.
+    Uses AIModelConfig from database for model configs.
+    Uses IntegrationProvider for API keys.
+    """
+    
+    @classmethod
+    def _get_cache_key(cls, model_id: str) -> str:
+        """Generate cache key for model"""
+        return f"{CACHE_KEY_PREFIX}{model_id}"
+    
+    @classmethod
+    def _get_provider_cache_key(cls, provider_id: str) -> str:
+        """Generate cache key for provider"""
+        return f"{PROVIDER_CACHE_PREFIX}{provider_id}"
+    
+    @classmethod
+    def _get_from_db(cls, model_id: str) -> Optional[Any]:
+        """Get model config from database"""
+        try:
+            from igny8_core.business.billing.models import AIModelConfig
+            return AIModelConfig.objects.filter(
+                model_name=model_id,
+                is_active=True
+            ).first()
+        except Exception as e:
+            logger.debug(f"Could not fetch model {model_id} from DB: {e}")
+            return None
+    
+    @classmethod
+    def get_model(cls, model_id: str) -> Optional[Any]:
+        """
+        Get model configuration by model_id.
+        
+        Order of lookup:
+        1. Cache
+        2. Database (AIModelConfig)
+        
+        Args:
+            model_id: The model identifier (e.g., 'gpt-4o-mini', 'dall-e-3')
+            
+        Returns:
+            AIModelConfig instance, None if not found
+        """
+        cache_key = cls._get_cache_key(model_id)
+        
+        # Try cache first
+        cached = cache.get(cache_key)
+        if cached is not None:
+            return cached
+        
+        # Try database
+        model_config = cls._get_from_db(model_id)
+        
+        if model_config:
+            cache.set(cache_key, model_config, MODEL_CACHE_TTL)
+            return model_config
+        
+        logger.warning(f"Model {model_id} not found in database")
+        return None
+    
+    @classmethod
+    def get_rate(cls, model_id: str, rate_type: str) -> Decimal:
+        """
+        Get specific rate for a model.
+        
+        Args:
+            model_id: The model identifier
+            rate_type: 'input', 'output' (for text models) or 'image' (for image models)
+            
+        Returns:
+            Decimal rate value, 0 if not found
+        """
+        model = cls.get_model(model_id)
+        if not model:
+            return Decimal('0')
+        
+        # Handle AIModelConfig instance
+        if rate_type == 'input':
+            return model.input_cost_per_1m or Decimal('0')
+        elif rate_type == 'output':
+            return model.output_cost_per_1m or Decimal('0')
+        elif rate_type == 'image':
+            return model.cost_per_image or Decimal('0')
+        
+        return Decimal('0')
+    
+    @classmethod
+    def calculate_cost(cls, model_id: str, input_tokens: int = 0, output_tokens: int = 0, num_images: int = 0) -> Decimal:
+        """
+        Calculate cost for model usage.
+        
+        For text models: Uses input/output token counts
+        For image models: Uses num_images
+        
+        Args:
+            model_id: The model identifier
+            input_tokens: Number of input tokens (for text models)
+            output_tokens: Number of output tokens (for text models)
+            num_images: Number of images (for image models)
+            
+        Returns:
+            Decimal cost in USD
+        """
+        model = cls.get_model(model_id)
+        if not model:
+            return Decimal('0')
+        
+        # Get model type from AIModelConfig
+        model_type = model.model_type
+        
+        if model_type == 'text':
+            input_rate = cls.get_rate(model_id, 'input')
+            output_rate = cls.get_rate(model_id, 'output')
+            
+            cost = (
+                (Decimal(input_tokens) * input_rate) +
+                (Decimal(output_tokens) * output_rate)
+            ) / Decimal('1000000')
+            
+            return cost
+        
+        elif model_type == 'image':
+            image_rate = cls.get_rate(model_id, 'image')
+            return image_rate * Decimal(num_images)
+        
+        return Decimal('0')
+    
+    @classmethod
+    def get_default_model(cls, model_type: str = 'text') -> Optional[str]:
+        """
+        Get the default model for a given type from database.
+        
+        Args:
+            model_type: 'text' or 'image'
+            
+        Returns:
+            model_id string or None
+        """
+        try:
+            from igny8_core.business.billing.models import AIModelConfig
+            default = AIModelConfig.objects.filter(
+                model_type=model_type,
+                is_active=True,
+                is_default=True
+            ).first()
+            
+            if default:
+                return default.model_name
+            
+            # If no default is set, return first active model of this type
+            first_active = AIModelConfig.objects.filter(
+                model_type=model_type,
+                is_active=True
+            ).order_by('model_name').first()
+            
+            if first_active:
+                return first_active.model_name
+            
+        except Exception as e:
+            logger.error(f"Could not get default {model_type} model from DB: {e}")
+        
+        return None
+    
+    @classmethod
+    def list_models(cls, model_type: Optional[str] = None, provider: Optional[str] = None) -> list:
+        """
+        List all available models from database, optionally filtered by type or provider.
+        
+        Args:
+            model_type: Filter by 'text', 'image', or 'embedding'
+            provider: Filter by 'openai', 'anthropic', 'runware', etc.
+            
+        Returns:
+            List of AIModelConfig instances
+        """
+        try:
+            from igny8_core.business.billing.models import AIModelConfig
+            queryset = AIModelConfig.objects.filter(is_active=True)
+            
+            if model_type:
+                queryset = queryset.filter(model_type=model_type)
+            if provider:
+                queryset = queryset.filter(provider=provider)
+            
+            return list(queryset.order_by('model_name'))
+        except Exception as e:
+            logger.error(f"Could not list models from DB: {e}")
+            return []
+    
+    @classmethod
+    def clear_cache(cls, model_id: Optional[str] = None):
+        """
+        Clear model cache.
+        
+        Args:
+            model_id: Clear specific model cache, or all if None
+        """
+        if model_id:
+            cache.delete(cls._get_cache_key(model_id))
+        else:
+            # Clear all model caches - use pattern if available
+            try:
+                from django.core.cache import caches
+                default_cache = caches['default']
+                if hasattr(default_cache, 'delete_pattern'):
+                    default_cache.delete_pattern(f"{CACHE_KEY_PREFIX}*")
+                else:
+                    # Fallback: clear all known models from DB
+                    from igny8_core.business.billing.models import AIModelConfig
+                    for model in AIModelConfig.objects.values_list('model_name', flat=True):
+                        cache.delete(cls._get_cache_key(model))
+            except Exception as e:
+                logger.warning(f"Could not clear all model caches: {e}")
+    
+    @classmethod
+    def validate_model(cls, model_id: str) -> bool:
+        """
+        Check if a model ID is valid and active.
+        
+        Args:
+            model_id: The model identifier to validate
+            
+        Returns:
+            True if model exists and is active, False otherwise
+        """
+        model = cls.get_model(model_id)
+        if not model:
+            return False
+        return model.is_active
+    
+    # ========== IntegrationProvider methods ==========
+    
+    @classmethod
+    def get_provider(cls, provider_id: str) -> Optional[Any]:
+        """
+        Get IntegrationProvider by provider_id.
+        
+        Args:
+            provider_id: The provider identifier (e.g., 'openai', 'stripe', 'resend')
+            
+        Returns:
+            IntegrationProvider instance, None if not found
+        """
+        cache_key = cls._get_provider_cache_key(provider_id)
+        
+        # Try cache first
+        cached = cache.get(cache_key)
+        if cached is not None:
+            return cached
+        
+        try:
+            from igny8_core.modules.system.models import IntegrationProvider
+            provider = IntegrationProvider.objects.filter(
+                provider_id=provider_id,
+                is_active=True
+            ).first()
+            
+            if provider:
+                cache.set(cache_key, provider, MODEL_CACHE_TTL)
+                return provider
+        except Exception as e:
+            logger.error(f"Could not fetch provider {provider_id} from DB: {e}")
+        
+        return None
+    
+    @classmethod
+    def get_api_key(cls, provider_id: str) -> Optional[str]:
+        """
+        Get API key for a provider.
+        
+        Args:
+            provider_id: The provider identifier (e.g., 'openai', 'anthropic', 'runware')
+            
+        Returns:
+            API key string, None if not found or provider is inactive
+        """
+        provider = cls.get_provider(provider_id)
+        if provider and provider.api_key:
+            return provider.api_key
+        return None
+    
+    @classmethod
+    def get_api_secret(cls, provider_id: str) -> Optional[str]:
+        """
+        Get API secret for a provider (for OAuth, Stripe secret key, etc.).
+        
+        Args:
+            provider_id: The provider identifier
+            
+        Returns:
+            API secret string, None if not found
+        """
+        provider = cls.get_provider(provider_id)
+        if provider and provider.api_secret:
+            return provider.api_secret
+        return None
+    
+    @classmethod
+    def get_webhook_secret(cls, provider_id: str) -> Optional[str]:
+        """
+        Get webhook secret for a provider (for Stripe, PayPal webhooks).
+        
+        Args:
+            provider_id: The provider identifier
+            
+        Returns:
+            Webhook secret string, None if not found
+        """
+        provider = cls.get_provider(provider_id)
+        if provider and provider.webhook_secret:
+            return provider.webhook_secret
+        return None
+    
+    @classmethod
+    def clear_provider_cache(cls, provider_id: Optional[str] = None):
+        """
+        Clear provider cache.
+        
+        Args:
+            provider_id: Clear specific provider cache, or all if None
+        """
+        if provider_id:
+            cache.delete(cls._get_provider_cache_key(provider_id))
+        else:
+            try:
+                from django.core.cache import caches
+                default_cache = caches['default']
+                if hasattr(default_cache, 'delete_pattern'):
+                    default_cache.delete_pattern(f"{PROVIDER_CACHE_PREFIX}*")
+                else:
+                    from igny8_core.modules.system.models import IntegrationProvider
+                    for pid in IntegrationProvider.objects.values_list('provider_id', flat=True):
+                        cache.delete(cls._get_provider_cache_key(pid))
+            except Exception as e:
+                logger.warning(f"Could not clear provider caches: {e}")

backend/igny8_core/ai/registry.py

@@ -94,11 +94,6 @@ def _load_generate_image_prompts():
     from igny8_core.ai.functions.generate_image_prompts import GenerateImagePromptsFunction
     return GenerateImagePromptsFunction
 
-def _load_generate_site_structure():
-    """Lazy loader for generate_site_structure function"""
-    from igny8_core.ai.functions.generate_site_structure import GenerateSiteStructureFunction
-    return GenerateSiteStructureFunction
-
 def _load_optimize_content():
     """Lazy loader for optimize_content function"""
     from igny8_core.ai.functions.optimize_content import OptimizeContentFunction
@@ -109,6 +104,5 @@ register_lazy_function('generate_ideas', _load_generate_ideas)
 register_lazy_function('generate_content', _load_generate_content)
 register_lazy_function('generate_images', _load_generate_images)
 register_lazy_function('generate_image_prompts', _load_generate_image_prompts)
-register_lazy_function('generate_site_structure', _load_generate_site_structure)
 register_lazy_function('optimize_content', _load_optimize_content)
 

backend/igny8_core/ai/settings.py

@@ -1,6 +1,7 @@
 """
 AI Settings - Centralized model configurations and limits
-Uses IntegrationSettings only - no hardcoded defaults or fallbacks.
+Uses AISettings (system defaults) with optional per-account overrides via AccountSettings.
+API keys are stored in IntegrationProvider.
 """
 from typing import Dict, Any
 import logging
@@ -19,18 +20,22 @@ FUNCTION_ALIASES = {
 
 def get_model_config(function_name: str, account) -> Dict[str, Any]:
     """
-    Get model configuration from IntegrationSettings only.
-    No fallbacks - account must have IntegrationSettings configured.
+    Get model configuration for AI function.
+    
+    Architecture:
+    - API keys: From IntegrationProvider (centralized)
+    - Model: From AIModelConfig (is_default=True)
+    - Params: From AISettings with AccountSettings overrides
     
     Args:
         function_name: Name of the AI function
         account: Account instance (required)
     
     Returns:
-        dict: Model configuration with 'model', 'max_tokens', 'temperature'
+        dict: Model configuration with 'model', 'max_tokens', 'temperature', 'api_key'
     
     Raises:
-        ValueError: If account not provided or IntegrationSettings not configured
+        ValueError: If account not provided or settings not configured
     """
     if not account:
         raise ValueError("Account is required for model configuration")
@@ -38,46 +43,60 @@ def get_model_config(function_name: str, account) -> Dict[str, Any]:
     # Resolve function alias
     actual_name = FUNCTION_ALIASES.get(function_name, function_name)
     
-    # Get IntegrationSettings for OpenAI
     try:
-        from igny8_core.modules.system.models import IntegrationSettings
-        integration_settings = IntegrationSettings.objects.get(
-            integration_type='openai',
-            account=account,
-            is_active=True
-        )
-    except IntegrationSettings.DoesNotExist:
+        from igny8_core.modules.system.ai_settings import AISettings
+        from igny8_core.ai.model_registry import ModelRegistry
+        
+        # Get API key from IntegrationProvider
+        api_key = ModelRegistry.get_api_key('openai')
+        
+        if not api_key:
+            raise ValueError(
+                "Platform OpenAI API key not configured. "
+                "Please configure IntegrationProvider in Django admin."
+            )
+        
+        # Get default text model from AIModelConfig
+        default_model = ModelRegistry.get_default_model('text')
+        if not default_model:
+            default_model = 'gpt-4o-mini'  # Ultimate fallback
+        
+        model = default_model
+        
+        # Get settings with account overrides
+        temperature = AISettings.get_effective_temperature(account)
+        max_tokens = AISettings.get_effective_max_tokens(account)
+        
+        # Get max_tokens from AIModelConfig if available
+        try:
+            from igny8_core.business.billing.models import AIModelConfig
+            model_config = AIModelConfig.objects.filter(
+                model_name=model,
+                is_active=True
+            ).first()
+            if model_config and model_config.max_output_tokens:
+                max_tokens = model_config.max_output_tokens
+        except Exception as e:
+            logger.warning(f"Could not load max_tokens from AIModelConfig for {model}: {e}")
+        
+    except Exception as e:
+        logger.error(f"Could not load OpenAI settings for account {account.id}: {e}")
         raise ValueError(
-            f"OpenAI IntegrationSettings not configured for account {account.id}. "
-            f"Please configure OpenAI settings in the integration page."
+            f"Could not load OpenAI configuration for account {account.id}. "
+            f"Please configure IntegrationProvider and AISettings."
         )
     
-    config = integration_settings.config or {}
-    
-    # Get model from config
-    model = config.get('model')
-    if not model:
-        raise ValueError(
-            f"Model not configured in IntegrationSettings for account {account.id}. "
-            f"Please set 'model' in OpenAI integration settings."
-        )
-    
-    # Validate model is in our supported list (optional validation)
+    # Validate model is in our supported list using ModelRegistry (database-driven)
     try:
-        from igny8_core.utils.ai_processor import MODEL_RATES
-        if model not in MODEL_RATES:
+        if not ModelRegistry.validate_model(model):
+            supported_models = [m.model_name for m in ModelRegistry.list_models(model_type='text')]
             logger.warning(
                 f"Model '{model}' for account {account.id} is not in supported list. "
-                f"Supported models: {list(MODEL_RATES.keys())}"
+                f"Supported models: {supported_models}"
             )
-    except ImportError:
-        # MODEL_RATES not available - skip validation
+    except Exception:
         pass
     
-    # Get max_tokens and temperature from config (with reasonable defaults for API)
-    max_tokens = config.get('max_tokens', 4000)  # Reasonable default for API limits
-    temperature = config.get('temperature', 0.7)  # Reasonable default
-    
     # Build response format based on model (JSON mode for supported models)
     response_format = None
     try:
@@ -85,7 +104,6 @@ def get_model_config(function_name: str, account) -> Dict[str, Any]:
         if model in JSON_MODE_MODELS:
             response_format = {"type": "json_object"}
     except ImportError:
-        # JSON_MODE_MODELS not available - skip
         pass
     
     return {

backend/igny8_core/ai/tasks.py

@@ -157,6 +157,7 @@ def process_image_generation_queue(self, image_ids: list, account_id: int = None
     from igny8_core.modules.system.models import IntegrationSettings
     from igny8_core.ai.ai_core import AICore
     from igny8_core.ai.prompts import PromptRegistry
+    from igny8_core.business.billing.services.credit_service import CreditService
     
     logger.info("=" * 80)
     logger.info(f"process_image_generation_queue STARTED")
@@ -181,82 +182,97 @@ def process_image_generation_queue(self, image_ids: list, account_id: int = None
     failed = 0
     results = []
     
-    # Get image generation settings from IntegrationSettings
+    # Get image generation settings from AISettings (with account overrides)
     logger.info("[process_image_generation_queue] Step 1: Loading image generation settings")
-    try:
-        image_settings = IntegrationSettings.objects.get(
-            account=account,
-            integration_type='image_generation',
-            is_active=True
-        )
-        config = image_settings.config or {}
-        logger.info(f"[process_image_generation_queue] Image generation settings found. Config keys: {list(config.keys())}")
-        logger.info(f"[process_image_generation_queue] Full config: {config}")
-        
-        # Get provider and model from config (respect user settings)
-        provider = config.get('provider', 'openai')
-        # Get model - try 'model' first, then 'imageModel' as fallback
-        model = config.get('model') or config.get('imageModel') or 'dall-e-3'
-        logger.info(f"[process_image_generation_queue] Using PROVIDER: {provider}, MODEL: {model} from settings")
-        image_type = config.get('image_type', 'realistic')
-        image_format = config.get('image_format', 'webp')
-        desktop_enabled = config.get('desktop_enabled', True)
-        mobile_enabled = config.get('mobile_enabled', True)
-        # Get image sizes from config, with fallback defaults
-        featured_image_size = config.get('featured_image_size') or ('1280x832' if provider == 'runware' else '1024x1024')
-        desktop_image_size = config.get('desktop_image_size') or '1024x1024'
-        in_article_image_size = config.get('in_article_image_size') or '512x512'  # Default to 512x512
-        
-        logger.info(f"[process_image_generation_queue] Settings loaded:")
-        logger.info(f"  - Provider: {provider}")
-        logger.info(f"  - Model: {model}")
-        logger.info(f"  - Image type: {image_type}")
-        logger.info(f"  - Image format: {image_format}")
-        logger.info(f"  - Desktop enabled: {desktop_enabled}")
-        logger.info(f"  - Mobile enabled: {mobile_enabled}")
-    except IntegrationSettings.DoesNotExist:
-        logger.error("[process_image_generation_queue] ERROR: Image generation settings not found")
-        logger.error(f"[process_image_generation_queue] Account: {account.id if account else 'None'}, integration_type: 'image_generation'")
-        return {'success': False, 'error': 'Image generation settings not found'}
-    except Exception as e:
-        logger.error(f"[process_image_generation_queue] ERROR loading image generation settings: {e}", exc_info=True)
-        return {'success': False, 'error': f'Error loading image generation settings: {str(e)}'}
+    from igny8_core.modules.system.ai_settings import AISettings
+    from igny8_core.ai.model_registry import ModelRegistry
     
-    # Get provider API key (using same approach as test image generation)
-    # Note: API key is stored as 'apiKey' (camelCase) in IntegrationSettings.config
-    logger.info(f"[process_image_generation_queue] Step 2: Loading {provider.upper()} API key")
-    try:
-        provider_settings = IntegrationSettings.objects.get(
-            account=account,
-            integration_type=provider,  # Use the provider from settings
-            is_active=True
-        )
-        logger.info(f"[process_image_generation_queue] {provider.upper()} integration settings found")
-        logger.info(f"[process_image_generation_queue] {provider.upper()} config keys: {list(provider_settings.config.keys()) if provider_settings.config else 'None'}")
-        
-        api_key = provider_settings.config.get('apiKey') if provider_settings.config else None
-        if not api_key:
-            logger.error(f"[process_image_generation_queue] {provider.upper()} API key not found in config")
-            logger.error(f"[process_image_generation_queue] {provider.upper()} config: {provider_settings.config}")
-            return {'success': False, 'error': f'{provider.upper()} API key not configured'}
-        
-        # Log API key presence (but not the actual key for security)
-        api_key_preview = f"{api_key[:10]}...{api_key[-4:]}" if len(api_key) > 14 else "***"
-        logger.info(f"[process_image_generation_queue] {provider.upper()} API key retrieved successfully (length: {len(api_key)}, preview: {api_key_preview})")
-    except IntegrationSettings.DoesNotExist:
-        logger.error(f"[process_image_generation_queue] ERROR: {provider.upper()} integration settings not found")
-        logger.error(f"[process_image_generation_queue] Account: {account.id if account else 'None'}, integration_type: '{provider}'")
-        return {'success': False, 'error': f'{provider.upper()} integration not found or not active'}
-    except Exception as e:
-        logger.error(f"[process_image_generation_queue] ERROR getting {provider.upper()} API key: {e}", exc_info=True)
-        return {'success': False, 'error': f'Error retrieving {provider.upper()} API key: {str(e)}'}
+    # Get effective settings
+    image_type = AISettings.get_effective_image_style(account)
+    image_format = 'webp'  # Default format
+    
+    # Get default image model from database
+    default_model = ModelRegistry.get_default_model('image')
+    if default_model:
+        model_config = ModelRegistry.get_model(default_model)
+        provider = model_config.provider if model_config else 'openai'
+        model = default_model
+    else:
+        provider = 'openai'
+        model = 'dall-e-3'
+    
+    logger.info(f"[process_image_generation_queue] Using PROVIDER: {provider}, MODEL: {model} from settings")
+    
+    # Style to prompt enhancement mapping
+    # These style descriptors are added to the image prompt for better results
+    STYLE_PROMPT_MAP = {
+        # Runware styles
+        'photorealistic': 'ultra realistic photography, natural lighting, real world look, photorealistic',
+        'illustration': 'digital illustration, clean lines, artistic style, modern illustration',
+        '3d_render': 'computer generated 3D render, modern polished 3D style, depth and dramatic lighting',
+        'minimal_flat': 'minimal flat design, simple shapes, flat colors, modern graphic design aesthetic',
+        'artistic': 'artistic painterly style, expressive brushstrokes, hand painted aesthetic',
+        'cartoon': 'cartoon stylized illustration, playful exaggerated forms, animated character style',
+        # DALL-E styles (mapped from OpenAI API style parameter)
+        'natural': 'natural realistic style',
+        'vivid': 'vivid dramatic hyper-realistic style',
+        # Legacy fallbacks
+        'realistic': 'ultra realistic photography, natural lighting, photorealistic',
+    }
+    
+    # Get the style description for prompt enhancement
+    style_description = STYLE_PROMPT_MAP.get(image_type, STYLE_PROMPT_MAP.get('photorealistic'))
+    logger.info(f"[process_image_generation_queue] Style: {image_type} -> prompt enhancement: {style_description[:50]}...")
+    
+    # Model-specific landscape sizes (square is always 1024x1024)
+    # For Runware models - based on Runware documentation for optimal results per model
+    # For OpenAI DALL-E 3 - uses 1792x1024 for landscape
+    MODEL_LANDSCAPE_SIZES = {
+        'runware:97@1': '1280x768',   # Hi Dream Full landscape
+        'bria:10@1': '1344x768',       # Bria 3.2 landscape (16:9)
+        'google:4@2': '1376x768',      # Nano Banana landscape (16:9)
+        'dall-e-3': '1792x1024',       # DALL-E 3 landscape
+        'dall-e-2': '1024x1024',       # DALL-E 2 only supports square
+    }
+    DEFAULT_SQUARE_SIZE = '1024x1024'
+    
+    # Get model-specific landscape size for featured images
+    model_landscape_size = MODEL_LANDSCAPE_SIZES.get(model, '1792x1024' if provider == 'openai' else '1280x768')
+    
+    # Featured image always uses model-specific landscape size
+    featured_image_size = model_landscape_size
+    # In-article images: alternating square/landscape based on position (handled in image loop)
+    in_article_square_size = DEFAULT_SQUARE_SIZE
+    in_article_landscape_size = model_landscape_size
+    
+    logger.info(f"[process_image_generation_queue] Settings loaded:")
+    logger.info(f"  - Provider: {provider}")
+    logger.info(f"  - Model: {model}")
+    logger.info(f"  - Image type: {image_type}")
+    logger.info(f"  - Image format: {image_format}")
+    logger.info(f"  - Featured image size: {featured_image_size}")
+    logger.info(f"  - In-article square: {in_article_square_size}, landscape: {in_article_landscape_size}")
+    
+    # Get provider API key from IntegrationProvider (centralized)
+    logger.info(f"[process_image_generation_queue] Step 2: Loading {provider.upper()} API key from IntegrationProvider")
+    
+    # Get API key from IntegrationProvider (centralized)
+    api_key = ModelRegistry.get_api_key(provider)
+    
+    if not api_key:
+        logger.error(f"[process_image_generation_queue] {provider.upper()} API key not configured in IntegrationProvider")
+        return {'success': False, 'error': f'{provider.upper()} API key not configured'}
+    
+    # Log API key presence (but not the actual key for security)
+    api_key_preview = f"{api_key[:10]}...{api_key[-4:]}" if len(api_key) > 14 else "***"
+    logger.info(f"[process_image_generation_queue] {provider.upper()} API key retrieved successfully (length: {len(api_key)}, preview: {api_key_preview})")
     
     # Get image prompt template (has placeholders: {image_type}, {post_title}, {image_prompt})
     try:
         image_prompt_template = PromptRegistry.get_image_prompt_template(account)
     except Exception as e:
         logger.warning(f"Failed to get image prompt template: {e}, using fallback")
-        image_prompt_template = 'Create a high-quality {image_type} image for a blog post titled "{post_title}". Image prompt: {image_prompt}'
+        image_prompt_template = '{image_type} image for blog post titled "{post_title}": {image_prompt}'
     
     # Get negative prompt for Runware (only needed for Runware provider)
     negative_prompt = None
@@ -384,7 +400,7 @@ def process_image_generation_queue(self, image_ids: list, account_id: int = None
                     # Calculate actual template length with placeholders filled
                     # Format template with dummy values to measure actual length
                     template_with_dummies = image_prompt_template.format(
-                        image_type=image_type,
+                        image_type=style_description,  # Use actual style description length
                         post_title='X' * len(post_title),  # Use same length as actual post_title
                         image_prompt=''  # Empty to measure template overhead
                     )
@@ -411,7 +427,7 @@ def process_image_generation_queue(self, image_ids: list, account_id: int = None
                             image_prompt = image_prompt[:max_image_prompt_length - 3] + "..."
                     
                     formatted_prompt = image_prompt_template.format(
-                        image_type=image_type,
+                        image_type=style_description,  # Use full style description instead of raw value
                         post_title=post_title,
                         image_prompt=image_prompt
                     )
@@ -476,15 +492,40 @@ def process_image_generation_queue(self, image_ids: list, account_id: int = None
                 }
             )
             
-            # Use appropriate size based on image type
+            # Use appropriate size based on image type and position
+            # Featured: Always landscape (model-specific)
+            # In-article: Alternating square/landscape based on position
+            #   Position 0: Square (1024x1024)
+            #   Position 1: Landscape (model-specific)
+            #   Position 2: Square (1024x1024)
+            #   Position 3: Landscape (model-specific)
             if image.image_type == 'featured':
-                image_size = featured_image_size  # Read from config
-            elif image.image_type == 'desktop':
-                image_size = desktop_image_size
-            elif image.image_type == 'mobile':
-                image_size = '512x512'  # Fixed mobile size
-            else:  # in_article or other
-                image_size = in_article_image_size  # Read from config, default 512x512
+                image_size = featured_image_size  # Model-specific landscape
+            elif image.image_type == 'in_article':
+                # Alternate based on position: even=square, odd=landscape
+                position = image.position or 0
+                if position % 2 == 0:  # Position 0, 2: Square
+                    image_size = in_article_square_size
+                else:  # Position 1, 3: Landscape
+                    image_size = in_article_landscape_size
+                logger.info(f"[process_image_generation_queue] In-article image position {position}: using {'square' if position % 2 == 0 else 'landscape'} size {image_size}")
+            else:  # desktop or other (legacy)
+                image_size = in_article_square_size  # Default to square
+            
+            # For DALL-E, convert image_type to style parameter
+            # image_type is from user settings (e.g., 'vivid', 'natural', 'realistic')
+            # DALL-E accepts 'vivid' or 'natural' - map accordingly
+            dalle_style = None
+            if provider == 'openai':
+                # Map image_type to DALL-E style
+                # 'natural' = more realistic photos (default)
+                # 'vivid' = hyper-real, dramatic images
+                if image_type in ['vivid']:
+                    dalle_style = 'vivid'
+                else:
+                    # Default to 'natural' for realistic photos
+                    dalle_style = 'natural'
+                logger.info(f"[process_image_generation_queue] DALL-E style: {dalle_style} (from image_type: {image_type})")
             
             result = ai_core.generate_image(
                 prompt=formatted_prompt,
@@ -493,7 +534,8 @@ def process_image_generation_queue(self, image_ids: list, account_id: int = None
                 size=image_size,
                 api_key=api_key,
                 negative_prompt=negative_prompt,
-                function_name='generate_images_from_prompts'
+                function_name='generate_images_from_prompts',
+                style=dalle_style
             )
             
             # Update progress: Image generation complete (50%)
@@ -668,6 +710,33 @@ def process_image_generation_queue(self, image_ids: list, account_id: int = None
                     })
                     failed += 1
                 else:
+                    # Deduct credits for successful image generation
+                    credits_deducted = 0
+                    cost_usd = result.get('cost_usd', 0)
+                    if account:
+                        try:
+                            credits_deducted = CreditService.deduct_credits_for_image(
+                                account=account,
+                                model_name=model,
+                                num_images=1,
+                                description=f"Image generation: {content.title[:50] if content else 'Image'}" if content else f"Image {image_id}",
+                                metadata={
+                                    'image_id': image_id,
+                                    'content_id': content_id,
+                                    'provider': provider,
+                                    'model': model,
+                                    'image_type': image.image_type if image else 'unknown',
+                                    'size': image_size,
+                                },
+                                cost_usd=cost_usd,
+                                related_object_type='image',
+                                related_object_id=image_id
+                            )
+                            logger.info(f"[process_image_generation_queue] Credits deducted for image {image_id}: account balance now {credits_deducted}")
+                        except Exception as credit_error:
+                            logger.error(f"[process_image_generation_queue] Failed to deduct credits for image {image_id}: {credit_error}")
+                            # Don't fail the image generation if credit deduction fails
+                    
                     # Update progress: Complete (100%)
                     self.update_state(
                         state='PROGRESS',
@@ -707,6 +776,25 @@ def process_image_generation_queue(self, image_ids: list, account_id: int = None
             })
             failed += 1
     
+    # Check if all images for the content are generated and update status to 'review'
+    if content_id and completed > 0:
+        try:
+            from igny8_core.business.content.models import Content, Images
+            
+            content = Content.objects.get(id=content_id)
+            
+            # Check if all images for this content are now generated
+            all_images = Images.objects.filter(content=content)
+            pending_images = all_images.filter(status='pending').count()
+            
+            # If no pending images and content is still in draft, move to review
+            if pending_images == 0 and content.status == 'draft':
+                content.status = 'review'
+                content.save(update_fields=['status'])
+                logger.info(f"[process_image_generation_queue] Content #{content_id} status updated to 'review' (all images generated)")
+        except Exception as e:
+            logger.error(f"[process_image_generation_queue] Error updating content status: {str(e)}", exc_info=True)
+    
     # Final state
     logger.info("=" * 80)
     logger.info(f"process_image_generation_queue COMPLETED")

backend/igny8_core/ai/tracker.py

@@ -5,6 +5,7 @@ import time
 import logging
 from typing import List, Dict, Any, Optional, Callable
 from datetime import datetime
+from decimal import Decimal
 from igny8_core.ai.constants import DEBUG_MODE
 
 logger = logging.getLogger(__name__)
@@ -195,24 +196,35 @@ class CostTracker:
     """Tracks API costs and token usage"""
     
     def __init__(self):
-        self.total_cost = 0.0
+        self.total_cost = Decimal('0.0')
         self.total_tokens = 0
         self.operations = []
     
-    def record(self, function_name: str, cost: float, tokens: int, model: str = None):
-        """Record an API call cost"""
+    def record(self, function_name: str, cost, tokens: int, model: str = None):
+        """Record an API call cost
+        
+        Args:
+            function_name: Name of the AI function
+            cost: Cost value (can be float or Decimal)
+            tokens: Number of tokens used
+            model: Model name
+        """
+        # Convert cost to Decimal if it's a float to avoid type mixing
+        if not isinstance(cost, Decimal):
+            cost = Decimal(str(cost))
+        
         self.total_cost += cost
         self.total_tokens += tokens
         self.operations.append({
             'function': function_name,
-            'cost': cost,
+            'cost': float(cost),  # Store as float for JSON serialization
             'tokens': tokens,
             'model': model
         })
     
-    def get_total(self) -> float:
-        """Get total cost"""
-        return self.total_cost
+    def get_total(self):
+        """Get total cost (returns float for JSON serialization)"""
+        return float(self.total_cost)
     
     def get_total_tokens(self) -> int:
         """Get total tokens"""

backend/igny8_core/ai/validators.py

@@ -135,7 +135,7 @@ def validate_api_key(api_key: Optional[str], integration_type: str = 'openai') -
 
 def validate_model(model: str, model_type: str = 'text') -> Dict[str, Any]:
     """
-    Validate that model is in supported list.
+    Validate that model is in supported list using database.
     
     Args:
         model: Model name to validate
@@ -144,27 +144,50 @@ def validate_model(model: str, model_type: str = 'text') -> Dict[str, Any]:
     Returns:
         Dict with 'valid' (bool) and optional 'error' (str)
     """
-    from .constants import MODEL_RATES, VALID_OPENAI_IMAGE_MODELS
-    
-    if model_type == 'text':
-        if model not in MODEL_RATES:
-            return {
-                'valid': False,
-                'error': f'Model "{model}" is not in supported models list'
-            }
-    elif model_type == 'image':
-        if model not in VALID_OPENAI_IMAGE_MODELS:
-            return {
-                'valid': False,
-                'error': f'Model "{model}" is not valid for OpenAI image generation. Only {", ".join(VALID_OPENAI_IMAGE_MODELS)} are supported.'
-            }
-    
-    return {'valid': True}
+    try:
+        # Use database-driven validation via AIModelConfig
+        from igny8_core.business.billing.models import AIModelConfig
+        
+        exists = AIModelConfig.objects.filter(
+            model_name=model,
+            model_type=model_type,
+            is_active=True
+        ).exists()
+        
+        if not exists:
+            # Get available models for better error message
+            available = list(AIModelConfig.objects.filter(
+                model_type=model_type,
+                is_active=True
+            ).values_list('model_name', flat=True))
+            
+            if available:
+                return {
+                    'valid': False,
+                    'error': f'Model "{model}" is not active or not found. Available {model_type} models: {", ".join(available)}'
+                }
+            else:
+                return {
+                    'valid': False,
+                    'error': f'No {model_type} models configured in database'
+                }
+        
+        return {'valid': True}
+        
+    except Exception as e:
+        # Log error but don't fallback to constants - DB is authoritative
+        import logging
+        logger = logging.getLogger(__name__)
+        logger.error(f"Error validating model {model}: {e}")
+        return {
+            'valid': False,
+            'error': f'Error validating model: {e}'
+        }
 
 
 def validate_image_size(size: str, model: str) -> Dict[str, Any]:
     """
-    Validate that image size is valid for the selected model.
+    Validate that image size is valid for the selected model using database.
     
     Args:
         size: Image size (e.g., '1024x1024')
@@ -173,14 +196,40 @@ def validate_image_size(size: str, model: str) -> Dict[str, Any]:
     Returns:
         Dict with 'valid' (bool) and optional 'error' (str)
     """
-    from .constants import VALID_SIZES_BY_MODEL
-    
-    valid_sizes = VALID_SIZES_BY_MODEL.get(model, [])
-    if size not in valid_sizes:
-        return {
-            'valid': False,
-            'error': f'Image size "{size}" is not valid for model "{model}". Valid sizes are: {", ".join(valid_sizes)}'
-        }
-    
-    return {'valid': True}
+    try:
+        # Try database first
+        from igny8_core.business.billing.models import AIModelConfig
+        
+        model_config = AIModelConfig.objects.filter(
+            model_name=model,
+            model_type='image',
+            is_active=True
+        ).first()
+        
+        if model_config:
+            if not model_config.validate_size(size):
+                valid_sizes = model_config.valid_sizes or []
+                return {
+                    'valid': False,
+                    'error': f'Image size "{size}" is not valid for model "{model}". Valid sizes are: {", ".join(valid_sizes)}'
+                }
+            return {'valid': True}
+        else:
+            return {
+                'valid': False,
+                'error': f'Image model "{model}" not found in database'
+            }
+            
+    except Exception:
+        # Fallback to constants if database fails
+        from .constants import VALID_SIZES_BY_MODEL
+        
+        valid_sizes = VALID_SIZES_BY_MODEL.get(model, [])
+        if size not in valid_sizes:
+            return {
+                'valid': False,
+                'error': f'Image size "{size}" is not valid for model "{model}". Valid sizes are: {", ".join(valid_sizes)}'
+            }
+        
+        return {'valid': True}
 

backend/igny8_core/ai/validators/__init__.py

@@ -0,0 +1,52 @@
+"""
+AI Validators Package
+Shared validation logic for AI functions
+"""
+from .cluster_validators import validate_minimum_keywords, validate_keyword_selection
+
+# The codebase also contains a module-level file `ai/validators.py` which defines
+# common validator helpers (e.g. `validate_ids`). Because there is both a
+# package directory `ai/validators/` and a module file `ai/validators.py`, Python
+# will resolve `igny8_core.ai.validators` to the package and not the module file.
+# To avoid changing many imports across the project, load the module file here
+# and re-export the commonly used functions.
+import importlib.util
+import os
+
+_module_path = os.path.normpath(os.path.join(os.path.dirname(__file__), '..', 'validators.py'))
+if os.path.exists(_module_path):
+	spec = importlib.util.spec_from_file_location('igny8_core.ai._validators_module', _module_path)
+	_validators_mod = importlib.util.module_from_spec(spec)
+	spec.loader.exec_module(_validators_mod)
+	# Re-export commonly used functions from the module file
+	validate_ids = getattr(_validators_mod, 'validate_ids', None)
+	validate_keywords_exist = getattr(_validators_mod, 'validate_keywords_exist', None)
+	validate_cluster_limits = getattr(_validators_mod, 'validate_cluster_limits', None)
+	validate_cluster_exists = getattr(_validators_mod, 'validate_cluster_exists', None)
+	validate_tasks_exist = getattr(_validators_mod, 'validate_tasks_exist', None)
+	validate_api_key = getattr(_validators_mod, 'validate_api_key', None)
+	validate_model = getattr(_validators_mod, 'validate_model', None)
+	validate_image_size = getattr(_validators_mod, 'validate_image_size', None)
+else:
+	# Module file missing - keep names defined if cluster validators provide them
+	validate_ids = None
+	validate_keywords_exist = None
+	validate_cluster_limits = None
+	validate_cluster_exists = None
+	validate_tasks_exist = None
+	validate_api_key = None
+	validate_model = None
+	validate_image_size = None
+
+__all__ = [
+	'validate_minimum_keywords',
+	'validate_keyword_selection',
+	'validate_ids',
+	'validate_keywords_exist',
+	'validate_cluster_limits',
+	'validate_cluster_exists',
+	'validate_tasks_exist',
+	'validate_api_key',
+	'validate_model',
+	'validate_image_size',
+]

backend/igny8_core/ai/validators/cluster_validators.py

@@ -0,0 +1,105 @@
+"""
+Cluster-specific validators
+Shared between auto-cluster function and automation pipeline
+"""
+import logging
+from typing import Dict, List
+
+logger = logging.getLogger(__name__)
+
+
+def validate_minimum_keywords(
+    keyword_ids: List[int],
+    account=None,
+    min_required: int = 5
+) -> Dict:
+    """
+    Validate that sufficient keywords are available for clustering
+    
+    Args:
+        keyword_ids: List of keyword IDs to cluster
+        account: Account object for filtering
+        min_required: Minimum number of keywords required (default: 5)
+    
+    Returns:
+        Dict with 'valid' (bool) and 'error' (str) or 'count' (int)
+    """
+    from igny8_core.modules.planner.models import Keywords
+    
+    # Build queryset
+    queryset = Keywords.objects.filter(id__in=keyword_ids, status='new')
+    
+    if account:
+        queryset = queryset.filter(account=account)
+    
+    # Count available keywords
+    count = queryset.count()
+    
+    # Validate minimum
+    if count < min_required:
+        return {
+            'valid': False,
+            'error': f'Insufficient keywords for clustering. Need at least {min_required} keywords, but only {count} available.',
+            'count': count,
+            'required': min_required
+        }
+    
+    return {
+        'valid': True,
+        'count': count,
+        'required': min_required
+    }
+
+
+def validate_keyword_selection(
+    selected_ids: List[int],
+    available_count: int,
+    min_required: int = 5
+) -> Dict:
+    """
+    Validate keyword selection (for frontend validation)
+    
+    Args:
+        selected_ids: List of selected keyword IDs
+        available_count: Total count of available keywords
+        min_required: Minimum required
+    
+    Returns:
+        Dict with validation result
+    """
+    selected_count = len(selected_ids)
+    
+    # Check if any keywords selected
+    if selected_count == 0:
+        return {
+            'valid': False,
+            'error': 'No keywords selected',
+            'type': 'NO_SELECTION'
+        }
+    
+    # Check if enough selected
+    if selected_count < min_required:
+        return {
+            'valid': False,
+            'error': f'Please select at least {min_required} keywords. Currently selected: {selected_count}',
+            'type': 'INSUFFICIENT_SELECTION',
+            'selected': selected_count,
+            'required': min_required
+        }
+    
+    # Check if enough available (even if not all selected)
+    if available_count < min_required:
+        return {
+            'valid': False,
+            'error': f'Not enough keywords available. Need at least {min_required} keywords, but only {available_count} exist.',
+            'type': 'INSUFFICIENT_AVAILABLE',
+            'available': available_count,
+            'required': min_required
+        }
+    
+    return {
+        'valid': True,
+        'selected': selected_count,
+        'available': available_count,
+        'required': min_required
+    }

backend/igny8_core/api/account_urls.py

@@ -0,0 +1,37 @@
+"""
+Account API URLs
+"""
+from django.urls import path
+from igny8_core.api.account_views import (
+    AccountSettingsViewSet,
+    TeamManagementViewSet,
+    UsageAnalyticsViewSet,
+    DashboardStatsViewSet
+)
+
+urlpatterns = [
+    # Account Settings
+    path('settings/', AccountSettingsViewSet.as_view({
+        'get': 'retrieve',
+        'patch': 'partial_update'
+    }), name='account-settings'),
+    
+    # Team Management
+    path('team/', TeamManagementViewSet.as_view({
+        'get': 'list',
+        'post': 'create'
+    }), name='team-list'),
+    path('team/<int:pk>/', TeamManagementViewSet.as_view({
+        'delete': 'destroy'
+    }), name='team-detail'),
+    
+    # Usage Analytics
+    path('usage/analytics/', UsageAnalyticsViewSet.as_view({
+        'get': 'overview'
+    }), name='usage-analytics'),
+    
+    # Dashboard Stats (real data for home page)
+    path('dashboard/stats/', DashboardStatsViewSet.as_view({
+        'get': 'stats'
+    }), name='dashboard-stats'),
+]

backend/igny8_core/api/account_views.py

@@ -0,0 +1,468 @@
+"""
+Account Management API Views
+Handles account settings, team management, and usage analytics
+"""
+from rest_framework import viewsets, status
+from rest_framework.decorators import action
+from rest_framework.response import Response
+from rest_framework.permissions import IsAuthenticated
+from django.contrib.auth import get_user_model
+from django.db.models import Q, Count, Sum
+from django.utils import timezone
+from datetime import timedelta
+from decimal import Decimal
+from drf_spectacular.utils import extend_schema, extend_schema_view
+
+from igny8_core.auth.models import Account
+from igny8_core.business.billing.models import CreditTransaction
+
+User = get_user_model()
+
+
+@extend_schema_view(
+    retrieve=extend_schema(tags=['Account']),
+    partial_update=extend_schema(tags=['Account']),
+)
+class AccountSettingsViewSet(viewsets.ViewSet):
+    """Account settings management"""
+    permission_classes = [IsAuthenticated]
+    
+    def retrieve(self, request):
+        """Get account settings"""
+        account = request.user.account
+        
+        return Response({
+            'id': account.id,
+            'name': account.name,
+            'slug': account.slug,
+            'billing_address_line1': account.billing_address_line1 or '',
+            'billing_address_line2': account.billing_address_line2 or '',
+            'billing_city': account.billing_city or '',
+            'billing_state': account.billing_state or '',
+            'billing_postal_code': account.billing_postal_code or '',
+            'billing_country': account.billing_country or '',
+            'tax_id': account.tax_id or '',
+            'billing_email': account.billing_email or '',
+            'credits': account.credits,
+            'created_at': account.created_at.isoformat(),
+            'updated_at': account.updated_at.isoformat(),
+        })
+    
+    def partial_update(self, request):
+        """Update account settings"""
+        account = request.user.account
+        
+        # Update allowed fields
+        allowed_fields = [
+            'name', 'billing_address_line1', 'billing_address_line2',
+            'billing_city', 'billing_state', 'billing_postal_code',
+            'billing_country', 'tax_id', 'billing_email'
+        ]
+        
+        for field in allowed_fields:
+            if field in request.data:
+                setattr(account, field, request.data[field])
+        
+        account.save()
+        
+        return Response({
+            'message': 'Account settings updated successfully',
+            'account': {
+                'id': account.id,
+                'name': account.name,
+                'slug': account.slug,
+                'billing_address_line1': account.billing_address_line1,
+                'billing_address_line2': account.billing_address_line2,
+                'billing_city': account.billing_city,
+                'billing_state': account.billing_state,
+                'billing_postal_code': account.billing_postal_code,
+                'billing_country': account.billing_country,
+                'tax_id': account.tax_id,
+                'billing_email': account.billing_email,
+            }
+        })
+
+
+@extend_schema_view(
+    list=extend_schema(tags=['Account']),
+    create=extend_schema(tags=['Account']),
+    destroy=extend_schema(tags=['Account']),
+)
+class TeamManagementViewSet(viewsets.ViewSet):
+    """Team members management"""
+    permission_classes = [IsAuthenticated]
+    
+    def list(self, request):
+        """List team members"""
+        account = request.user.account
+        users = User.objects.filter(account=account)
+        
+        return Response({
+            'results': [
+                {
+                    'id': user.id,
+                    'email': user.email,
+                    'first_name': user.first_name,
+                    'last_name': user.last_name,
+                    'is_active': user.is_active,
+                    'is_staff': user.is_staff,
+                    'date_joined': user.date_joined.isoformat(),
+                    'last_login': user.last_login.isoformat() if user.last_login else None,
+                }
+                for user in users
+            ],
+            'count': users.count()
+        })
+    
+    def create(self, request):
+        """Invite new team member"""
+        account = request.user.account
+        email = request.data.get('email')
+        
+        if not email:
+            return Response(
+                {'error': 'Email is required'},
+                status=status.HTTP_400_BAD_REQUEST
+            )
+        
+        # Check if user already exists
+        if User.objects.filter(email=email).exists():
+            return Response(
+                {'error': 'User with this email already exists'},
+                status=status.HTTP_400_BAD_REQUEST
+            )
+        
+        # Check hard limit for users BEFORE creating
+        from igny8_core.business.billing.services.limit_service import LimitService, HardLimitExceededError
+        try:
+            LimitService.check_hard_limit(account, 'users', additional_count=1)
+        except HardLimitExceededError as e:
+            return Response(
+                {'error': str(e)},
+                status=status.HTTP_400_BAD_REQUEST
+            )
+        
+        # Create user (simplified - in production, send invitation email)
+        user = User.objects.create_user(
+            email=email,
+            first_name=request.data.get('first_name', ''),
+            last_name=request.data.get('last_name', ''),
+            account=account
+        )
+        
+        return Response({
+            'message': 'Team member invited successfully',
+            'user': {
+                'id': user.id,
+                'email': user.email,
+                'first_name': user.first_name,
+                'last_name': user.last_name,
+            }
+        }, status=status.HTTP_201_CREATED)
+    
+    def destroy(self, request, pk=None):
+        """Remove team member"""
+        account = request.user.account
+        
+        try:
+            user = User.objects.get(id=pk, account=account)
+            
+            # Prevent removing yourself
+            if user.id == request.user.id:
+                return Response(
+                    {'error': 'Cannot remove yourself'},
+                    status=status.HTTP_400_BAD_REQUEST
+                )
+            
+            user.is_active = False
+            user.save()
+            
+            return Response({
+                'message': 'Team member removed successfully'
+            })
+        except User.DoesNotExist:
+            return Response(
+                {'error': 'User not found'},
+                status=status.HTTP_404_NOT_FOUND
+            )
+
+
+@extend_schema_view(
+    overview=extend_schema(tags=['Account']),
+)
+class UsageAnalyticsViewSet(viewsets.ViewSet):
+    """Usage analytics and statistics"""
+    permission_classes = [IsAuthenticated]
+    
+    @action(detail=False, methods=['get'])
+    def overview(self, request):
+        """Get usage analytics overview"""
+        account = request.user.account
+        
+        # Get date range (default: last 30 days)
+        days = int(request.query_params.get('days', 30))
+        start_date = timezone.now() - timedelta(days=days)
+        
+        # Get transactions in period
+        transactions = CreditTransaction.objects.filter(
+            account=account,
+            created_at__gte=start_date
+        )
+        
+        # Calculate totals by type
+        usage_by_type = transactions.filter(
+            amount__lt=0
+        ).values('transaction_type').annotate(
+            total=Sum('amount'),
+            count=Count('id')
+        )
+        
+        purchases_by_type = transactions.filter(
+            amount__gt=0
+        ).values('transaction_type').annotate(
+            total=Sum('amount'),
+            count=Count('id')
+        )
+        
+        # Daily usage
+        daily_usage = []
+        for i in range(days):
+            date = start_date + timedelta(days=i)
+            day_txns = transactions.filter(
+                created_at__date=date.date()
+            )
+            
+            usage = day_txns.filter(amount__lt=0).aggregate(Sum('amount'))['amount__sum'] or 0
+            purchases = day_txns.filter(amount__gt=0).aggregate(Sum('amount'))['amount__sum'] or 0
+            
+            daily_usage.append({
+                'date': date.date().isoformat(),
+                'usage': abs(usage),
+                'purchases': purchases,
+                'net': purchases + usage
+            })
+        
+        return Response({
+            'period_days': days,
+            'start_date': start_date.isoformat(),
+            'end_date': timezone.now().isoformat(),
+            'current_balance': account.credits,
+            'usage_by_type': list(usage_by_type),
+            'purchases_by_type': list(purchases_by_type),
+            'daily_usage': daily_usage,
+            'total_usage': abs(transactions.filter(amount__lt=0).aggregate(Sum('amount'))['amount__sum'] or 0),
+            'total_purchases': transactions.filter(amount__gt=0).aggregate(Sum('amount'))['amount__sum'] or 0,
+        })
+
+
+@extend_schema_view(
+    stats=extend_schema(tags=['Account']),
+)
+class DashboardStatsViewSet(viewsets.ViewSet):
+    """Dashboard statistics - real data for home page widgets"""
+    permission_classes = [IsAuthenticated]
+    
+    @action(detail=False, methods=['get'])
+    def stats(self, request):
+        """
+        Get dashboard statistics for the home page.
+        
+        Query params:
+        - site_id: Filter by site (optional, defaults to all sites)
+        - days: Number of days for AI operations (default: 7)
+        
+        Returns:
+        - ai_operations: Real credit usage by operation type
+        - recent_activity: Recent notifications
+        - content_velocity: Content created this week/month
+        - images_count: Actual total images count
+        - published_count: Actual published content count
+        """
+        account = request.user.account
+        site_id = request.query_params.get('site_id')
+        days = int(request.query_params.get('days', 7))
+        
+        # Import models here to avoid circular imports
+        from igny8_core.modules.writer.models import Images, Content
+        from igny8_core.modules.planner.models import Keywords, Clusters, ContentIdeas
+        from igny8_core.business.notifications.models import Notification
+        from igny8_core.business.billing.models import CreditUsageLog
+        from igny8_core.auth.models import Site
+        
+        # Build base filter for site
+        site_filter = {}
+        if site_id:
+            try:
+                site_filter['site_id'] = int(site_id)
+            except (ValueError, TypeError):
+                pass
+        
+        # ========== AI OPERATIONS (from CreditUsageLog) ==========
+        start_date = timezone.now() - timedelta(days=days)
+        usage_query = CreditUsageLog.objects.filter(
+            account=account,
+            created_at__gte=start_date
+        )
+        
+        # Get operations grouped by type
+        operations_data = usage_query.values('operation_type').annotate(
+            count=Count('id'),
+            credits=Sum('credits_used')
+        ).order_by('-credits')
+        
+        # Calculate totals
+        total_ops = usage_query.count()
+        total_credits = usage_query.aggregate(total=Sum('credits_used'))['total'] or 0
+        
+        # Format operations for frontend
+        operations = []
+        for op in operations_data:
+            op_type = op['operation_type'] or 'other'
+            operations.append({
+                'type': op_type,
+                'count': op['count'] or 0,
+                'credits': op['credits'] or 0,
+            })
+        
+        ai_operations = {
+            'period': f'{days}d',
+            'operations': operations,
+            'totals': {
+                'count': total_ops,
+                'credits': total_credits,
+                'successRate': 98.5,  # TODO: calculate from actual success/failure
+                'avgCreditsPerOp': round(total_credits / total_ops, 1) if total_ops > 0 else 0,
+            }
+        }
+        
+        # ========== RECENT ACTIVITY (from Notifications) ==========
+        recent_notifications = Notification.objects.filter(
+            account=account
+        ).order_by('-created_at')[:10]
+        
+        recent_activity = []
+        for notif in recent_notifications:
+            # Map notification type to activity type
+            activity_type_map = {
+                'ai_clustering_complete': 'clustering',
+                'ai_ideas_complete': 'ideas',
+                'ai_content_complete': 'content',
+                'ai_images_complete': 'images',
+                'ai_prompts_complete': 'images',
+                'content_published': 'published',
+                'wp_sync_success': 'published',
+            }
+            activity_type = activity_type_map.get(notif.notification_type, 'system')
+            
+            # Map notification type to href
+            href_map = {
+                'clustering': '/planner/clusters',
+                'ideas': '/planner/ideas',
+                'content': '/writer/content',
+                'images': '/writer/images',
+                'published': '/writer/published',
+            }
+            
+            recent_activity.append({
+                'id': str(notif.id),
+                'type': activity_type,
+                'title': notif.title,
+                'description': notif.message[:100] if notif.message else '',
+                'timestamp': notif.created_at.isoformat(),
+                'href': href_map.get(activity_type, '/dashboard'),
+            })
+        
+        # ========== CONTENT COUNTS ==========
+        content_base = Content.objects.filter(account=account)
+        if site_filter:
+            content_base = content_base.filter(**site_filter)
+        
+        total_content = content_base.count()
+        draft_content = content_base.filter(status='draft').count()
+        review_content = content_base.filter(status='review').count()
+        published_content = content_base.filter(status='published').count()
+        
+        # ========== IMAGES COUNT (actual images, not content with images) ==========
+        images_base = Images.objects.filter(account=account)
+        if site_filter:
+            images_base = images_base.filter(**site_filter)
+        
+        total_images = images_base.count()
+        generated_images = images_base.filter(status='generated').count()
+        pending_images = images_base.filter(status='pending').count()
+        
+        # ========== CONTENT VELOCITY ==========
+        now = timezone.now()
+        week_ago = now - timedelta(days=7)
+        month_ago = now - timedelta(days=30)
+        
+        # This week's content
+        week_content = content_base.filter(created_at__gte=week_ago).count()
+        week_images = images_base.filter(created_at__gte=week_ago).count()
+        
+        # This month's content
+        month_content = content_base.filter(created_at__gte=month_ago).count()
+        month_images = images_base.filter(created_at__gte=month_ago).count()
+        
+        # Estimate words (avg 1500 per article)
+        content_velocity = {
+            'thisWeek': {
+                'articles': week_content,
+                'words': week_content * 1500,
+                'images': week_images,
+            },
+            'thisMonth': {
+                'articles': month_content,
+                'words': month_content * 1500,
+                'images': month_images,
+            },
+            'total': {
+                'articles': total_content,
+                'words': total_content * 1500,
+                'images': total_images,
+            },
+            'trend': 0,  # TODO: calculate actual trend
+        }
+        
+        # ========== PIPELINE COUNTS ==========
+        keywords_base = Keywords.objects.filter(account=account)
+        clusters_base = Clusters.objects.filter(account=account)
+        ideas_base = ContentIdeas.objects.filter(account=account)
+        
+        if site_filter:
+            keywords_base = keywords_base.filter(**site_filter)
+            clusters_base = clusters_base.filter(**site_filter)
+            ideas_base = ideas_base.filter(**site_filter)
+        
+        # Get site count
+        sites_count = Site.objects.filter(account=account, is_active=True).count()
+        
+        pipeline = {
+            'sites': sites_count,
+            'keywords': keywords_base.count(),
+            'clusters': clusters_base.count(),
+            'ideas': ideas_base.count(),
+            'tasks': ideas_base.filter(status='queued').count() + ideas_base.filter(status='completed').count(),
+            'drafts': draft_content + review_content,
+            'published': published_content,
+        }
+        
+        return Response({
+            'ai_operations': ai_operations,
+            'recent_activity': recent_activity,
+            'content_velocity': content_velocity,
+            'pipeline': pipeline,
+            'counts': {
+                'content': {
+                    'total': total_content,
+                    'draft': draft_content,
+                    'review': review_content,
+                    'published': published_content,
+                },
+                'images': {
+                    'total': total_images,
+                    'generated': generated_images,
+                    'pending': pending_images,
+                },
+            }
+        })

backend/igny8_core/api/authentication.py

@@ -109,9 +109,11 @@ class APIKeyAuthentication(BaseAuthentication):
         
         try:
             from igny8_core.auth.models import Site, User
+            from igny8_core.auth.utils import validate_account_and_plan
+            from rest_framework.exceptions import AuthenticationFailed
             
             # Find site by API key
-            site = Site.objects.select_related('account', 'account__owner').filter(
+            site = Site.objects.select_related('account', 'account__owner', 'account__plan').filter(
                 wp_api_key=api_key,
                 is_active=True
             ).first()
@@ -119,10 +121,27 @@ class APIKeyAuthentication(BaseAuthentication):
             if not site:
                 return None  # API key not found or site inactive
             
-            # Get account and user
+            # Get account and validate it
             account = site.account
-            user = account.owner  # Use account owner as the authenticated user
+            if not account:
+                raise AuthenticationFailed('No account associated with this API key.')
             
+            # CRITICAL FIX: Validate account and plan status
+            is_valid, error_message, http_status = validate_account_and_plan(account)
+            if not is_valid:
+                raise AuthenticationFailed(error_message)
+            
+            # Get user (prefer owner but gracefully fall back)
+            user = account.owner
+            if not user or not getattr(user, 'is_active', False):
+                # Fall back to any active developer/owner/admin in the account
+                user = account.users.filter(
+                    is_active=True,
+                    role__in=['developer', 'owner', 'admin']
+                ).order_by('role').first() or account.users.filter(is_active=True).first()
+            
+            if not user:
+                raise AuthenticationFailed('No active user available for this account.')
             if not user.is_active:
                 raise AuthenticationFailed('User account is disabled.')
             

backend/igny8_core/api/base.py

@@ -19,34 +19,21 @@ class AccountModelViewSet(viewsets.ModelViewSet):
         # Filter by account if model has account field
         if hasattr(queryset.model, 'account'):
             user = getattr(self.request, 'user', None)
-            
-            # ADMIN/DEV/SYSTEM ACCOUNT OVERRIDE: Skip account filtering for:
-            # - Admins and developers (by role)
-            # - Users in system accounts (aws-admin, default-account)
+
             if user and hasattr(user, 'is_authenticated') and user.is_authenticated:
                 try:
-                    # Check if user has admin/developer privileges
-                    is_admin_or_dev = (hasattr(user, 'is_admin_or_developer') and user.is_admin_or_developer()) if user else False
-                    is_system_user = (hasattr(user, 'is_system_account_user') and user.is_system_account_user()) if user else False
-                    
-                    if is_admin_or_dev or is_system_user:
-                        # Skip account filtering - allow all accounts
-                        pass
+                    account = getattr(self.request, 'account', None)
+                    if not account and hasattr(self.request, 'user') and self.request.user and hasattr(self.request.user, 'is_authenticated') and self.request.user.is_authenticated:
+                        user_account = getattr(self.request.user, 'account', None)
+                        if user_account:
+                            account = user_account
+
+                    if account:
+                        queryset = queryset.filter(account=account)
                     else:
-                        # Get account from request (set by middleware)
-                        account = getattr(self.request, 'account', None)
-                        if account:
-                            queryset = queryset.filter(account=account)
-                        elif hasattr(self.request, 'user') and self.request.user and hasattr(self.request.user, 'is_authenticated') and self.request.user.is_authenticated:
-                            # Fallback to user's account
-                            try:
-                                user_account = getattr(self.request.user, 'account', None)
-                                if user_account:
-                                    queryset = queryset.filter(account=user_account)
-                            except (AttributeError, Exception):
-                                # If account access fails (e.g., column mismatch), skip account filtering
-                                pass
-                except (AttributeError, TypeError) as e:
+                        # No account context -> block access
+                        return queryset.none()
+                except (AttributeError, TypeError):
                     # If there's an error accessing user attributes, return empty queryset
                     return queryset.none()
             else:
@@ -61,11 +48,11 @@ class AccountModelViewSet(viewsets.ModelViewSet):
             try:
                 account = getattr(self.request.user, 'account', None)
             except (AttributeError, Exception):
-                # If account access fails (e.g., column mismatch), set to None
                 account = None
-        
-        # If model has account field, set it
-        if account and hasattr(serializer.Meta.model, 'account'):
+
+        if hasattr(serializer.Meta.model, 'account'):
+            if not account:
+                raise PermissionDenied("Account context is required to create this object.")
             serializer.save(account=account)
         else:
             serializer.save()
@@ -181,7 +168,26 @@ class AccountModelViewSet(viewsets.ModelViewSet):
         """
         try:
             instance = self.get_object()
-            self.perform_destroy(instance)
+            # Protect system account
+            if hasattr(instance, 'slug') and getattr(instance, 'slug', '') == 'aws-admin':
+                from django.core.exceptions import PermissionDenied
+                raise PermissionDenied("System account cannot be deleted.")
+
+            if hasattr(instance, 'soft_delete'):
+                user = getattr(request, 'user', None)
+                retention_days = None
+                account = getattr(instance, 'account', None)
+                if account and hasattr(account, 'deletion_retention_days'):
+                    retention_days = account.deletion_retention_days
+                elif hasattr(instance, 'deletion_retention_days'):
+                    retention_days = getattr(instance, 'deletion_retention_days', None)
+                instance.soft_delete(
+                    user=user if getattr(user, 'is_authenticated', False) else None,
+                    retention_days=retention_days,
+                    reason='api_delete'
+                )
+            else:
+                self.perform_destroy(instance)
             return success_response(
                 data=None,
                 message='Deleted successfully',
@@ -234,24 +240,16 @@ class SiteSectorModelViewSet(AccountModelViewSet):
             # Check if user is authenticated and is a proper User instance (not AnonymousUser)
             if user and hasattr(user, 'is_authenticated') and user.is_authenticated and hasattr(user, 'get_accessible_sites'):
                 try:
-                    # ADMIN/DEV/SYSTEM ACCOUNT OVERRIDE: Developers, admins, and system account users 
-                    # can see all data regardless of site/sector
-                    if (hasattr(user, 'is_admin_or_developer') and user.is_admin_or_developer()) or \
-                       (hasattr(user, 'is_system_account_user') and user.is_system_account_user()):
-                        # Skip site/sector filtering for admins, developers, and system account users
-                        # But still respect optional query params if provided
-                        pass
+                    # Get user's accessible sites
+                    accessible_sites = user.get_accessible_sites()
+                    
+                    # If no accessible sites, return empty queryset
+                    if not accessible_sites.exists():
+                        queryset = queryset.none()
                     else:
-                        # Get user's accessible sites
-                        accessible_sites = user.get_accessible_sites()
-                        
-                        # If no accessible sites, return empty queryset (unless admin/developer/system account)
-                        if not accessible_sites.exists():
-                            queryset = queryset.none()
-                        else:
-                            # Filter by accessible sites
-                            queryset = queryset.filter(site__in=accessible_sites)
-                except (AttributeError, TypeError) as e:
+                        # Filter by accessible sites
+                        queryset = queryset.filter(site__in=accessible_sites)
+                except (AttributeError, TypeError):
                     # If there's an error accessing user attributes, return empty queryset
                     queryset = queryset.none()
             else:
@@ -276,21 +274,14 @@ class SiteSectorModelViewSet(AccountModelViewSet):
                     # Convert site_id to int if it's a string
                     site_id_int = int(site_id) if site_id else None
                     if site_id_int:
-                        # ADMIN/DEV/SYSTEM ACCOUNT OVERRIDE: Admins, developers, and system account users 
-                        # can filter by any site, others must verify access
                         if user and hasattr(user, 'is_authenticated') and user.is_authenticated and hasattr(user, 'get_accessible_sites'):
                             try:
-                                if (hasattr(user, 'is_admin_or_developer') and user.is_admin_or_developer()) or \
-                                   (hasattr(user, 'is_system_account_user') and user.is_system_account_user()):
-                                    # Admin/Developer/System Account User can filter by any site
+                                accessible_sites = user.get_accessible_sites()
+                                if accessible_sites.filter(id=site_id_int).exists():
                                     queryset = queryset.filter(site_id=site_id_int)
                                 else:
-                                    accessible_sites = user.get_accessible_sites()
-                                    if accessible_sites.filter(id=site_id_int).exists():
-                                        queryset = queryset.filter(site_id=site_id_int)
-                                    else:
-                                        queryset = queryset.none()  # Site not accessible
-                            except (AttributeError, TypeError) as e:
+                                    queryset = queryset.none()  # Site not accessible
+                            except (AttributeError, TypeError):
                                 # If there's an error accessing user attributes, return empty queryset
                                 queryset = queryset.none()
                         else:
@@ -350,14 +341,10 @@ class SiteSectorModelViewSet(AccountModelViewSet):
             
             if user and hasattr(user, 'is_authenticated') and user.is_authenticated and site:
                 try:
-                    # ADMIN/DEV/SYSTEM ACCOUNT OVERRIDE: Admins, developers, and system account users 
-                    # can create in any site, others must verify access
-                    if not ((hasattr(user, 'is_admin_or_developer') and user.is_admin_or_developer()) or 
-                            (hasattr(user, 'is_system_account_user') and user.is_system_account_user())):
-                        if hasattr(user, 'get_accessible_sites'):
-                            accessible_sites = user.get_accessible_sites()
-                            if not accessible_sites.filter(id=site.id).exists():
-                                raise PermissionDenied("You do not have access to this site")
+                    if hasattr(user, 'get_accessible_sites'):
+                        accessible_sites = user.get_accessible_sites()
+                        if not accessible_sites.filter(id=site.id).exists():
+                            raise PermissionDenied("You do not have access to this site")
                     
                     # Verify sector belongs to site
                     if sector and hasattr(sector, 'site') and sector.site != site:

backend/igny8_core/api/permissions.py

@@ -12,13 +12,23 @@ class IsAuthenticatedAndActive(permissions.BasePermission):
     Base permission for most endpoints
     """
     def has_permission(self, request, view):
+        import logging
+        logger = logging.getLogger(__name__)
+        
         if not request.user or not request.user.is_authenticated:
+            logger.warning(f"[IsAuthenticatedAndActive] DENIED: User not authenticated")
             return False
         
         # Check if user is active
         if hasattr(request.user, 'is_active'):
-            return request.user.is_active
+            is_active = request.user.is_active
+            if is_active:
+                logger.info(f"[IsAuthenticatedAndActive] ALLOWED: User {request.user.email} is active")
+            else:
+                logger.warning(f"[IsAuthenticatedAndActive] DENIED: User {request.user.email} is inactive")
+            return is_active
         
+        logger.info(f"[IsAuthenticatedAndActive] ALLOWED: User {request.user.email} (no is_active check)")
         return True
 
 
@@ -26,45 +36,41 @@ class HasTenantAccess(permissions.BasePermission):
     """
     Permission class that requires user to belong to the tenant/account
     Ensures tenant isolation
+    Superusers, developers, and system account users bypass this check.
+    
+    CRITICAL: Every authenticated user MUST have an account.
+    The middleware sets request.account from request.user.account.
+    If a user doesn't have an account, it's a data integrity issue.
     """
     def has_permission(self, request, view):
+        import logging
+        logger = logging.getLogger(__name__)
+        
         if not request.user or not request.user.is_authenticated:
+            logger.warning(f"[HasTenantAccess] DENIED: User not authenticated")
             return False
         
-        # Get account from request (set by middleware)
-        account = getattr(request, 'account', None)
+        # SIMPLIFIED LOGIC: Every authenticated user MUST have an account
+        # Middleware already set request.account from request.user.account
+        # Just verify it exists
+        if not hasattr(request.user, 'account'):
+            logger.warning(f"[HasTenantAccess] DENIED: User {request.user.email} has no account attribute")
+            return False
         
-        # If no account in request, try to get from user
-        if not account and hasattr(request.user, 'account'):
-            try:
-                account = request.user.account
-            except (AttributeError, Exception):
-                pass
-        
-        # Admin/Developer/System account users bypass tenant check
-        if request.user and hasattr(request.user, 'is_authenticated') and request.user.is_authenticated:
-            try:
-                is_admin_or_dev = (hasattr(request.user, 'is_admin_or_developer') and 
-                                 request.user.is_admin_or_developer()) if request.user else False
-                is_system_user = (hasattr(request.user, 'is_system_account_user') and 
-                                request.user.is_system_account_user()) if request.user else False
-                
-                if is_admin_or_dev or is_system_user:
-                    return True
-            except (AttributeError, TypeError):
-                pass
-        
-        # Regular users must have account access
-        if account:
-            # Check if user belongs to this account
-            if hasattr(request.user, 'account'):
-                try:
-                    user_account = request.user.account
-                    return user_account == account or user_account.id == account.id
-                except (AttributeError, Exception):
-                    pass
-        
-        return False
+        try:
+            # Access the account to trigger any lazy loading
+            user_account = request.user.account
+            if not user_account:
+                logger.warning(f"[HasTenantAccess] DENIED: User {request.user.email} has NULL account")
+                return False
+            
+            # Success - user has a valid account
+            logger.info(f"[HasTenantAccess] ALLOWED: User {request.user.email} has account {user_account.name} (ID: {user_account.id})")
+            return True
+        except (AttributeError, Exception) as e:
+            # User doesn't have account relationship - data integrity issue
+            logger.warning(f"[HasTenantAccess] DENIED: User {request.user.email} account access failed: {e}")
+            return False
 
 
 class IsViewerOrAbove(permissions.BasePermission):
@@ -73,28 +79,26 @@ class IsViewerOrAbove(permissions.BasePermission):
     For read-only operations
     """
     def has_permission(self, request, view):
-        if not request.user or not request.user.is_authenticated:
-            return False
+        import logging
+        logger = logging.getLogger(__name__)
         
-        # Admin/Developer/System account users always have access
-        try:
-            is_admin_or_dev = (hasattr(request.user, 'is_admin_or_developer') and 
-                             request.user.is_admin_or_developer()) if request.user else False
-            is_system_user = (hasattr(request.user, 'is_system_account_user') and 
-                            request.user.is_system_account_user()) if request.user else False
-            
-            if is_admin_or_dev or is_system_user:
-                return True
-        except (AttributeError, TypeError):
-            pass
+        if not request.user or not request.user.is_authenticated:
+            logger.warning(f"[IsViewerOrAbove] DENIED: User not authenticated")
+            return False
         
         # Check user role
         if hasattr(request.user, 'role'):
             role = request.user.role
             # viewer, editor, admin, owner all have access
-            return role in ['viewer', 'editor', 'admin', 'owner']
+            allowed = role in ['viewer', 'editor', 'admin', 'owner']
+            if allowed:
+                logger.info(f"[IsViewerOrAbove] ALLOWED: User {request.user.email} has role {role}")
+            else:
+                logger.warning(f"[IsViewerOrAbove] DENIED: User {request.user.email} has invalid role {role}")
+            return allowed
         
         # If no role system, allow authenticated users
+        logger.info(f"[IsViewerOrAbove] ALLOWED: User {request.user.email} (no role system)")
         return True
 
 
@@ -107,18 +111,6 @@ class IsEditorOrAbove(permissions.BasePermission):
         if not request.user or not request.user.is_authenticated:
             return False
         
-        # Admin/Developer/System account users always have access
-        try:
-            is_admin_or_dev = (hasattr(request.user, 'is_admin_or_developer') and 
-                             request.user.is_admin_or_developer()) if request.user else False
-            is_system_user = (hasattr(request.user, 'is_system_account_user') and 
-                            request.user.is_system_account_user()) if request.user else False
-            
-            if is_admin_or_dev or is_system_user:
-                return True
-        except (AttributeError, TypeError):
-            pass
-        
         # Check user role
         if hasattr(request.user, 'role'):
             role = request.user.role
@@ -132,23 +124,21 @@ class IsEditorOrAbove(permissions.BasePermission):
 class IsAdminOrOwner(permissions.BasePermission):
     """
     Permission class that requires admin or owner role only
+    OR user belongs to aws-admin account
     For settings, keys, billing operations
     """
     def has_permission(self, request, view):
         if not request.user or not request.user.is_authenticated:
             return False
         
-        # Admin/Developer/System account users always have access
-        try:
-            is_admin_or_dev = (hasattr(request.user, 'is_admin_or_developer') and 
-                             request.user.is_admin_or_developer()) if request.user else False
-            is_system_user = (hasattr(request.user, 'is_system_account_user') and 
-                            request.user.is_system_account_user()) if request.user else False
-            
-            if is_admin_or_dev or is_system_user:
+        # Check if user belongs to aws-admin account (case-insensitive)
+        if hasattr(request.user, 'account') and request.user.account:
+            account_name = getattr(request.user.account, 'name', None)
+            account_slug = getattr(request.user.account, 'slug', None)
+            if account_name and account_name.lower() == 'aws admin':
+                return True
+            if account_slug == 'aws-admin':
                 return True
-        except (AttributeError, TypeError):
-            pass
         
         # Check user role
         if hasattr(request.user, 'role'):
@@ -158,5 +148,3 @@ class IsAdminOrOwner(permissions.BasePermission):
         
         # If no role system, deny by default for security
         return False
-
-

backend/igny8_core/api/schema_extensions.py

@@ -8,7 +8,20 @@ from drf_spectacular.utils import extend_schema, OpenApiResponse
 from rest_framework import status
 
 # Explicit tags we want to keep (from SPECTACULAR_SETTINGS)
-EXPLICIT_TAGS = {'Authentication', 'Planner', 'Writer', 'System', 'Billing'}
+EXPLICIT_TAGS = {
+    'Authentication',
+    'Planner',
+    'Writer',
+    'System',
+    'Billing',
+    'Account',
+    'Automation',
+    'Linker',
+    'Optimizer',
+    'Publisher',
+    'Integration',
+    'Admin Billing',
+}
 
 
 def postprocess_schema_filter_tags(result, generator, request, public):
@@ -21,6 +34,11 @@ def postprocess_schema_filter_tags(result, generator, request, public):
         for path, methods in result['paths'].items():
             for method, operation in methods.items():
                 if isinstance(operation, dict) and 'tags' in operation:
+                    # Explicitly exclude system webhook from tagging/docs grouping
+                    if '/system/webhook' in path:
+                        operation['tags'] = []
+                        continue
+
                     # Keep only explicit tags from the operation
                     filtered_tags = [
                         tag for tag in operation['tags']
@@ -41,6 +59,20 @@ def postprocess_schema_filter_tags(result, generator, request, public):
                             filtered_tags = ['System']
                         elif '/billing/' in path or '/api/v1/billing/' in path:
                             filtered_tags = ['Billing']
+                        elif '/account/' in path or '/api/v1/account/' in path:
+                            filtered_tags = ['Account']
+                        elif '/automation/' in path or '/api/v1/automation/' in path:
+                            filtered_tags = ['Automation']
+                        elif '/linker/' in path or '/api/v1/linker/' in path:
+                            filtered_tags = ['Linker']
+                        elif '/optimizer/' in path or '/api/v1/optimizer/' in path:
+                            filtered_tags = ['Optimizer']
+                        elif '/publisher/' in path or '/api/v1/publisher/' in path:
+                            filtered_tags = ['Publisher']
+                        elif '/integration/' in path or '/api/v1/integration/' in path:
+                            filtered_tags = ['Integration']
+                        elif '/admin/' in path or '/api/v1/admin/' in path:
+                            filtered_tags = ['Admin Billing']
                     
                     operation['tags'] = filtered_tags
     

backend/igny8_core/api/tests/test_ai_framework.py

@@ -140,7 +140,7 @@ class GetModelConfigTestCase(TestCase):
     
     def test_get_model_config_json_mode_models(self):
         """Test get_model_config() sets response_format for JSON mode models"""
-        json_models = ['gpt-4o', 'gpt-4o-mini', 'gpt-4-turbo-preview']
+        json_models = ['gpt-4o', 'gpt-4o-mini', 'gpt-4-turbo-preview', 'gpt-5.1', 'gpt-5.2']
         
         for model in json_models:
             IntegrationSettings.objects.filter(account=self.account).delete()

backend/igny8_core/api/tests/test_integration_base.py

@@ -79,7 +79,7 @@ class IntegrationTestBase(TestCase):
             sector=self.industry_sector,
             volume=1000,
             difficulty=50,
-            intent="informational"
+            country="US"
         )
         
         # Authenticate client

backend/igny8_core/api/throttles.py

@@ -21,15 +21,12 @@ class DebugScopedRateThrottle(ScopedRateThrottle):
     
     def allow_request(self, request, view):
         """
-        Check if request should be throttled
-        
-        Bypasses throttling if:
-        - DEBUG mode is True
-        - IGNY8_DEBUG_THROTTLE environment variable is True
-        - User belongs to aws-admin or other system accounts
-        - User is admin/developer role
-        - Public blueprint list request with site filter (for Sites Renderer)
+        Check if request should be throttled.
+        DISABLED - Always allow all requests.
         """
+        return True
+        
+        # OLD CODE BELOW (DISABLED)
         # Check if throttling should be bypassed
         debug_bypass = getattr(settings, 'DEBUG', False)
         env_bypass = getattr(settings, 'IGNY8_DEBUG_THROTTLE', False)
@@ -41,21 +38,7 @@ class DebugScopedRateThrottle(ScopedRateThrottle):
                 if not request.user or not hasattr(request.user, 'is_authenticated') or not request.user.is_authenticated:
                     public_blueprint_bypass = True
         
-        # Bypass for system account users (aws-admin, default-account, etc.)
-        system_account_bypass = False
-        if hasattr(request, 'user') and request.user and hasattr(request.user, 'is_authenticated') and request.user.is_authenticated:
-            try:
-                # Check if user is in system account (aws-admin, default-account, default)
-                if hasattr(request.user, 'is_system_account_user') and request.user.is_system_account_user():
-                    system_account_bypass = True
-                # Also bypass for admin/developer roles
-                elif hasattr(request.user, 'is_admin_or_developer') and request.user.is_admin_or_developer():
-                    system_account_bypass = True
-            except (AttributeError, Exception):
-                # If checking fails, continue with normal throttling
-                pass
-        
-        if debug_bypass or env_bypass or system_account_bypass or public_blueprint_bypass:
+        if debug_bypass or env_bypass or public_blueprint_bypass:
             # In debug mode or for system accounts, still set throttle headers but don't actually throttle
             # This allows testing throttle headers without blocking requests
             if hasattr(self, 'get_rate'):
@@ -76,9 +59,27 @@ class DebugScopedRateThrottle(ScopedRateThrottle):
                         }
             return True
         
-        # Normal throttling behavior
+        # Normal throttling with per-account keying
         return super().allow_request(request, view)
     
+    def get_cache_key(self, request, view):
+        """
+        Override to add account-based throttle keying.
+        Keys by (scope, account.id) instead of just user.
+        """
+        if not self.scope:
+            return None
+        
+        # Get account from request
+        account = getattr(request, 'account', None)
+        if not account and hasattr(request, 'user') and request.user and request.user.is_authenticated:
+            account = getattr(request.user, 'account', None)
+        
+        account_id = account.id if account else 'anon'
+        
+        # Build throttle key: scope:account_id
+        return f'{self.scope}:{account_id}'
+    
     def get_rate(self):
         """
         Get rate for the current scope

backend/igny8_core/api/urls.py

@@ -0,0 +1,35 @@
+"""
+URL patterns for account management API
+"""
+from django.urls import path, include
+from rest_framework.routers import DefaultRouter
+from .account_views import (
+    AccountSettingsViewSet,
+    TeamManagementViewSet,
+    UsageAnalyticsViewSet,
+    DashboardStatsViewSet
+)
+from igny8_core.modules.system.settings_views import ContentGenerationSettingsViewSet
+
+router = DefaultRouter()
+
+urlpatterns = [
+    # Account settings (non-router endpoints for simplified access)
+    path('settings/', AccountSettingsViewSet.as_view({'get': 'retrieve', 'patch': 'partial_update'}), name='account-settings'),
+    
+    # AI Settings - Content Generation Settings per the plan
+    # GET/POST /api/v1/account/settings/ai/
+    path('settings/ai/', ContentGenerationSettingsViewSet.as_view({'get': 'list', 'post': 'create', 'put': 'create'}), name='ai-settings'),
+    
+    # Team management
+    path('team/', TeamManagementViewSet.as_view({'get': 'list', 'post': 'create'}), name='team-list'),
+    path('team/<int:pk>/', TeamManagementViewSet.as_view({'delete': 'destroy'}), name='team-detail'),
+    
+    # Usage analytics
+    path('usage/analytics/', UsageAnalyticsViewSet.as_view({'get': 'overview'}), name='usage-analytics'),
+    
+    # Dashboard stats (real data for home page)
+    path('dashboard/stats/', DashboardStatsViewSet.as_view({'get': 'stats'}), name='dashboard-stats'),
+    
+    path('', include(router.urls)),
+]

backend/igny8_core/auth/backends.py

@@ -0,0 +1,35 @@
+"""
+Custom Authentication Backend - No Caching
+Prevents cross-request user contamination by disabling Django's default user caching
+"""
+from django.contrib.auth.backends import ModelBackend
+
+
+class NoCacheModelBackend(ModelBackend):
+    """
+    Custom authentication backend that disables user object caching.
+    
+    Django's default ModelBackend caches the user object in thread-local storage,
+    which can cause cross-request contamination when the same worker process
+    handles requests from different users.
+    
+    This backend forces a fresh DB query on EVERY request to prevent user swapping.
+    """
+    
+    def get_user(self, user_id):
+        """
+        Get user from database WITHOUT caching.
+        
+        This overrides the default behavior which caches user objects
+        at the process level, causing session contamination.
+        """
+        from django.contrib.auth import get_user_model
+        UserModel = get_user_model()
+        
+        try:
+            # CRITICAL: Use select_related to load account/plan in ONE query
+            # But do NOT cache the result - return fresh object every time
+            user = UserModel.objects.select_related('account', 'account__plan').get(pk=user_id)
+            return user
+        except UserModel.DoesNotExist:
+            return None

backend/igny8_core/auth/management/commands/cleanup_sessions.py

@@ -0,0 +1,82 @@
+"""
+Management command to clean up expired and orphaned sessions
+Helps prevent session contamination and reduces DB bloat
+"""
+from django.core.management.base import BaseCommand
+from django.contrib.sessions.models import Session
+from django.contrib.auth import get_user_model
+from datetime import datetime, timedelta
+
+User = get_user_model()
+
+class Command(BaseCommand):
+    help = 'Clean up expired sessions and detect session contamination'
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            '--dry-run',
+            action='store_true',
+            help='Show what would be deleted without actually deleting',
+        )
+        parser.add_argument(
+            '--days',
+            type=int,
+            default=7,
+            help='Delete sessions older than X days (default: 7)',
+        )
+
+    def handle(self, *args, **options):
+        dry_run = options['dry_run']
+        days = options['days']
+        cutoff_date = datetime.now() - timedelta(days=days)
+        
+        # Get all sessions
+        all_sessions = Session.objects.all()
+        expired_sessions = Session.objects.filter(expire_date__lt=datetime.now())
+        old_sessions = Session.objects.filter(expire_date__lt=cutoff_date)
+        
+        self.stdout.write(f"\n📊 Session Statistics:")
+        self.stdout.write(f"   Total sessions: {all_sessions.count()}")
+        self.stdout.write(f"   Expired sessions: {expired_sessions.count()}")
+        self.stdout.write(f"   Sessions older than {days} days: {old_sessions.count()}")
+        
+        # Count sessions by user
+        user_sessions = {}
+        for session in all_sessions:
+            try:
+                data = session.get_decoded()
+                user_id = data.get('_auth_user_id')
+                if user_id:
+                    user = User.objects.get(id=user_id)
+                    key = f"{user.username} ({user.account.slug if user.account else 'no-account'})"
+                    user_sessions[key] = user_sessions.get(key, 0) + 1
+            except:
+                pass
+        
+        if user_sessions:
+            self.stdout.write(f"\n📈 Active sessions by user:")
+            for user_key, count in sorted(user_sessions.items(), key=lambda x: x[1], reverse=True)[:10]:
+                indicator = "⚠️ " if count > 20 else "   "
+                self.stdout.write(f"{indicator}{user_key}: {count} sessions")
+        
+        # Delete expired sessions
+        if expired_sessions.exists():
+            if dry_run:
+                self.stdout.write(self.style.WARNING(f"\n[DRY RUN] Would delete {expired_sessions.count()} expired sessions"))
+            else:
+                count = expired_sessions.delete()[0]
+                self.stdout.write(self.style.SUCCESS(f"\n✓ Deleted {count} expired sessions"))
+        else:
+            self.stdout.write(f"\n✓ No expired sessions to clean")
+        
+        # Detect potential contamination
+        warnings = []
+        for user_key, count in user_sessions.items():
+            if count > 50:
+                warnings.append(f"User '{user_key}' has {count} active sessions (potential proliferation)")
+        
+        if warnings:
+            self.stdout.write(self.style.WARNING(f"\n⚠️  Contamination Warnings:"))
+            for warning in warnings:
+                self.stdout.write(self.style.WARNING(f"   {warning}"))
+            self.stdout.write(f"\n💡 Consider running: python manage.py clearsessions")

backend/igny8_core/auth/management/commands/create_aws_admin_tenant.py

@@ -25,18 +25,7 @@ class Command(BaseCommand):
                     'max_users': 999999,
                     'max_sites': 999999,
                     'max_keywords': 999999,
-                    'max_clusters': 999999,
-                    'max_content_ideas': 999999,
-                    'monthly_word_count_limit': 999999999,
-                    'daily_content_tasks': 999999,
-                    'daily_ai_requests': 999999,
-                    'daily_ai_request_limit': 999999,
-                    'monthly_ai_credit_limit': 999999,
-                    'monthly_image_count': 999999,
-                    'daily_image_generation_limit': 999999,
-                    'monthly_cluster_ai_credits': 999999,
-                    'monthly_content_ai_credits': 999999,
-                    'monthly_image_ai_credits': 999999,
+                    'max_ahrefs_queries': 999999,
                     'included_credits': 999999,
                     'is_active': True,
                     'features': ['ai_writer', 'image_gen', 'auto_publish', 'custom_prompts', 'unlimited'],

backend/igny8_core/auth/management/commands/create_free_trial_plan.py

@@ -0,0 +1,57 @@
+"""
+Management command to create or update the Free Trial plan
+"""
+from django.core.management.base import BaseCommand
+from igny8_core.auth.models import Plan
+
+
+class Command(BaseCommand):
+    help = 'Create or update the Free Trial plan for signup'
+
+    def handle(self, *args, **options):
+        self.stdout.write('Creating/updating Free Trial plan...')
+        
+        plan, created = Plan.objects.update_or_create(
+            slug='free-trial',
+            defaults={
+                'name': 'Free Trial',
+                'price': 0.00,
+                'billing_cycle': 'monthly',
+                'included_credits': 2000,  # 2000 credits for trial
+                'credits_per_month': 2000,  # Legacy field
+                'max_sites': 1,
+                'max_users': 1,
+                'max_industries': 3,  # 3 sectors per site
+                'max_author_profiles': 2,
+                'is_active': True,
+                'features': ['ai_writer', 'planner', 'basic_support'],
+                'allow_credit_topup': False,  # No top-up during trial
+                'extra_credit_price': 0.00,
+            }
+        )
+        
+        if created:
+            self.stdout.write(self.style.SUCCESS(
+                f'✓ Created Free Trial plan (ID: {plan.id})'
+            ))
+        else:
+            self.stdout.write(self.style.SUCCESS(
+                f'✓ Updated Free Trial plan (ID: {plan.id})'
+            ))
+        
+        self.stdout.write(self.style.SUCCESS(
+            f'  - Credits: {plan.included_credits}'
+        ))
+        self.stdout.write(self.style.SUCCESS(
+            f'  - Max Sites: {plan.max_sites}'
+        ))
+        self.stdout.write(self.style.SUCCESS(
+            f'  - Max Sectors: {plan.max_industries}'
+        ))
+        self.stdout.write(self.style.SUCCESS(
+            f'  - Status: {"Active" if plan.is_active else "Inactive"}'
+        ))
+        
+        self.stdout.write(self.style.SUCCESS(
+            '\nFree Trial plan is ready for signup!'
+        ))

backend/igny8_core/auth/management/commands/purge_soft_deleted.py

@@ -0,0 +1,42 @@
+from django.core.management.base import BaseCommand
+from django.utils import timezone
+
+from igny8_core.auth.models import Account, Site, Sector
+from igny8_core.business.planning.models import Clusters, Keywords, ContentIdeas
+from igny8_core.business.content.models import Tasks, Content, Images
+
+
+class Command(BaseCommand):
+    help = "Permanently delete soft-deleted records whose retention window has expired."
+
+    def handle(self, *args, **options):
+        now = timezone.now()
+        total_deleted = 0
+
+        models = [
+            Account,
+            Site,
+            Sector,
+            Clusters,
+            Keywords,
+            ContentIdeas,
+            Tasks,
+            Content,
+            Images,
+        ]
+
+        for model in models:
+            qs = model.all_objects.filter(is_deleted=True, restore_until__lt=now)
+            if model is Account:
+                qs = qs.exclude(slug='aws-admin')
+            count = qs.count()
+            if count:
+                qs.delete()
+                total_deleted += count
+                self.stdout.write(self.style.SUCCESS(f"Purged {count} {model.__name__} record(s)."))
+
+        if total_deleted == 0:
+            self.stdout.write("No expired soft-deleted records to purge.")
+        else:
+            self.stdout.write(self.style.SUCCESS(f"Total purged: {total_deleted}"))
+

backend/igny8_core/auth/middleware.py

@@ -2,10 +2,27 @@
 Multi-Account Middleware
 Extracts account from JWT token and injects into request context
 """
+import logging
 from django.utils.deprecation import MiddlewareMixin
 from django.http import JsonResponse
 from django.contrib.auth import logout
 from rest_framework import status
+import json
+from datetime import datetime
+
+logger = logging.getLogger('auth.middleware')
+
+# Logout reason codes for precise tracking
+LOGOUT_REASONS = {
+    'SESSION_ACCOUNT_MISMATCH': 'Session contamination: account ID mismatch',
+    'SESSION_USER_MISMATCH': 'Session contamination: user ID mismatch',
+    'ACCOUNT_MISSING': 'Account not configured for this user',
+    'ACCOUNT_SUSPENDED': 'Account is suspended',
+    'ACCOUNT_CANCELLED': 'Account is cancelled',
+    'PLAN_MISSING': 'No subscription plan assigned',
+    'PLAN_INACTIVE': 'Subscription plan is inactive',
+    'USER_INACTIVE': 'User account is inactive',
+}
 
 try:
     import jwt
@@ -31,35 +48,25 @@ class AccountContextMiddleware(MiddlewareMixin):
         # First, try to get user from Django session (cookie-based auth)
         # This handles cases where frontend uses credentials: 'include' with session cookies
         if hasattr(request, 'user') and request.user and request.user.is_authenticated:
-            # User is authenticated via session - refresh from DB to get latest account/plan data
-            # This ensures changes to account/plan are reflected immediately without re-login
+            # CRITICAL FIX: Never query DB again or mutate request.user
+            # Django's AuthenticationMiddleware already loaded the user correctly
+            # Just use it directly and set request.account from the ALREADY LOADED relationship
             try:
-                from .models import User as UserModel
-                # Refresh user from DB with account and plan relationships to get latest data
-                # This is important so account/plan changes are reflected immediately
-                user = UserModel.objects.select_related('account', 'account__plan').get(id=request.user.id)
-                # Update request.user with fresh data
-                request.user = user
-                # Get account from refreshed user
-                user_account = getattr(user, 'account', None)
-                validation_error = self._validate_account_and_plan(request, user)
+                # Validate account/plan - but use the user object already set by Django
+                validation_error = self._validate_account_and_plan(request, request.user)
                 if validation_error:
                     return validation_error
-                request.account = getattr(user, 'account', None)
+                
+                # Set request.account from the user's account relationship
+                # This is already loaded, no need to query DB again
+                request.account = getattr(request.user, 'account', None)
+                
+                # REMOVED: Session contamination checks on every request
+                # These were causing random logouts - session integrity handled by Django
+                
                 return None
-            except (AttributeError, UserModel.DoesNotExist, Exception):
-                # If refresh fails, fallback to cached account
-                try:
-                    user_account = getattr(request.user, 'account', None)
-                    if user_account:
-                        validation_error = self._validate_account_and_plan(request, request.user)
-                        if validation_error:
-                            return validation_error
-                        request.account = user_account
-                        return None
-                except (AttributeError, Exception):
-                    pass
-                # If account access fails (e.g., column mismatch), set to None
+            except (AttributeError, Exception):
+                # If anything fails, just set account to None and continue
                 request.account = None
                 return None
         
@@ -132,42 +139,58 @@ class AccountContextMiddleware(MiddlewareMixin):
     def _validate_account_and_plan(self, request, user):
         """
         Ensure the authenticated user has an account and an active plan.
-        If not, logout the user (for session auth) and block the request.
+        Uses shared validation helper for consistency.
         """
-        try:
-            account = getattr(user, 'account', None)
-        except Exception:
-            account = None
+        from .utils import validate_account_and_plan
         
-        if not account:
-            return self._deny_request(
-                request,
-                error='Account not configured for this user. Please contact support.',
-                status_code=status.HTTP_403_FORBIDDEN,
-            )
+        is_valid, error_message, http_status = validate_account_and_plan(user)
         
-        plan = getattr(account, 'plan', None)
-        if plan is None or getattr(plan, 'is_active', False) is False:
-            return self._deny_request(
-                request,
-                error='Active subscription required. Visit igny8.com/pricing to subscribe.',
-                status_code=status.HTTP_402_PAYMENT_REQUIRED,
-            )
+        if not is_valid:
+            return self._deny_request(request, error_message, http_status)
         
         return None
     
     def _deny_request(self, request, error, status_code):
-        """Logout session users (if any) and return a consistent JSON error."""
+        """Logout session users (if any) and return a consistent JSON error with detailed tracking."""
+        # Determine logout reason code based on error message
+        reason_code = 'UNKNOWN'
+        if 'Account not configured' in error or 'Account not found' in error:
+            reason_code = 'ACCOUNT_MISSING'
+        elif 'suspended' in error.lower():
+            reason_code = 'ACCOUNT_SUSPENDED'
+        elif 'cancelled' in error.lower():
+            reason_code = 'ACCOUNT_CANCELLED'
+        elif 'No subscription plan' in error or 'plan assigned' in error.lower():
+            reason_code = 'PLAN_MISSING'
+        elif 'plan is inactive' in error.lower() or 'Active subscription required' in error:
+            reason_code = 'PLAN_INACTIVE'
+        elif 'inactive' in error.lower():
+            reason_code = 'USER_INACTIVE'
+        
         try:
             if hasattr(request, 'user') and request.user and request.user.is_authenticated:
+                logger.warning(
+                    f"[AUTO-LOGOUT] {reason_code}: {error}. "
+                    f"User={request.user.id}, Account={getattr(request, 'account', None)}, "
+                    f"Path={request.path}, IP={request.META.get('REMOTE_ADDR')}, "
+                    f"Status={status_code}, Timestamp={datetime.now().isoformat()}"
+                )
                 logout(request)
-        except Exception:
-            pass
+        except Exception as e:
+            logger.error(f"[AUTO-LOGOUT] Error during logout: {e}")
         
         return JsonResponse(
             {
                 'success': False,
                 'error': error,
+                'logout_reason': reason_code,
+                'logout_message': LOGOUT_REASONS.get(reason_code, error),
+                'logout_path': request.path,
+                'logout_context': {
+                    'user_id': request.user.id if hasattr(request, 'user') and request.user and request.user.is_authenticated else None,
+                    'account_id': getattr(request, 'account', None).id if hasattr(request, 'account') and getattr(request, 'account', None) else None,
+                    'status_code': status_code,
+                }
             },
             status=status_code,
         )

backend/igny8_core/auth/migrations/0003_add_sync_event_model.py

@@ -0,0 +1,17 @@
+# Generated by Django 5.2.8 on 2025-12-01 00:05
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0002_add_wp_api_key_to_site'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='seedkeyword',
+            options={'ordering': ['keyword'], 'verbose_name': 'Seed Keyword', 'verbose_name_plural': 'Global Keywords Database'},
+        ),
+    ]

backend/igny8_core/auth/migrations/0004_add_invoice_payment_models.py

@@ -0,0 +1,53 @@
+# Generated by Django 5.2.8 on 2025-12-04 23:35
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0003_add_sync_event_model'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='account',
+            name='billing_address_line1',
+            field=models.CharField(blank=True, help_text='Street address', max_length=255),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='billing_address_line2',
+            field=models.CharField(blank=True, help_text='Apt, suite, etc.', max_length=255),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='billing_city',
+            field=models.CharField(blank=True, max_length=100),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='billing_country',
+            field=models.CharField(blank=True, help_text='ISO 2-letter country code', max_length=2),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='billing_email',
+            field=models.EmailField(blank=True, help_text='Email for billing notifications', max_length=254, null=True),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='billing_postal_code',
+            field=models.CharField(blank=True, max_length=20),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='billing_state',
+            field=models.CharField(blank=True, help_text='State/Province/Region', max_length=100),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='tax_id',
+            field=models.CharField(blank=True, help_text='VAT/Tax ID number', max_length=100),
+        ),
+    ]

backend/igny8_core/auth/migrations/0005_account_owner_nullable.py

@@ -0,0 +1,23 @@
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('igny8_core_auth', '0004_add_invoice_payment_models'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='account',
+            name='owner',
+            field=models.ForeignKey(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.SET_NULL,
+                related_name='owned_accounts',
+                to='igny8_core_auth.user',
+            ),
+        ),
+    ]
+

backend/igny8_core/auth/migrations/0006_soft_delete_and_retention.py

@@ -0,0 +1,93 @@
+from django.db import migrations, models
+import django.db.models.deletion
+from django.core.validators import MinValueValidator, MaxValueValidator
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('igny8_core_auth', '0005_account_owner_nullable'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='account',
+            name='delete_reason',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='deleted_at',
+            field=models.DateTimeField(blank=True, db_index=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='deleted_by',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='+', to='igny8_core_auth.user'),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='deletion_retention_days',
+            field=models.PositiveIntegerField(default=14, help_text='Retention window (days) before soft-deleted items are purged', validators=[MinValueValidator(1), MaxValueValidator(365)]),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='is_deleted',
+            field=models.BooleanField(db_index=True, default=False),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='restore_until',
+            field=models.DateTimeField(blank=True, db_index=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='sector',
+            name='delete_reason',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+        migrations.AddField(
+            model_name='sector',
+            name='deleted_at',
+            field=models.DateTimeField(blank=True, db_index=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='sector',
+            name='deleted_by',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='+', to='igny8_core_auth.user'),
+        ),
+        migrations.AddField(
+            model_name='sector',
+            name='is_deleted',
+            field=models.BooleanField(db_index=True, default=False),
+        ),
+        migrations.AddField(
+            model_name='sector',
+            name='restore_until',
+            field=models.DateTimeField(blank=True, db_index=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='site',
+            name='delete_reason',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+        migrations.AddField(
+            model_name='site',
+            name='deleted_at',
+            field=models.DateTimeField(blank=True, db_index=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='site',
+            name='deleted_by',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='+', to='igny8_core_auth.user'),
+        ),
+        migrations.AddField(
+            model_name='site',
+            name='is_deleted',
+            field=models.BooleanField(db_index=True, default=False),
+        ),
+        migrations.AddField(
+            model_name='site',
+            name='restore_until',
+            field=models.DateTimeField(blank=True, db_index=True, null=True),
+        ),
+    ]
+

backend/igny8_core/auth/migrations/0007_add_payment_method_fields.py

@@ -0,0 +1,105 @@
+# Generated manually based on FINAL-IMPLEMENTATION-REQUIREMENTS.md
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0006_soft_delete_and_retention'),
+    ]
+
+    operations = [
+        # Add payment_method to Account
+        migrations.AddField(
+            model_name='account',
+            name='payment_method',
+            field=models.CharField(
+                max_length=30,
+                choices=[
+                    ('stripe', 'Stripe'),
+                    ('paypal', 'PayPal'),
+                    ('bank_transfer', 'Bank Transfer'),
+                ],
+                default='stripe',
+                help_text='Payment method used for this account'
+            ),
+        ),
+        # Add payment_method to Subscription
+        migrations.AddField(
+            model_name='subscription',
+            name='payment_method',
+            field=models.CharField(
+                max_length=30,
+                choices=[
+                    ('stripe', 'Stripe'),
+                    ('paypal', 'PayPal'),
+                    ('bank_transfer', 'Bank Transfer'),
+                ],
+                default='stripe',
+                help_text='Payment method for this subscription'
+            ),
+        ),
+        # Add external_payment_id to Subscription
+        migrations.AddField(
+            model_name='subscription',
+            name='external_payment_id',
+            field=models.CharField(
+                max_length=255,
+                blank=True,
+                null=True,
+                help_text='External payment reference (bank transfer ref, PayPal transaction ID)'
+            ),
+        ),
+        # Make stripe_subscription_id nullable
+        migrations.AlterField(
+            model_name='subscription',
+            name='stripe_subscription_id',
+            field=models.CharField(
+                max_length=255,
+                blank=True,
+                null=True,
+                db_index=True,
+                help_text='Stripe subscription ID (when using Stripe)'
+            ),
+        ),
+        # Add pending_payment status to Account
+        migrations.AlterField(
+            model_name='account',
+            name='status',
+            field=models.CharField(
+                max_length=20,
+                choices=[
+                    ('active', 'Active'),
+                    ('suspended', 'Suspended'),
+                    ('trial', 'Trial'),
+                    ('cancelled', 'Cancelled'),
+                    ('pending_payment', 'Pending Payment'),
+                ],
+                default='trial'
+            ),
+        ),
+        # Add pending_payment status to Subscription
+        migrations.AlterField(
+            model_name='subscription',
+            name='status',
+            field=models.CharField(
+                max_length=20,
+                choices=[
+                    ('active', 'Active'),
+                    ('past_due', 'Past Due'),
+                    ('canceled', 'Canceled'),
+                   ('trialing', 'Trialing'),
+                    ('pending_payment', 'Pending Payment'),
+                ]
+            ),
+        ),
+        # Add index on payment_method
+        migrations.AddIndex(
+            model_name='account',
+            index=models.Index(fields=['payment_method'], name='auth_acc_payment_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='subscription',
+            index=models.Index(fields=['payment_method'], name='auth_sub_payment_idx'),
+        ),
+    ]

backend/igny8_core/auth/migrations/0008_add_plan_is_internal.py

@@ -0,0 +1,26 @@
+# Generated by Django 5.2.8 on 2025-12-08 13:01
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0007_add_payment_method_fields'),
+    ]
+
+    operations = [
+        migrations.RemoveIndex(
+            model_name='account',
+            name='auth_acc_payment_idx',
+        ),
+        migrations.RemoveIndex(
+            model_name='subscription',
+            name='auth_sub_payment_idx',
+        ),
+        migrations.AddField(
+            model_name='plan',
+            name='is_internal',
+            field=models.BooleanField(default=False, help_text='Internal-only plan (Free/Internal) - hidden from public plan listings'),
+        ),
+    ]

backend/igny8_core/auth/migrations/0009_add_plan_annual_discount_and_featured.py

@@ -0,0 +1,36 @@
+# Generated manually
+
+from django.db import migrations, models
+import django.core.validators
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0008_add_plan_is_internal'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='plan',
+            name='annual_discount_percent',
+            field=models.DecimalField(
+                decimal_places=2,
+                default=15.0,
+                help_text='Annual subscription discount percentage (default 15%)',
+                max_digits=5,
+                validators=[
+                    django.core.validators.MinValueValidator(0),
+                    django.core.validators.MaxValueValidator(100)
+                ]
+            ),
+        ),
+        migrations.AddField(
+            model_name='plan',
+            name='is_featured',
+            field=models.BooleanField(
+                default=False,
+                help_text='Highlight this plan as popular/recommended'
+            ),
+        ),
+    ]

backend/igny8_core/auth/migrations/0010_add_subscription_plan_and_require_site_industry.py

@@ -0,0 +1,25 @@
+# Generated by Django 5.2.8 on 2025-12-08 22:42
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0009_add_plan_annual_discount_and_featured'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='subscription',
+            name='plan',
+            field=models.ForeignKey(blank=True, help_text='Subscription plan (tracks historical plan even if account changes plan)', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='subscriptions', to='igny8_core_auth.plan'),
+        ),
+        migrations.AlterField(
+            model_name='site',
+            name='industry',
+            field=models.ForeignKey(default=21, help_text='Industry this site belongs to (required for sector creation)', on_delete=django.db.models.deletion.PROTECT, related_name='sites', to='igny8_core_auth.industry'),
+            preserve_default=False,
+        ),
+    ]

backend/igny8_core/auth/migrations/0011_remove_subscription_payment_method.py

@@ -0,0 +1,17 @@
+# Generated by Django 5.2.8 on 2025-12-08 22:52
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0010_add_subscription_plan_and_require_site_industry'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='subscription',
+            name='payment_method',
+        ),
+    ]

backend/igny8_core/auth/migrations/0012_fix_subscription_constraints.py

@@ -0,0 +1,47 @@
+# Generated migration to fix subscription constraints
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0011_remove_subscription_payment_method'),
+    ]
+
+    operations = [
+        # Add unique constraint on tenant_id at database level
+        migrations.RunSQL(
+            sql="""
+            CREATE UNIQUE INDEX IF NOT EXISTS igny8_subscriptions_tenant_id_unique 
+            ON igny8_subscriptions(tenant_id);
+            """,
+            reverse_sql="""
+            DROP INDEX IF EXISTS igny8_subscriptions_tenant_id_unique;
+            """
+        ),
+        
+        # Make plan field required (non-nullable)
+        # First set default plan (ID 1 - Free Plan) for any null values
+        migrations.RunSQL(
+            sql="""
+            UPDATE igny8_subscriptions 
+            SET plan_id = 1 
+            WHERE plan_id IS NULL;
+            """,
+            reverse_sql=migrations.RunSQL.noop
+        ),
+        
+        # Now alter the field to be non-nullable
+        migrations.AlterField(
+            model_name='subscription',
+            name='plan',
+            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.PROTECT,
+                related_name='subscriptions',
+                to='igny8_core_auth.plan',
+                help_text='Subscription plan (tracks historical plan even if account changes plan)'
+            ),
+        ),
+    ]

backend/igny8_core/auth/migrations/0013_plan_max_clusters_plan_max_content_ideas_and_more.py

@@ -0,0 +1,49 @@
+# Generated by Django 5.2.8 on 2025-12-12 11:26
+
+import django.core.validators
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0012_fix_subscription_constraints'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='plan',
+            name='max_clusters',
+            field=models.IntegerField(default=100, help_text='Maximum AI keyword clusters allowed (hard limit)', validators=[django.core.validators.MinValueValidator(1)]),
+        ),
+        migrations.AddField(
+            model_name='plan',
+            name='max_content_ideas',
+            field=models.IntegerField(default=300, help_text='Maximum AI content ideas per month', validators=[django.core.validators.MinValueValidator(1)]),
+        ),
+        migrations.AddField(
+            model_name='plan',
+            name='max_content_words',
+            field=models.IntegerField(default=100000, help_text='Maximum content words per month (e.g., 100000 = 100K words)', validators=[django.core.validators.MinValueValidator(1)]),
+        ),
+        migrations.AddField(
+            model_name='plan',
+            name='max_image_prompts',
+            field=models.IntegerField(default=300, help_text='Maximum image prompts per month', validators=[django.core.validators.MinValueValidator(0)]),
+        ),
+        migrations.AddField(
+            model_name='plan',
+            name='max_images_basic',
+            field=models.IntegerField(default=300, help_text='Maximum basic AI images per month', validators=[django.core.validators.MinValueValidator(0)]),
+        ),
+        migrations.AddField(
+            model_name='plan',
+            name='max_images_premium',
+            field=models.IntegerField(default=60, help_text='Maximum premium AI images per month (DALL-E)', validators=[django.core.validators.MinValueValidator(0)]),
+        ),
+        migrations.AddField(
+            model_name='plan',
+            name='max_keywords',
+            field=models.IntegerField(default=1000, help_text='Maximum total keywords allowed (hard limit)', validators=[django.core.validators.MinValueValidator(1)]),
+        ),
+    ]

backend/igny8_core/auth/migrations/0014_add_usage_tracking_to_account.py

@@ -0,0 +1,49 @@
+# Generated by Django 5.2.8 on 2025-12-12 12:24
+
+import django.core.validators
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0013_plan_max_clusters_plan_max_content_ideas_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='account',
+            name='usage_content_ideas',
+            field=models.IntegerField(default=0, help_text='Content ideas generated this month', validators=[django.core.validators.MinValueValidator(0)]),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='usage_content_words',
+            field=models.IntegerField(default=0, help_text='Content words generated this month', validators=[django.core.validators.MinValueValidator(0)]),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='usage_image_prompts',
+            field=models.IntegerField(default=0, help_text='Image prompts this month', validators=[django.core.validators.MinValueValidator(0)]),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='usage_images_basic',
+            field=models.IntegerField(default=0, help_text='Basic AI images this month', validators=[django.core.validators.MinValueValidator(0)]),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='usage_images_premium',
+            field=models.IntegerField(default=0, help_text='Premium AI images this month', validators=[django.core.validators.MinValueValidator(0)]),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='usage_period_end',
+            field=models.DateTimeField(blank=True, help_text='Current billing period end', null=True),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='usage_period_start',
+            field=models.DateTimeField(blank=True, help_text='Current billing period start', null=True),
+        ),
+    ]

backend/igny8_core/auth/migrations/0015_add_plan_original_price.py

@@ -0,0 +1,24 @@
+# Generated manually
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0014_add_usage_tracking_to_account'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='plan',
+            name='original_price',
+            field=models.DecimalField(
+                blank=True,
+                decimal_places=2,
+                help_text='Original price (before discount) - shows as crossed out price. Leave empty if no discount.',
+                max_digits=10,
+                null=True
+            ),
+        ),
+    ]

backend/igny8_core/auth/migrations/0016_alter_plan_annual_discount_percent.py

@@ -0,0 +1,19 @@
+# Generated by Django 5.2.9 on 2025-12-13 20:31
+
+import django.core.validators
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0015_add_plan_original_price'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='plan',
+            name='annual_discount_percent',
+            field=models.IntegerField(default=15, help_text='Annual subscription discount percentage (default 15%)', validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(100)]),
+        ),
+    ]

backend/igny8_core/auth/migrations/0017_add_history_tracking.py

@@ -0,0 +1,66 @@
+# Generated by Django 5.2.9 on 2025-12-15 01:28
+
+import django.core.validators
+import django.db.models.deletion
+import simple_history.models
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0016_alter_plan_annual_discount_percent'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='HistoricalAccount',
+            fields=[
+                ('id', models.BigIntegerField(auto_created=True, blank=True, db_index=True, verbose_name='ID')),
+                ('is_deleted', models.BooleanField(db_index=True, default=False)),
+                ('deleted_at', models.DateTimeField(blank=True, db_index=True, null=True)),
+                ('restore_until', models.DateTimeField(blank=True, db_index=True, null=True)),
+                ('delete_reason', models.CharField(blank=True, max_length=255, null=True)),
+                ('name', models.CharField(max_length=255)),
+                ('slug', models.SlugField(max_length=255)),
+                ('stripe_customer_id', models.CharField(blank=True, max_length=255, null=True)),
+                ('credits', models.IntegerField(default=0, validators=[django.core.validators.MinValueValidator(0)])),
+                ('status', models.CharField(choices=[('active', 'Active'), ('suspended', 'Suspended'), ('trial', 'Trial'), ('cancelled', 'Cancelled'), ('pending_payment', 'Pending Payment')], default='trial', max_length=20)),
+                ('payment_method', models.CharField(choices=[('stripe', 'Stripe'), ('paypal', 'PayPal'), ('bank_transfer', 'Bank Transfer')], default='stripe', help_text='Payment method used for this account', max_length=30)),
+                ('deletion_retention_days', models.PositiveIntegerField(default=14, help_text='Retention window (days) before soft-deleted items are purged', validators=[django.core.validators.MinValueValidator(1), django.core.validators.MaxValueValidator(365)])),
+                ('billing_email', models.EmailField(blank=True, help_text='Email for billing notifications', max_length=254, null=True)),
+                ('billing_address_line1', models.CharField(blank=True, help_text='Street address', max_length=255)),
+                ('billing_address_line2', models.CharField(blank=True, help_text='Apt, suite, etc.', max_length=255)),
+                ('billing_city', models.CharField(blank=True, max_length=100)),
+                ('billing_state', models.CharField(blank=True, help_text='State/Province/Region', max_length=100)),
+                ('billing_postal_code', models.CharField(blank=True, max_length=20)),
+                ('billing_country', models.CharField(blank=True, help_text='ISO 2-letter country code', max_length=2)),
+                ('tax_id', models.CharField(blank=True, help_text='VAT/Tax ID number', max_length=100)),
+                ('usage_content_ideas', models.IntegerField(default=0, help_text='Content ideas generated this month', validators=[django.core.validators.MinValueValidator(0)])),
+                ('usage_content_words', models.IntegerField(default=0, help_text='Content words generated this month', validators=[django.core.validators.MinValueValidator(0)])),
+                ('usage_images_basic', models.IntegerField(default=0, help_text='Basic AI images this month', validators=[django.core.validators.MinValueValidator(0)])),
+                ('usage_images_premium', models.IntegerField(default=0, help_text='Premium AI images this month', validators=[django.core.validators.MinValueValidator(0)])),
+                ('usage_image_prompts', models.IntegerField(default=0, help_text='Image prompts this month', validators=[django.core.validators.MinValueValidator(0)])),
+                ('usage_period_start', models.DateTimeField(blank=True, help_text='Current billing period start', null=True)),
+                ('usage_period_end', models.DateTimeField(blank=True, help_text='Current billing period end', null=True)),
+                ('created_at', models.DateTimeField(blank=True, editable=False)),
+                ('updated_at', models.DateTimeField(blank=True, editable=False)),
+                ('history_id', models.AutoField(primary_key=True, serialize=False)),
+                ('history_date', models.DateTimeField(db_index=True)),
+                ('history_change_reason', models.CharField(max_length=100, null=True)),
+                ('history_type', models.CharField(choices=[('+', 'Created'), ('~', 'Changed'), ('-', 'Deleted')], max_length=1)),
+                ('deleted_by', models.ForeignKey(blank=True, db_constraint=False, null=True, on_delete=django.db.models.deletion.DO_NOTHING, related_name='+', to=settings.AUTH_USER_MODEL)),
+                ('history_user', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='+', to=settings.AUTH_USER_MODEL)),
+                ('owner', models.ForeignKey(blank=True, db_constraint=False, null=True, on_delete=django.db.models.deletion.DO_NOTHING, related_name='+', to=settings.AUTH_USER_MODEL)),
+                ('plan', models.ForeignKey(blank=True, db_constraint=False, null=True, on_delete=django.db.models.deletion.DO_NOTHING, related_name='+', to='igny8_core_auth.plan')),
+            ],
+            options={
+                'verbose_name': 'historical Account',
+                'verbose_name_plural': 'historical Accounts',
+                'ordering': ('-history_date', '-history_id'),
+                'get_latest_by': ('history_date', 'history_id'),
+            },
+            bases=(simple_history.models.HistoricalChanges, models.Model),
+        ),
+    ]

backend/igny8_core/auth/migrations/0018_add_country_remove_intent_seedkeyword.py

@@ -0,0 +1,30 @@
+# Generated by Django 5.2.9 on 2025-12-17 06:04
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0017_add_history_tracking'),
+    ]
+
+    operations = [
+        migrations.RemoveIndex(
+            model_name='seedkeyword',
+            name='igny8_seed__intent_15020d_idx',
+        ),
+        migrations.RemoveField(
+            model_name='seedkeyword',
+            name='intent',
+        ),
+        migrations.AddField(
+            model_name='seedkeyword',
+            name='country',
+            field=models.CharField(choices=[('US', 'United States'), ('CA', 'Canada'), ('GB', 'United Kingdom'), ('AE', 'United Arab Emirates'), ('AU', 'Australia'), ('IN', 'India'), ('PK', 'Pakistan')], default='US', help_text='Target country for this keyword', max_length=2),
+        ),
+        migrations.AddIndex(
+            model_name='seedkeyword',
+            index=models.Index(fields=['country'], name='igny8_seed__country_4127a5_idx'),
+        ),
+    ]

backend/igny8_core/auth/migrations/0019_simplify_credits_limits.py

@@ -0,0 +1,100 @@
+# Generated by IGNY8 Phase 1: Simplify Credits & Limits
+# Migration: Remove unused limit fields, add Ahrefs query tracking
+# Date: January 5, 2026
+
+from django.db import migrations, models
+import django.core.validators
+
+
+class Migration(migrations.Migration):
+    """
+    Simplify the credits and limits system:
+    
+    PLAN MODEL:
+    - REMOVE: max_clusters, max_content_ideas, max_content_words, 
+              max_images_basic, max_images_premium, max_image_prompts
+    - ADD: max_ahrefs_queries (monthly keyword research queries)
+    
+    ACCOUNT MODEL:
+    - REMOVE: usage_content_ideas, usage_content_words, usage_images_basic,
+              usage_images_premium, usage_image_prompts
+    - ADD: usage_ahrefs_queries
+    
+    RATIONALE:
+    All consumption is now controlled by credits only. The only non-credit
+    limits are: sites, users, keywords (hard limits) and ahrefs_queries (monthly).
+    """
+
+    dependencies = [
+        ('igny8_core_auth', '0018_add_country_remove_intent_seedkeyword'),
+    ]
+
+    operations = [
+        # STEP 1: Add new Ahrefs fields FIRST (before removing old ones)
+        migrations.AddField(
+            model_name='plan',
+            name='max_ahrefs_queries',
+            field=models.IntegerField(
+                default=0,
+                validators=[django.core.validators.MinValueValidator(0)],
+                help_text='Monthly Ahrefs keyword research queries (0 = disabled)'
+            ),
+        ),
+        migrations.AddField(
+            model_name='account',
+            name='usage_ahrefs_queries',
+            field=models.IntegerField(
+                default=0,
+                validators=[django.core.validators.MinValueValidator(0)],
+                help_text='Ahrefs queries used this month'
+            ),
+        ),
+        
+        # STEP 2: Remove unused Plan fields
+        migrations.RemoveField(
+            model_name='plan',
+            name='max_clusters',
+        ),
+        migrations.RemoveField(
+            model_name='plan',
+            name='max_content_ideas',
+        ),
+        migrations.RemoveField(
+            model_name='plan',
+            name='max_content_words',
+        ),
+        migrations.RemoveField(
+            model_name='plan',
+            name='max_images_basic',
+        ),
+        migrations.RemoveField(
+            model_name='plan',
+            name='max_images_premium',
+        ),
+        migrations.RemoveField(
+            model_name='plan',
+            name='max_image_prompts',
+        ),
+        
+        # STEP 3: Remove unused Account fields
+        migrations.RemoveField(
+            model_name='account',
+            name='usage_content_ideas',
+        ),
+        migrations.RemoveField(
+            model_name='account',
+            name='usage_content_words',
+        ),
+        migrations.RemoveField(
+            model_name='account',
+            name='usage_images_basic',
+        ),
+        migrations.RemoveField(
+            model_name='account',
+            name='usage_images_premium',
+        ),
+        migrations.RemoveField(
+            model_name='account',
+            name='usage_image_prompts',
+        ),
+    ]

backend/igny8_core/auth/migrations/0020_fix_historical_account.py

@@ -0,0 +1,39 @@
+# Generated by Django 5.2.9 on 2026-01-06 00:11
+
+import django.core.validators
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('igny8_core_auth', '0019_simplify_credits_limits'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='historicalaccount',
+            name='usage_content_ideas',
+        ),
+        migrations.RemoveField(
+            model_name='historicalaccount',
+            name='usage_content_words',
+        ),
+        migrations.RemoveField(
+            model_name='historicalaccount',
+            name='usage_image_prompts',
+        ),
+        migrations.RemoveField(
+            model_name='historicalaccount',
+            name='usage_images_basic',
+        ),
+        migrations.RemoveField(
+            model_name='historicalaccount',
+            name='usage_images_premium',
+        ),
+        migrations.AddField(
+            model_name='historicalaccount',
+            name='usage_ahrefs_queries',
+            field=models.IntegerField(default=0, help_text='Ahrefs queries used this month', validators=[django.core.validators.MinValueValidator(0)]),
+        ),
+    ]

backend/igny8_core/auth/models.py

@@ -5,6 +5,8 @@ from django.db import models
 from django.contrib.auth.models import AbstractUser
 from django.utils.translation import gettext_lazy as _
 from django.core.validators import MinValueValidator, MaxValueValidator
+from igny8_core.common.soft_delete import SoftDeletableModel, SoftDeleteManager
+from simple_history.models import HistoricalRecords
 
 
 class AccountBaseModel(models.Model):
@@ -52,7 +54,7 @@ class SiteSectorBaseModel(AccountBaseModel):
         super().save(*args, **kwargs)
 
 
-class Account(models.Model):
+class Account(SoftDeletableModel):
     """
     Account/Organization model for multi-account support.
     """
@@ -61,17 +63,60 @@ class Account(models.Model):
         ('suspended', 'Suspended'),
         ('trial', 'Trial'),
         ('cancelled', 'Cancelled'),
+        ('pending_payment', 'Pending Payment'),
+    ]
+    
+    PAYMENT_METHOD_CHOICES = [
+        ('stripe', 'Stripe'),
+        ('paypal', 'PayPal'),
+        ('bank_transfer', 'Bank Transfer'),
     ]
 
     name = models.CharField(max_length=255)
     slug = models.SlugField(unique=True, max_length=255)
-    owner = models.ForeignKey('igny8_core_auth.User', on_delete=models.PROTECT, related_name='owned_accounts')
+    owner = models.ForeignKey(
+        'igny8_core_auth.User',
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='owned_accounts',
+    )
     stripe_customer_id = models.CharField(max_length=255, blank=True, null=True)
     plan = models.ForeignKey('igny8_core_auth.Plan', on_delete=models.PROTECT, related_name='accounts')
     credits = models.IntegerField(default=0, validators=[MinValueValidator(0)])
     status = models.CharField(max_length=20, choices=STATUS_CHOICES, default='trial')
+    payment_method = models.CharField(
+        max_length=30,
+        choices=PAYMENT_METHOD_CHOICES,
+        default='stripe',
+        help_text='Payment method used for this account'
+    )
+    deletion_retention_days = models.PositiveIntegerField(
+        default=14,
+        validators=[MinValueValidator(1), MaxValueValidator(365)],
+        help_text="Retention window (days) before soft-deleted items are purged",
+    )
+    
+    # Billing information
+    billing_email = models.EmailField(blank=True, null=True, help_text="Email for billing notifications")
+    billing_address_line1 = models.CharField(max_length=255, blank=True, help_text="Street address")
+    billing_address_line2 = models.CharField(max_length=255, blank=True, help_text="Apt, suite, etc.")
+    billing_city = models.CharField(max_length=100, blank=True)
+    billing_state = models.CharField(max_length=100, blank=True, help_text="State/Province/Region")
+    billing_postal_code = models.CharField(max_length=20, blank=True)
+    billing_country = models.CharField(max_length=2, blank=True, help_text="ISO 2-letter country code")
+    tax_id = models.CharField(max_length=100, blank=True, help_text="VAT/Tax ID number")
+    
+    # Monthly usage tracking (reset on billing cycle)
+    usage_ahrefs_queries = models.IntegerField(default=0, validators=[MinValueValidator(0)], help_text="Ahrefs queries used this month")
+    usage_period_start = models.DateTimeField(null=True, blank=True, help_text="Current billing period start")
+    usage_period_end = models.DateTimeField(null=True, blank=True, help_text="Current billing period end")
+    
     created_at = models.DateTimeField(auto_now_add=True)
     updated_at = models.DateTimeField(auto_now=True)
+    
+    # History tracking
+    history = HistoricalRecords()
 
     class Meta:
         db_table = 'igny8_tenants'
@@ -82,14 +127,181 @@ class Account(models.Model):
             models.Index(fields=['status']),
         ]
 
+    objects = SoftDeleteManager()
+    all_objects = models.Manager()
+
     def __str__(self):
         return self.name
     
+    @property
+    def default_payment_method(self):
+        """Get default payment method from AccountPaymentMethod table"""
+        try:
+            from igny8_core.business.billing.models import AccountPaymentMethod
+            method = AccountPaymentMethod.objects.filter(
+                account=self,
+                is_default=True,
+                is_enabled=True
+            ).first()
+            return method.type if method else self.payment_method
+        except Exception:
+            # Fallback to field if table doesn't exist or error
+            return self.payment_method
+    
     def is_system_account(self):
         """Check if this account is a system account with highest access level."""
         # System accounts bypass all filtering restrictions
         return self.slug in ['aws-admin', 'default-account', 'default']
 
+    def soft_delete(self, user=None, reason=None, retention_days=None, cascade=True):
+        """
+        Soft delete the account and optionally cascade to all related objects.
+        Args:
+            user: User performing the deletion
+            reason: Reason for deletion
+            retention_days: Days before permanent deletion
+            cascade: If True, also soft-delete related objects that support soft delete,
+                     and hard-delete objects that don't support soft delete
+        """
+        if self.is_system_account():
+            from django.core.exceptions import PermissionDenied
+            raise PermissionDenied("System account cannot be deleted.")
+        
+        if cascade:
+            self._cascade_delete_related(user=user, reason=reason, retention_days=retention_days, hard_delete=False)
+        
+        return super().soft_delete(user=user, reason=reason, retention_days=retention_days)
+
+    def _cascade_delete_related(self, user=None, reason=None, retention_days=None, hard_delete=False):
+        """
+        Delete all related objects when account is deleted.
+        For soft delete: soft-deletes objects with SoftDeletableModel, hard-deletes others
+        For hard delete: hard-deletes everything
+        """
+        from igny8_core.common.soft_delete import SoftDeletableModel
+        
+        # List of related objects to delete (in order to avoid FK constraint issues)
+        # Related names from Account reverse relations
+        related_names = [
+            # Content & Planning related (delete first due to dependencies)
+            'contentclustermap_set',
+            'contentattribute_set',
+            'contenttaxonomy_set',
+            'content_set',
+            'images_set',
+            'contentideas_set',
+            'tasks_set',
+            'keywords_set',
+            'clusters_set',
+            'strategy_set',
+            # Automation
+            'automation_runs',
+            'automation_configs',
+            # Publishing & Integration
+            'syncevent_set',
+            'publishingsettings_set',
+            'publishingrecord_set',
+            'deploymentrecord_set',
+            'siteintegration_set',
+            # Notifications & Optimization
+            'notification_set',
+            'optimizationtask_set',
+            # AI & Settings
+            'aitasklog_set',
+            'aiprompt_set',
+            'aisettings_set',
+            'authorprofile_set',
+            # Billing (preserve invoices/payments for audit, delete others)
+            'planlimitusage_set',
+            'creditusagelog_set',
+            'credittransaction_set',
+            'accountpaymentmethod_set',
+            'payment_set',
+            'invoice_set',
+            # Settings
+            'modulesettings_set',
+            'moduleenablesettings_set',
+            'integrationsettings_set',
+            'user_settings',
+            'accountsettings_set',
+            # Core (last due to dependencies)
+            'sector_set',
+            'site_set',
+            # Users (delete after sites to avoid FK issues, owner is SET_NULL)
+            'users',
+            # Subscription (OneToOne)
+            'subscription',
+        ]
+        
+        for related_name in related_names:
+            try:
+                related = getattr(self, related_name, None)
+                if related is None:
+                    continue
+                
+                # Handle OneToOne fields (subscription)
+                if hasattr(related, 'pk'):
+                    # It's a single object (OneToOneField)
+                    if hard_delete:
+                        related.hard_delete() if hasattr(related, 'hard_delete') else related.delete()
+                    elif isinstance(related, SoftDeletableModel):
+                        related.soft_delete(user=user, reason=reason, retention_days=retention_days)
+                    else:
+                        # Non-soft-deletable single object - hard delete
+                        related.delete()
+                else:
+                    # It's a RelatedManager (ForeignKey)
+                    queryset = related.all()
+                    if queryset.exists():
+                        if hard_delete:
+                            # Hard delete all
+                            if hasattr(queryset, 'hard_delete'):
+                                queryset.hard_delete()
+                            else:
+                                for obj in queryset:
+                                    if hasattr(obj, 'hard_delete'):
+                                        obj.hard_delete()
+                                    else:
+                                        obj.delete()
+                        else:
+                            # Soft delete if supported, otherwise hard delete
+                            model = queryset.model
+                            if issubclass(model, SoftDeletableModel):
+                                for obj in queryset:
+                                    obj.soft_delete(user=user, reason=reason, retention_days=retention_days)
+                            else:
+                                queryset.delete()
+            except Exception as e:
+                # Log but don't fail - some relations may not exist
+                import logging
+                logger = logging.getLogger(__name__)
+                logger.warning(f"Failed to delete related {related_name} for account {self.pk}: {e}")
+
+    def hard_delete_with_cascade(self, using=None, keep_parents=False):
+        """
+        Permanently delete the account and ALL related objects.
+        This bypasses soft-delete and removes everything from the database.
+        USE WITH CAUTION - this cannot be undone!
+        """
+        if self.is_system_account():
+            from django.core.exceptions import PermissionDenied
+            raise PermissionDenied("System account cannot be deleted.")
+        
+        # Clear owner reference first to avoid FK constraint issues
+        # (owner is SET_NULL but we're deleting the user who is the owner)
+        if self.owner:
+            self.owner = None
+            self.save(update_fields=['owner'])
+        
+        # Cascade hard-delete all related objects first
+        self._cascade_delete_related(hard_delete=True)
+        
+        # Finally hard-delete the account itself
+        return super().hard_delete(using=using, keep_parents=keep_parents)
+
+    def delete(self, using=None, keep_parents=False):
+        return self.soft_delete()
+
 
 class Plan(models.Model):
     """
@@ -105,9 +317,23 @@ class Plan(models.Model):
     name = models.CharField(max_length=255)
     slug = models.SlugField(unique=True, max_length=255)
     price = models.DecimalField(max_digits=10, decimal_places=2)
+    original_price = models.DecimalField(
+        max_digits=10, 
+        decimal_places=2, 
+        null=True, 
+        blank=True,
+        help_text="Original price (before discount) - shows as crossed out price. Leave empty if no discount."
+    )
     billing_cycle = models.CharField(max_length=20, choices=BILLING_CYCLE_CHOICES, default='monthly')
+    annual_discount_percent = models.IntegerField(
+        default=15,
+        validators=[MinValueValidator(0), MaxValueValidator(100)],
+        help_text="Annual subscription discount percentage (default 15%)"
+    )
+    is_featured = models.BooleanField(default=False, help_text="Highlight this plan as popular/recommended")
     features = models.JSONField(default=list, blank=True, help_text="Plan features as JSON array (e.g., ['ai_writer', 'image_gen', 'auto_publish'])")
     is_active = models.BooleanField(default=True)
+    is_internal = models.BooleanField(default=False, help_text="Internal-only plan (Free/Internal) - hidden from public plan listings")
     created_at = models.DateTimeField(auto_now_add=True)
     
     # Account Management Limits (kept - not operation limits)
@@ -120,6 +346,20 @@ class Plan(models.Model):
     max_industries = models.IntegerField(default=None, null=True, blank=True, validators=[MinValueValidator(1)], help_text="Optional limit for industries/sectors")
     max_author_profiles = models.IntegerField(default=5, validators=[MinValueValidator(0)], help_text="Limit for saved writing styles")
     
+    # Hard Limits (Persistent - user manages within limit)
+    max_keywords = models.IntegerField(
+        default=1000,
+        validators=[MinValueValidator(1)],
+        help_text="Maximum total keywords allowed (hard limit)"
+    )
+    
+    # Monthly Limits (Reset on billing cycle)
+    max_ahrefs_queries = models.IntegerField(
+        default=0,
+        validators=[MinValueValidator(0)],
+        help_text="Monthly Ahrefs keyword research queries (0 = disabled)"
+    )
+    
     # Billing & Credits (Phase 0: Credit-only system)
     included_credits = models.IntegerField(default=0, validators=[MinValueValidator(0)], help_text="Monthly credits included")
     extra_credit_price = models.DecimalField(max_digits=10, decimal_places=2, default=0.01, help_text="Price per additional credit")
@@ -156,23 +396,56 @@ class Plan(models.Model):
 
 class Subscription(models.Model):
     """
-    Account subscription model linking to Stripe.
+    Account subscription model supporting multiple payment methods.
     """
     STATUS_CHOICES = [
         ('active', 'Active'),
         ('past_due', 'Past Due'),
         ('canceled', 'Canceled'),
         ('trialing', 'Trialing'),
+        ('pending_payment', 'Pending Payment'),
+    ]
+    
+    PAYMENT_METHOD_CHOICES = [
+        ('stripe', 'Stripe'),
+        ('paypal', 'PayPal'),
+        ('bank_transfer', 'Bank Transfer'),
     ]
 
     account = models.OneToOneField('igny8_core_auth.Account', on_delete=models.CASCADE, related_name='subscription', db_column='tenant_id')
-    stripe_subscription_id = models.CharField(max_length=255, unique=True)
+    plan = models.ForeignKey(
+        'igny8_core_auth.Plan',
+        on_delete=models.PROTECT,
+        related_name='subscriptions',
+        help_text='Subscription plan (tracks historical plan even if account changes plan)'
+    )
+    stripe_subscription_id = models.CharField(
+        max_length=255,
+        blank=True,
+        null=True,
+        db_index=True,
+        help_text='Stripe subscription ID (when using Stripe)'
+    )
+    external_payment_id = models.CharField(
+        max_length=255,
+        blank=True,
+        null=True,
+        help_text='External payment reference (bank transfer ref, PayPal transaction ID)'
+    )
     status = models.CharField(max_length=20, choices=STATUS_CHOICES)
     current_period_start = models.DateTimeField()
     current_period_end = models.DateTimeField()
     cancel_at_period_end = models.BooleanField(default=False)
     created_at = models.DateTimeField(auto_now_add=True)
     updated_at = models.DateTimeField(auto_now=True)
+    
+    @property
+    def payment_method(self):
+        """Get payment method from account's default payment method"""
+        if hasattr(self.account, 'default_payment_method'):
+            return self.account.default_payment_method
+        # Fallback to account.payment_method field if property doesn't exist yet
+        return getattr(self.account, 'payment_method', 'stripe')
 
     class Meta:
         db_table = 'igny8_subscriptions'
@@ -185,7 +458,7 @@ class Subscription(models.Model):
     
 
 
-class Site(AccountBaseModel):
+class Site(SoftDeletableModel, AccountBaseModel):
     """
     Site model - Each account can have multiple sites based on their plan.
     Each site belongs to ONE industry and can have 1-5 sectors from that industry.
@@ -204,9 +477,7 @@ class Site(AccountBaseModel):
         'igny8_core_auth.Industry',
         on_delete=models.PROTECT,
         related_name='sites',
-        null=True,
-        blank=True,
-        help_text="Industry this site belongs to"
+        help_text="Industry this site belongs to (required for sector creation)"
     )
     is_active = models.BooleanField(default=True, db_index=True)
     status = models.CharField(max_length=20, choices=STATUS_CHOICES, default='active')
@@ -257,6 +528,9 @@ class Site(AccountBaseModel):
         blank=True,
         help_text="SEO metadata: meta tags, Open Graph, Schema.org"
     )
+
+    objects = SoftDeleteManager()
+    all_objects = models.Manager()
     
     class Meta:
         db_table = 'igny8_sites'
@@ -354,11 +628,14 @@ class SeedKeyword(models.Model):
     These are canonical keywords that can be imported into account-specific Keywords.
     Non-deletable global reference data.
     """
-    INTENT_CHOICES = [
-        ('informational', 'Informational'),
-        ('navigational', 'Navigational'),
-        ('commercial', 'Commercial'),
-        ('transactional', 'Transactional'),
+    COUNTRY_CHOICES = [
+        ('US', 'United States'),
+        ('CA', 'Canada'),
+        ('GB', 'United Kingdom'),
+        ('AE', 'United Arab Emirates'),
+        ('AU', 'Australia'),
+        ('IN', 'India'),
+        ('PK', 'Pakistan'),
     ]
     
     keyword = models.CharField(max_length=255, db_index=True)
@@ -370,7 +647,7 @@ class SeedKeyword(models.Model):
         validators=[MinValueValidator(0), MaxValueValidator(100)],
         help_text='Keyword difficulty (0-100)'
     )
-    intent = models.CharField(max_length=50, choices=INTENT_CHOICES, default='informational')
+    country = models.CharField(max_length=2, choices=COUNTRY_CHOICES, default='US', help_text='Target country for this keyword')
     is_active = models.BooleanField(default=True, db_index=True)
     created_at = models.DateTimeField(auto_now_add=True)
     updated_at = models.DateTimeField(auto_now=True)
@@ -379,12 +656,12 @@ class SeedKeyword(models.Model):
         db_table = 'igny8_seed_keywords'
         unique_together = [['keyword', 'industry', 'sector']]
         verbose_name = 'Seed Keyword'
-        verbose_name_plural = 'Seed Keywords'
+        verbose_name_plural = 'Global Keywords Database'
         indexes = [
             models.Index(fields=['keyword']),
             models.Index(fields=['industry', 'sector']),
             models.Index(fields=['industry', 'sector', 'is_active']),
-            models.Index(fields=['intent']),
+            models.Index(fields=['country']),
         ]
         ordering = ['keyword']
     
@@ -392,7 +669,7 @@ class SeedKeyword(models.Model):
         return f"{self.keyword} ({self.industry.name} - {self.sector.name})"
 
 
-class Sector(AccountBaseModel):
+class Sector(SoftDeletableModel, AccountBaseModel):
     """
     Sector model - Each site can have 1-5 sectors.
     Sectors are site-specific instances that reference an IndustrySector template.
@@ -419,6 +696,9 @@ class Sector(AccountBaseModel):
     status = models.CharField(max_length=20, choices=STATUS_CHOICES, default='active')
     created_at = models.DateTimeField(auto_now_add=True)
     updated_at = models.DateTimeField(auto_now=True)
+
+    objects = SoftDeleteManager()
+    all_objects = models.Manager()
     
     class Meta:
         db_table = 'igny8_sectors'
@@ -563,8 +843,7 @@ class User(AbstractUser):
         return self.role == 'developer' or self.is_superuser
     
     def is_admin_or_developer(self):
-        """Check if user is admin or developer with override privileges."""
-        # ADMIN/DEV OVERRIDE: Both admin and developer roles bypass account/site/sector restrictions
+        """Check if user is admin or developer."""
         return self.role in ['admin', 'developer'] or self.is_superuser
     
     def is_system_account_user(self):
@@ -577,29 +856,17 @@ class User(AbstractUser):
     
     def get_accessible_sites(self):
         """Get all sites the user can access."""
-        # System account users can access all sites across all accounts
-        if self.is_system_account_user():
-            return Site.objects.filter(is_active=True).distinct()
-        
-        # Developers/super admins can access all sites across all accounts
-        # ADMIN/DEV OVERRIDE: Admins also bypass account restrictions (see is_admin_or_developer)
-        if self.is_developer():
-            return Site.objects.filter(is_active=True).distinct()
-        
         try:
             if not self.account:
                 return Site.objects.none()
             
-            # Owners and admins can access all sites in their account
-            if self.role in ['owner', 'admin']:
-                return Site.objects.filter(account=self.account, is_active=True)
+            base_sites = Site.objects.filter(account=self.account)
+            
+            if self.role in ['owner', 'admin', 'developer'] or self.is_superuser or self.is_system_account_user():
+                return base_sites
             
             # Other users can only access sites explicitly granted via SiteUserAccess
-            return Site.objects.filter(
-                account=self.account,
-                is_active=True,
-                user_access__user=self
-            ).distinct()
+            return base_sites.filter(user_access__user=self).distinct()
         except (AttributeError, Exception):
             # If account access fails (e.g., column mismatch), return empty queryset
             return Site.objects.none()

backend/igny8_core/auth/serializers.py

@@ -10,8 +10,10 @@ class PlanSerializer(serializers.ModelSerializer):
     class Meta:
         model = Plan
         fields = [
-            'id', 'name', 'slug', 'price', 'billing_cycle', 'features', 'is_active',
+            'id', 'name', 'slug', 'price', 'original_price', 'billing_cycle', 'annual_discount_percent', 
+            'is_featured', 'features', 'is_active',
             'max_users', 'max_sites', 'max_industries', 'max_author_profiles',
+            'max_keywords', 'max_ahrefs_queries',
             'included_credits', 'extra_credit_price', 'allow_credit_topup',
             'auto_credit_topup_threshold', 'auto_credit_topup_amount',
             'stripe_product_id', 'stripe_price_id', 'credits_per_month'
@@ -27,8 +29,8 @@ class SubscriptionSerializer(serializers.ModelSerializer):
         model = Subscription
         fields = [
             'id', 'account', 'account_name', 'account_slug',
-            'stripe_subscription_id', 'status',
-            'current_period_start', 'current_period_end',
+            'stripe_subscription_id', 'payment_method', 'external_payment_id',
+            'status', 'current_period_start', 'current_period_end',
             'cancel_at_period_end',
             'created_at', 'updated_at'
         ]
@@ -48,7 +50,11 @@ class AccountSerializer(serializers.ModelSerializer):
     
     class Meta:
         model = Account
-        fields = ['id', 'name', 'slug', 'owner', 'plan', 'plan_id', 'credits', 'status', 'subscription', 'created_at']
+        fields = [
+            'id', 'name', 'slug', 'owner', 'plan', 'plan_id',
+            'credits', 'status', 'payment_method',
+            'subscription', 'billing_country', 'created_at'
+        ]
         read_only_fields = ['owner', 'created_at']
 
 
@@ -58,6 +64,8 @@ class SiteSerializer(serializers.ModelSerializer):
     active_sectors_count = serializers.SerializerMethodField()
     selected_sectors = serializers.SerializerMethodField()
     can_add_sectors = serializers.SerializerMethodField()
+    keywords_count = serializers.SerializerMethodField()
+    has_integration = serializers.SerializerMethodField()
     industry_name = serializers.CharField(source='industry.name', read_only=True)
     industry_slug = serializers.CharField(source='industry.slug', read_only=True)
     # Override domain field to use CharField instead of URLField to avoid premature validation
@@ -68,13 +76,17 @@ class SiteSerializer(serializers.ModelSerializer):
         fields = [
             'id', 'name', 'slug', 'domain', 'description',
             'industry', 'industry_name', 'industry_slug',
-            'is_active', 'status', 'wp_url', 'wp_username', 'wp_api_key',
+            'is_active', 'status',
             'site_type', 'hosting_type', 'seo_metadata',
             'sectors_count', 'active_sectors_count', 'selected_sectors',
-            'can_add_sectors',
+            'can_add_sectors', 'keywords_count', 'has_integration',
             'created_at', 'updated_at'
         ]
         read_only_fields = ['created_at', 'updated_at', 'account']
+        # Explicitly specify required fields for clarity
+        extra_kwargs = {
+            'industry': {'required': True, 'error_messages': {'required': 'Industry is required when creating a site.'}},
+        }
     
     def __init__(self, *args, **kwargs):
         """Allow partial updates for PATCH requests."""
@@ -82,10 +94,12 @@ class SiteSerializer(serializers.ModelSerializer):
         # Make slug optional - it will be auto-generated from name if not provided
         if 'slug' in self.fields:
             self.fields['slug'].required = False
-        # For partial updates (PATCH), make name optional
+        # For partial updates (PATCH), make name and industry optional
         if self.partial:
             if 'name' in self.fields:
                 self.fields['name'].required = False
+            if 'industry' in self.fields:
+                self.fields['industry'].required = False
     
     def validate_domain(self, value):
         """Ensure domain has https:// protocol.
@@ -94,8 +108,9 @@ class SiteSerializer(serializers.ModelSerializer):
         - If domain has no protocol, add https://
         - Validates that the final URL is valid
         """
-        if not value:
-            return value
+        # Allow empty/None values
+        if not value or value.strip() == '':
+            return None
         
         value = value.strip()
         
@@ -146,6 +161,20 @@ class SiteSerializer(serializers.ModelSerializer):
         """Check if site can add more sectors (max 5)."""
         return obj.can_add_sector()
 
+    def get_keywords_count(self, obj):
+        """Get total keywords count for the site across all sectors."""
+        from igny8_core.modules.planner.models import Keywords
+        return Keywords.objects.filter(site=obj).count()
+
+    def get_has_integration(self, obj):
+        """Check if site has an active WordPress integration."""
+        from igny8_core.business.integration.models import SiteIntegration
+        return SiteIntegration.objects.filter(
+            site=obj, 
+            platform='wordpress',
+            is_active=True
+        ).exists() or bool(obj.wp_url)
+
 
 class IndustrySectorSerializer(serializers.ModelSerializer):
     """Serializer for IndustrySector model."""
@@ -230,6 +259,9 @@ class SiteUserAccessSerializer(serializers.ModelSerializer):
         read_only_fields = ['granted_at']
 
 
+from igny8_core.business.billing.models import PAYMENT_METHOD_CHOICES
+
+
 class UserSerializer(serializers.ModelSerializer):
     account = AccountSerializer(read_only=True)
     accessible_sites = serializers.SerializerMethodField()
@@ -260,6 +292,21 @@ class RegisterSerializer(serializers.Serializer):
         allow_null=True,
         default=None
     )
+    plan_slug = serializers.CharField(max_length=50, required=False)
+    payment_method = serializers.ChoiceField(
+        choices=[choice[0] for choice in PAYMENT_METHOD_CHOICES],
+        default='bank_transfer',
+        required=False
+    )
+    # Billing information fields
+    billing_email = serializers.EmailField(required=False, allow_blank=True)
+    billing_address_line1 = serializers.CharField(max_length=255, required=False, allow_blank=True)
+    billing_address_line2 = serializers.CharField(max_length=255, required=False, allow_blank=True)
+    billing_city = serializers.CharField(max_length=100, required=False, allow_blank=True)
+    billing_state = serializers.CharField(max_length=100, required=False, allow_blank=True)
+    billing_postal_code = serializers.CharField(max_length=20, required=False, allow_blank=True)
+    billing_country = serializers.CharField(max_length=2, required=False, allow_blank=True)
+    tax_id = serializers.CharField(max_length=100, required=False, allow_blank=True)
     
     def validate(self, attrs):
         if attrs['password'] != attrs['password_confirm']:
@@ -271,23 +318,59 @@ class RegisterSerializer(serializers.Serializer):
         if 'plan_id' in attrs and attrs.get('plan_id') == '':
             attrs['plan_id'] = None
         
+        # Validate billing fields for paid plans
+        plan_slug = attrs.get('plan_slug')
+        paid_plans = ['starter', 'growth', 'scale']
+        if plan_slug and plan_slug in paid_plans:
+            # Require billing_country for paid plans
+            if not attrs.get('billing_country'):
+                raise serializers.ValidationError({
+                    "billing_country": "Billing country is required for paid plans."
+                })
+            # Require payment_method for paid plans
+            if not attrs.get('payment_method'):
+                raise serializers.ValidationError({
+                    "payment_method": "Payment method is required for paid plans."
+                })
+        
         return attrs
     
     def create(self, validated_data):
         from django.db import transaction
+        from igny8_core.business.billing.models import CreditTransaction
+        from igny8_core.auth.models import Subscription
+        from igny8_core.business.billing.models import AccountPaymentMethod
+        from igny8_core.business.billing.services.invoice_service import InvoiceService
+        from django.utils import timezone
+        from datetime import timedelta
         
         with transaction.atomic():
-            # Get or assign free plan
-            plan = validated_data.get('plan_id')
-            if not plan:
-                # Auto-assign free plan
+            plan_slug = validated_data.get('plan_slug')
+            paid_plans = ['starter', 'growth', 'scale']
+            
+            if plan_slug and plan_slug in paid_plans:
+                try:
+                    plan = Plan.objects.get(slug=plan_slug, is_active=True)
+                except Plan.DoesNotExist:
+                    raise serializers.ValidationError({
+                        "plan": f"Plan '{plan_slug}' not available. Please contact support."
+                    })
+                account_status = 'pending_payment'
+                initial_credits = 0
+                billing_period_start = timezone.now()
+                # simple monthly cycle; if annual needed, extend here
+                billing_period_end = billing_period_start + timedelta(days=30)
+            else:
                 try:
                     plan = Plan.objects.get(slug='free', is_active=True)
                 except Plan.DoesNotExist:
-                    # Fallback: get first active plan ordered by price (cheapest)
-                    plan = Plan.objects.filter(is_active=True).order_by('price').first()
-                    if not plan:
-                        raise serializers.ValidationError({"plan": "No active plans available"})
+                    raise serializers.ValidationError({
+                        "plan": "Free plan not configured. Please contact support."
+                    })
+                account_status = 'trial'
+                initial_credits = plan.get_effective_credits_per_month()
+                billing_period_start = None
+                billing_period_end = None
             
             # Generate account name if not provided
             account_name = validated_data.get('account_name')
@@ -295,7 +378,8 @@ class RegisterSerializer(serializers.Serializer):
                 first_name = validated_data.get('first_name', '')
                 last_name = validated_data.get('last_name', '')
                 if first_name or last_name:
-                    account_name = f"{first_name} {last_name}".strip() or validated_data['email'].split('@')[0]
+                    account_name = f"{first_name} {last_name}".strip() or \
+                                  validated_data['email'].split('@')[0]
                 else:
                     account_name = validated_data['email'].split('@')[0]
             
@@ -321,17 +405,97 @@ class RegisterSerializer(serializers.Serializer):
                 role='owner'
             )
             
-            # Now create account with user as owner
+            # Generate unique slug for account
+            # Clean the base slug: lowercase, replace spaces and underscores with hyphens
+            import re
+            import random
+            import string
+            base_slug = re.sub(r'[^a-z0-9-]', '', account_name.lower().replace(' ', '-').replace('_', '-'))[:40] or 'account'
+            
+            # Add random suffix to prevent collisions (especially during concurrent registrations)
+            random_suffix = ''.join(random.choices(string.ascii_lowercase + string.digits, k=6))
+            slug = f"{base_slug}-{random_suffix}"
+            
+            # Ensure uniqueness with fallback counter
+            counter = 1
+            while Account.objects.filter(slug=slug).exists():
+                slug = f"{base_slug}-{random_suffix}-{counter}"
+                counter += 1
+            
+            # Create account with status and credits seeded (0 for paid pending)
             account = Account.objects.create(
                 name=account_name,
-                slug=account_name.lower().replace(' ', '-').replace('_', '-')[:50],
+                slug=slug,
                 owner=user,
-                plan=plan
+                plan=plan,
+                credits=initial_credits,
+                status=account_status,
+                payment_method=validated_data.get('payment_method') or 'bank_transfer',
+                # Save billing information
+                billing_email=validated_data.get('billing_email', '') or validated_data.get('email', ''),
+                billing_address_line1=validated_data.get('billing_address_line1', ''),
+                billing_address_line2=validated_data.get('billing_address_line2', ''),
+                billing_city=validated_data.get('billing_city', ''),
+                billing_state=validated_data.get('billing_state', ''),
+                billing_postal_code=validated_data.get('billing_postal_code', ''),
+                billing_country=validated_data.get('billing_country', ''),
+                tax_id=validated_data.get('tax_id', ''),
             )
             
+            # Log initial credit transaction only for free/trial accounts with credits
+            if initial_credits > 0:
+                CreditTransaction.objects.create(
+                    account=account,
+                    transaction_type='subscription',
+                    amount=initial_credits,
+                    balance_after=initial_credits,
+                    description=f'Free plan credits from {plan.name}',
+                    metadata={
+                        'plan_slug': plan.slug,
+                        'registration': True,
+                        'trial': True
+                    }
+                )
+            
             # Update user to reference the new account
             user.account = account
             user.save()
+
+            # For paid plans, create subscription, invoice, and default payment method
+            if plan_slug and plan_slug in paid_plans:
+                payment_method = validated_data.get('payment_method', 'bank_transfer')
+                
+                subscription = Subscription.objects.create(
+                    account=account,
+                    plan=plan,
+                    status='pending_payment',
+                    external_payment_id=None,
+                    current_period_start=billing_period_start,
+                    current_period_end=billing_period_end,
+                    cancel_at_period_end=False,
+                )
+                # Create pending invoice for the first period
+                InvoiceService.create_subscription_invoice(
+                    subscription=subscription,
+                    billing_period_start=billing_period_start,
+                    billing_period_end=billing_period_end,
+                )
+                # Create AccountPaymentMethod with selected payment method
+                payment_method_display_names = {
+                    'stripe': 'Credit/Debit Card (Stripe)',
+                    'paypal': 'PayPal',
+                    'bank_transfer': 'Bank Transfer (Manual)',
+                    'local_wallet': 'Mobile Wallet (Manual)',
+                }
+                AccountPaymentMethod.objects.create(
+                    account=account,
+                    type=payment_method,
+                    display_name=payment_method_display_names.get(payment_method, payment_method.title()),
+                    is_default=True,
+                    is_enabled=True,
+                    is_verified=False,
+                    instructions='Please complete payment and confirm with your transaction reference.',
+                )
             
             return user
 
@@ -340,6 +504,7 @@ class LoginSerializer(serializers.Serializer):
     """Serializer for user login."""
     email = serializers.EmailField()
     password = serializers.CharField(write_only=True)
+    remember_me = serializers.BooleanField(required=False, default=False)
 
 
 class ChangePasswordSerializer(serializers.Serializer):
@@ -382,14 +547,14 @@ class SeedKeywordSerializer(serializers.ModelSerializer):
     industry_slug = serializers.CharField(source='industry.slug', read_only=True)
     sector_name = serializers.CharField(source='sector.name', read_only=True)
     sector_slug = serializers.CharField(source='sector.slug', read_only=True)
-    intent_display = serializers.CharField(source='get_intent_display', read_only=True)
+    country_display = serializers.CharField(source='get_country_display', read_only=True)
     
     class Meta:
         model = SeedKeyword
         fields = [
             'id', 'keyword', 'industry', 'industry_name', 'industry_slug',
             'sector', 'sector_name', 'sector_slug',
-            'volume', 'difficulty', 'intent', 'intent_display',
+            'volume', 'difficulty', 'country', 'country_display',
             'is_active', 'created_at', 'updated_at'
         ]
         read_only_fields = ['created_at', 'updated_at']

backend/igny8_core/auth/urls.py

@@ -46,12 +46,101 @@ class RegisterView(APIView):
     permission_classes = [permissions.AllowAny]
     
     def post(self, request):
+        from .utils import generate_access_token, generate_refresh_token, get_access_token_expiry, get_refresh_token_expiry
+        from django.contrib.auth import login, logout
+        from django.utils import timezone
+        
+        force_logout = request.data.get('force_logout', False)
+        
         serializer = RegisterSerializer(data=request.data)
         if serializer.is_valid():
             user = serializer.save()
+            
+            # SECURITY: Check for session contamination before login
+            # If there's an existing session from a different user, handle it
+            if request.session.session_key:
+                existing_user_id = request.session.get('_auth_user_id')
+                if existing_user_id and str(existing_user_id) != str(user.id):
+                    # Get existing user details
+                    try:
+                        existing_user = User.objects.get(id=existing_user_id)
+                        existing_email = existing_user.email
+                        existing_username = existing_user.username or existing_email.split('@')[0]
+                    except User.DoesNotExist:
+                        existing_email = 'Unknown user'
+                        existing_username = 'Unknown'
+                    
+                    # If not forcing logout, return conflict info
+                    if not force_logout:
+                        return Response(
+                            {
+                                'status': 'error',
+                                'error': 'session_conflict',
+                                'message': f'You have an active session for another account ({existing_email}). Please logout first or choose to continue.',
+                                'existing_user': {
+                                    'email': existing_email,
+                                    'username': existing_username,
+                                    'id': existing_user_id
+                                },
+                                'requested_user': {
+                                    'email': user.email,
+                                    'username': user.username or user.email.split('@')[0],
+                                    'id': user.id
+                                }
+                            },
+                            status=status.HTTP_409_CONFLICT
+                        )
+                    
+                    # Force logout - clean existing session completely
+                    logout(request)
+                    # Clear all session data
+                    request.session.flush()
+            
+            # Log the user in (create session for session authentication)
+            login(request, user)
+            
+            # Get account from user
+            account = getattr(user, 'account', None)
+            
+            # Generate JWT tokens
+            access_token = generate_access_token(user, account)
+            refresh_token = generate_refresh_token(user, account)
+            access_expires_at = timezone.now() + get_access_token_expiry()
+            refresh_expires_at = timezone.now() + get_refresh_token_expiry()
+            
             user_serializer = UserSerializer(user)
+            
+            # Build response data
+            response_data = {
+                'user': user_serializer.data,
+                'tokens': {
+                    'access': access_token,
+                    'refresh': refresh_token,
+                    'access_expires_at': access_expires_at.isoformat(),
+                    'refresh_expires_at': refresh_expires_at.isoformat(),
+                }
+            }
+            
+            # NOTE: Payment checkout is NO LONGER created at registration
+            # User will complete payment on /account/plans after signup
+            # This simplifies the signup flow and consolidates all payment handling
+            
+            # Send welcome email (if enabled in settings)
+            try:
+                from igny8_core.modules.system.email_models import EmailSettings
+                from igny8_core.business.billing.services.email_service import send_welcome_email
+                
+                email_settings = EmailSettings.get_settings()
+                if email_settings.send_welcome_emails and account:
+                    send_welcome_email(user, account)
+            except Exception as e:
+                # Don't fail registration if email fails
+                import logging
+                logger = logging.getLogger(__name__)
+                logger.error(f"Failed to send welcome email for user {user.id}: {e}")
+            
             return success_response(
-                data={'user': user_serializer.data},
+                data=response_data,
                 message='Registration successful',
                 status_code=status.HTTP_201_CREATED,
                 request=request
@@ -78,6 +167,8 @@ class LoginView(APIView):
         if serializer.is_valid():
             email = serializer.validated_data['email']
             password = serializer.validated_data['password']
+            remember_me = serializer.validated_data.get('remember_me', False)
+            force_logout = request.data.get('force_logout', False)
             
             try:
                 user = User.objects.select_related('account', 'account__plan').get(email=email)
@@ -89,6 +180,47 @@ class LoginView(APIView):
                 )
             
             if user.check_password(password):
+                # SECURITY: Check for session contamination before login
+                # If user has a session cookie from a different user, handle it
+                if request.session.session_key:
+                    existing_user_id = request.session.get('_auth_user_id')
+                    if existing_user_id and str(existing_user_id) != str(user.id):
+                        # Get existing user details
+                        try:
+                            existing_user = User.objects.get(id=existing_user_id)
+                            existing_email = existing_user.email
+                            existing_username = existing_user.username or existing_email.split('@')[0]
+                        except User.DoesNotExist:
+                            existing_email = 'Unknown user'
+                            existing_username = 'Unknown'
+                        
+                        # If not forcing logout, return conflict info
+                        if not force_logout:
+                            return Response(
+                                {
+                                    'status': 'error',
+                                    'error': 'session_conflict',
+                                    'message': f'You have an active session for another account ({existing_email}). Please logout first or choose to continue.',
+                                    'existing_user': {
+                                        'email': existing_email,
+                                        'username': existing_username,
+                                        'id': existing_user_id
+                                    },
+                                    'requested_user': {
+                                        'email': user.email,
+                                        'username': user.username or user.email.split('@')[0],
+                                        'id': user.id
+                                    }
+                                },
+                                status=status.HTTP_409_CONFLICT
+                            )
+                        
+                        # Force logout - clean existing session completely
+                        from django.contrib.auth import logout
+                        logout(request)
+                        # Clear all session data
+                        request.session.flush()
+                
                 # Log the user in (create session for session authentication)
                 from django.contrib.auth import login
                 login(request, user)
@@ -97,11 +229,12 @@ class LoginView(APIView):
                 account = getattr(user, 'account', None)
                 
                 # Generate JWT tokens
-                from .utils import generate_access_token, generate_refresh_token, get_token_expiry
-                access_token = generate_access_token(user, account)
+                from .utils import generate_access_token, generate_refresh_token, get_access_token_expiry, get_refresh_token_expiry
+                from django.utils import timezone
+                access_token = generate_access_token(user, account, remember_me=remember_me)
                 refresh_token = generate_refresh_token(user, account)
-                access_expires_at = get_token_expiry('access')
-                refresh_expires_at = get_token_expiry('refresh')
+                access_expires_at = timezone.now() + get_access_token_expiry(remember_me=remember_me)
+                refresh_expires_at = timezone.now() + get_refresh_token_expiry()
                 
                 # Serialize user data safely, handling missing account relationship
                 try:
@@ -152,6 +285,128 @@ class LoginView(APIView):
         )
 
 
+@extend_schema(
+    tags=['Authentication'],
+    summary='Request Password Reset',
+    description='Request password reset email'
+)
+class PasswordResetRequestView(APIView):
+    """Request password reset endpoint - sends email with reset token."""
+    permission_classes = [permissions.AllowAny]
+    
+    def post(self, request):
+        from .serializers import RequestPasswordResetSerializer
+        from .models import PasswordResetToken
+        
+        serializer = RequestPasswordResetSerializer(data=request.data)
+        if not serializer.is_valid():
+            return error_response(
+                error='Validation failed',
+                errors=serializer.errors,
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        email = serializer.validated_data['email']
+        
+        try:
+            user = User.objects.get(email=email)
+        except User.DoesNotExist:
+            # Don't reveal if email exists - return success anyway
+            return success_response(
+                message='If an account with that email exists, a password reset link has been sent.',
+                request=request
+            )
+        
+        # Generate secure token
+        import secrets
+        token = secrets.token_urlsafe(32)
+        
+        # Create reset token (expires in 1 hour)
+        from django.utils import timezone
+        from datetime import timedelta
+        expires_at = timezone.now() + timedelta(hours=1)
+        
+        PasswordResetToken.objects.create(
+            user=user,
+            token=token,
+            expires_at=expires_at
+        )
+        
+        # Send password reset email
+        import logging
+        logger = logging.getLogger(__name__)
+        logger.info(f"[PASSWORD_RESET] Attempting to send reset email to: {email}")
+        
+        try:
+            from igny8_core.business.billing.services.email_service import send_password_reset_email
+            result = send_password_reset_email(user, token)
+            logger.info(f"[PASSWORD_RESET] Email send result: {result}")
+            print(f"[PASSWORD_RESET] Email send result: {result}")  # Console output
+        except Exception as e:
+            logger.error(f"[PASSWORD_RESET] Failed to send password reset email: {e}", exc_info=True)
+            print(f"[PASSWORD_RESET] ERROR: {e}")  # Console output
+        
+        return success_response(
+            message='If an account with that email exists, a password reset link has been sent.',
+            request=request
+        )
+
+
+@extend_schema(
+    tags=['Authentication'],
+    summary='Reset Password',
+    description='Reset password using token from email'
+)
+class PasswordResetConfirmView(APIView):
+    """Confirm password reset with token."""
+    permission_classes = [permissions.AllowAny]
+    
+    def post(self, request):
+        from .serializers import ResetPasswordSerializer
+        from .models import PasswordResetToken
+        from django.utils import timezone
+        
+        serializer = ResetPasswordSerializer(data=request.data)
+        if not serializer.is_valid():
+            return error_response(
+                error='Validation failed',
+                errors=serializer.errors,
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        token = serializer.validated_data['token']
+        new_password = serializer.validated_data['new_password']
+        
+        try:
+            reset_token = PasswordResetToken.objects.get(
+                token=token,
+                used=False,
+                expires_at__gt=timezone.now()
+            )
+        except PasswordResetToken.DoesNotExist:
+            return error_response(
+                error='Invalid or expired reset token',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        # Reset password
+        user = reset_token.user
+        user.set_password(new_password)
+        user.save()
+        
+        # Mark token as used
+        reset_token.used = True
+        reset_token.save()
+        
+        return success_response(
+            message='Password reset successfully. You can now log in with your new password.',
+            request=request
+        )
+
+
 @extend_schema(
     tags=['Authentication'],
     summary='Change Password',
@@ -247,6 +502,7 @@ class RefreshTokenView(APIView):
                 account = getattr(user, 'account', None)
             
             # Generate new access token
+            from .utils import get_token_expiry
             access_token = generate_access_token(user, account)
             access_expires_at = get_token_expiry('access')
             
@@ -266,6 +522,77 @@ class RefreshTokenView(APIView):
             )
 
 
+@extend_schema(
+    tags=['Authentication'],
+    summary='Get Country List',
+    description='Returns list of countries for registration country selection'
+)
+class CountryListView(APIView):
+    """Returns list of countries for signup dropdown"""
+    permission_classes = [permissions.AllowAny]  # Public endpoint
+
+    def get(self, request):
+        """Get list of countries with codes and names"""
+        # Comprehensive list of countries for billing purposes
+        countries = [
+            {'code': 'US', 'name': 'United States'},
+            {'code': 'GB', 'name': 'United Kingdom'},
+            {'code': 'CA', 'name': 'Canada'},
+            {'code': 'AU', 'name': 'Australia'},
+            {'code': 'DE', 'name': 'Germany'},
+            {'code': 'FR', 'name': 'France'},
+            {'code': 'ES', 'name': 'Spain'},
+            {'code': 'IT', 'name': 'Italy'},
+            {'code': 'NL', 'name': 'Netherlands'},
+            {'code': 'BE', 'name': 'Belgium'},
+            {'code': 'CH', 'name': 'Switzerland'},
+            {'code': 'AT', 'name': 'Austria'},
+            {'code': 'SE', 'name': 'Sweden'},
+            {'code': 'NO', 'name': 'Norway'},
+            {'code': 'DK', 'name': 'Denmark'},
+            {'code': 'FI', 'name': 'Finland'},
+            {'code': 'IE', 'name': 'Ireland'},
+            {'code': 'PT', 'name': 'Portugal'},
+            {'code': 'PL', 'name': 'Poland'},
+            {'code': 'CZ', 'name': 'Czech Republic'},
+            {'code': 'NZ', 'name': 'New Zealand'},
+            {'code': 'SG', 'name': 'Singapore'},
+            {'code': 'HK', 'name': 'Hong Kong'},
+            {'code': 'JP', 'name': 'Japan'},
+            {'code': 'KR', 'name': 'South Korea'},
+            {'code': 'IN', 'name': 'India'},
+            {'code': 'PK', 'name': 'Pakistan'},
+            {'code': 'BD', 'name': 'Bangladesh'},
+            {'code': 'AE', 'name': 'United Arab Emirates'},
+            {'code': 'SA', 'name': 'Saudi Arabia'},
+            {'code': 'ZA', 'name': 'South Africa'},
+            {'code': 'NG', 'name': 'Nigeria'},
+            {'code': 'EG', 'name': 'Egypt'},
+            {'code': 'KE', 'name': 'Kenya'},
+            {'code': 'BR', 'name': 'Brazil'},
+            {'code': 'MX', 'name': 'Mexico'},
+            {'code': 'AR', 'name': 'Argentina'},
+            {'code': 'CL', 'name': 'Chile'},
+            {'code': 'CO', 'name': 'Colombia'},
+            {'code': 'PE', 'name': 'Peru'},
+            {'code': 'MY', 'name': 'Malaysia'},
+            {'code': 'TH', 'name': 'Thailand'},
+            {'code': 'VN', 'name': 'Vietnam'},
+            {'code': 'PH', 'name': 'Philippines'},
+            {'code': 'ID', 'name': 'Indonesia'},
+            {'code': 'TR', 'name': 'Turkey'},
+            {'code': 'RU', 'name': 'Russia'},
+            {'code': 'UA', 'name': 'Ukraine'},
+            {'code': 'RO', 'name': 'Romania'},
+            {'code': 'GR', 'name': 'Greece'},
+            {'code': 'IL', 'name': 'Israel'},
+            {'code': 'TW', 'name': 'Taiwan'},
+        ]
+        # Sort alphabetically by name
+        countries.sort(key=lambda x: x['name'])
+        return Response({'countries': countries})
+
+
 @extend_schema(exclude=True)  # Exclude from public API documentation - internal authenticated endpoint
 class MeView(APIView):
     """Get current user information."""
@@ -283,12 +610,86 @@ class MeView(APIView):
         )
 
 
+@extend_schema(
+    tags=['Authentication'],
+    summary='Unsubscribe from Emails',
+    description='Unsubscribe a user from marketing, billing, or all email notifications'
+)
+class UnsubscribeView(APIView):
+    """Handle email unsubscribe requests with signed URLs."""
+    permission_classes = [permissions.AllowAny]
+    
+    def post(self, request):
+        """
+        Process unsubscribe request.
+        
+        Expected payload:
+        - email: The email address to unsubscribe
+        - type: Type of emails to unsubscribe from (marketing, billing, all)
+        - ts: Timestamp from signed URL
+        - sig: HMAC signature from signed URL
+        """
+        from igny8_core.business.billing.services.email_service import verify_unsubscribe_signature
+        import logging
+        
+        logger = logging.getLogger(__name__)
+        
+        email = request.data.get('email')
+        email_type = request.data.get('type', 'all')
+        timestamp = request.data.get('ts')
+        signature = request.data.get('sig')
+        
+        # Validate required fields
+        if not email or not timestamp or not signature:
+            return error_response(
+                error='Missing required parameters',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        try:
+            timestamp = int(timestamp)
+        except (ValueError, TypeError):
+            return error_response(
+                error='Invalid timestamp',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        # Verify signature
+        if not verify_unsubscribe_signature(email, email_type, timestamp, signature):
+            return error_response(
+                error='Invalid or expired unsubscribe link',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        # Log the unsubscribe request
+        # In production, update user preferences or use email provider's suppression list
+        logger.info(f'Unsubscribe request processed: email={email}, type={email_type}')
+        
+        # TODO: Implement preference storage
+        # Options:
+        # 1. Add email preference fields to User model
+        # 2. Use Resend's suppression list API
+        # 3. Create EmailPreferences model
+        
+        return success_response(
+            message=f'Successfully unsubscribed from {email_type} emails',
+            request=request
+        )
+
+
 urlpatterns = [
     path('', include(router.urls)),
     path('register/', csrf_exempt(RegisterView.as_view()), name='auth-register'),
     path('login/', csrf_exempt(LoginView.as_view()), name='auth-login'),
     path('refresh/', csrf_exempt(RefreshTokenView.as_view()), name='auth-refresh'),
     path('change-password/', ChangePasswordView.as_view(), name='auth-change-password'),
+    path('password-reset/', csrf_exempt(PasswordResetRequestView.as_view()), name='auth-password-reset-request'),
+    path('password-reset/confirm/', csrf_exempt(PasswordResetConfirmView.as_view()), name='auth-password-reset-confirm'),
     path('me/', MeView.as_view(), name='auth-me'),
+    path('countries/', CountryListView.as_view(), name='auth-countries'),
+    path('unsubscribe/', csrf_exempt(UnsubscribeView.as_view()), name='auth-unsubscribe'),
 ]
 

backend/igny8_core/auth/utils.py

@@ -17,23 +17,26 @@ def get_jwt_algorithm():
     return getattr(settings, 'JWT_ALGORITHM', 'HS256')
 
 
-def get_access_token_expiry():
+def get_access_token_expiry(remember_me=False):
     """Get access token expiry time from settings"""
-    return getattr(settings, 'JWT_ACCESS_TOKEN_EXPIRY', timedelta(minutes=15))
+    if remember_me:
+        return getattr(settings, 'JWT_ACCESS_TOKEN_EXPIRY_REMEMBER_ME', timedelta(days=20))
+    return getattr(settings, 'JWT_ACCESS_TOKEN_EXPIRY', timedelta(hours=1))
 
 
 def get_refresh_token_expiry():
     """Get refresh token expiry time from settings"""
-    return getattr(settings, 'JWT_REFRESH_TOKEN_EXPIRY', timedelta(days=7))
+    return getattr(settings, 'JWT_REFRESH_TOKEN_EXPIRY', timedelta(days=30))
 
 
-def generate_access_token(user, account=None):
+def generate_access_token(user, account=None, remember_me=False):
     """
     Generate JWT access token for user
     
     Args:
         user: User instance
         account: Account instance (optional, will use user.account if not provided)
+        remember_me: bool - If True, use extended expiry (20 days)
     
     Returns:
         str: JWT access token
@@ -42,7 +45,7 @@ def generate_access_token(user, account=None):
         account = getattr(user, 'account', None)
     
     now = timezone.now()
-    expiry = now + get_access_token_expiry()
+    expiry = now + get_access_token_expiry(remember_me=remember_me)
     
     payload = {
         'user_id': user.id,
@@ -51,6 +54,7 @@ def generate_access_token(user, account=None):
         'exp': int(expiry.timestamp()),
         'iat': int(now.timestamp()),
         'type': 'access',
+        'remember_me': remember_me,
     }
     
     token = jwt.encode(payload, get_jwt_secret_key(), algorithm=get_jwt_algorithm())
@@ -128,3 +132,72 @@ def get_token_expiry(token_type='access'):
         return now + get_refresh_token_expiry()
     return now + get_access_token_expiry()
 
+
+
+
+def validate_account_and_plan(user_or_account):
+    """
+    Validate account exists and has active plan.
+    Allows trial, active, and pending_payment statuses.
+    Bypasses validation for superusers, developers, and system accounts.
+    
+    Args:
+        user_or_account: User or Account instance
+        
+    Returns:
+        tuple: (is_valid: bool, error_msg: str or None, http_status: int or None)
+    """
+    from rest_framework import status
+    from .models import User, Account
+    
+    # Extract account from user or use directly
+    if isinstance(user_or_account, User):
+        try:
+            account = getattr(user_or_account, 'account', None)
+        except Exception:
+            account = None
+    elif isinstance(user_or_account, Account):
+        account = user_or_account
+        # Check if account is a system account
+        try:
+            if hasattr(account, 'is_system_account') and account.is_system_account():
+                return (True, None, None)
+        except Exception:
+            pass
+    else:
+        return (False, 'Invalid object type', status.HTTP_400_BAD_REQUEST)
+    
+    # Check account exists
+    if not account:
+        return (
+            False,
+            'Account not configured for this user. Please contact support.',
+            status.HTTP_403_FORBIDDEN
+        )
+    
+    # Check account status - allow trial, active, pending_payment
+    # Block only suspended and cancelled
+    if hasattr(account, 'status') and account.status in ['suspended', 'cancelled']:
+        return (
+            False,
+            f'Account is {account.status}. Please contact support.',
+            status.HTTP_403_FORBIDDEN
+        )
+    
+    # Check plan exists and is active
+    plan = getattr(account, 'plan', None)
+    if not plan:
+        return (
+            False,
+            'No subscription plan assigned. Visit igny8.com/pricing to subscribe.',
+            status.HTTP_402_PAYMENT_REQUIRED
+        )
+    
+    if hasattr(plan, 'is_active') and not plan.is_active:
+        return (
+            False,
+            'Active subscription required. Visit igny8.com/pricing to subscribe.',
+            status.HTTP_402_PAYMENT_REQUIRED
+        )
+    
+    return (True, None, None)

backend/igny8_core/auth/views.py

@@ -341,7 +341,8 @@ class SubscriptionsViewSet(AccountModelViewSet):
     queryset = Subscription.objects.all()
     permission_classes = [IsAuthenticatedAndActive, HasTenantAccess, IsOwnerOrAdmin]
     pagination_class = CustomPageNumberPagination
-    throttle_scope = 'auth'
+    # Use relaxed auth throttle to avoid 429s during onboarding plan fetches
+    throttle_scope = 'auth_read'
     throttle_classes = [DebugScopedRateThrottle]
     
     def get_queryset(self):
@@ -439,14 +440,26 @@ class SiteUserAccessViewSet(AccountModelViewSet):
 class PlanViewSet(viewsets.ReadOnlyModelViewSet):
     """
     ViewSet for listing active subscription plans.
+    Excludes internal-only plans (Free/Internal) from public listings.
     Unified API Standard v1.0 compliant
     """
-    queryset = Plan.objects.filter(is_active=True)
+    queryset = Plan.objects.filter(is_active=True, is_internal=False)
     serializer_class = PlanSerializer
     permission_classes = [permissions.AllowAny]
     pagination_class = CustomPageNumberPagination
-    throttle_scope = 'auth'
-    throttle_classes = [DebugScopedRateThrottle]
+    # Plans are public and should not throttle aggressively to avoid blocking signup/onboarding
+    throttle_scope = None
+    throttle_classes: list = []
+    
+    def list(self, request, *args, **kwargs):
+        """Override list to return paginated response with unified format"""
+        queryset = self.filter_queryset(self.get_queryset())
+        page = self.paginate_queryset(queryset)
+        if page is not None:
+            serializer = self.get_serializer(page, many=True)
+            return self.get_paginated_response(serializer.data)
+        serializer = self.get_serializer(queryset, many=True)
+        return success_response(data={'results': serializer.data}, request=request)
     
     def retrieve(self, request, *args, **kwargs):
         """Override retrieve to return unified format"""
@@ -474,7 +487,7 @@ class SiteViewSet(AccountModelViewSet):
     """ViewSet for managing Sites."""
     serializer_class = SiteSerializer
     permission_classes = [IsAuthenticatedAndActive, HasTenantAccess, IsEditorOrAbove]
-    authentication_classes = [JWTAuthentication, CSRFExemptSessionAuthentication]
+    authentication_classes = [JWTAuthentication]
     
     def get_permissions(self):
         """Allow normal users (viewer) to create sites, but require editor+ for other operations."""
@@ -483,8 +496,9 @@ class SiteViewSet(AccountModelViewSet):
             from rest_framework.permissions import AllowAny
             return [AllowAny()]
         if self.action == 'create':
+            # For create, only require authentication - not active account status
             return [permissions.IsAuthenticated()]
-        return [IsEditorOrAbove()]
+        return [IsAuthenticatedAndActive(), HasTenantAccess(), IsEditorOrAbove()]
     
     def get_queryset(self):
         """Return sites accessible to the current user."""
@@ -498,33 +512,44 @@ class SiteViewSet(AccountModelViewSet):
         
         user = self.request.user
         
-        # ADMIN/DEV OVERRIDE: Both admins and developers can see all sites
-        if user.is_admin_or_developer():
-            return Site.objects.all().distinct()
-        
-        # Get account from user
         account = getattr(user, 'account', None)
         if not account:
             return Site.objects.none()
         
-        if user.role in ['owner', 'admin']:
-            return Site.objects.filter(account=account)
+        if hasattr(user, 'get_accessible_sites'):
+            return user.get_accessible_sites()
         
-        return Site.objects.filter(
-            account=account,
-            user_access__user=user
-        ).distinct()
+        return Site.objects.filter(account=account)
     
     def perform_create(self, serializer):
-        """Create site with account."""
+        """Create site with account and auto-grant access to creator."""
         account = getattr(self.request, 'account', None)
         if not account:
             user = self.request.user
             if user and user.is_authenticated:
                 account = getattr(user, 'account', None)
         
+        # Check hard limit for sites
+        from igny8_core.business.billing.services.limit_service import LimitService, HardLimitExceededError
+        try:
+            LimitService.check_hard_limit(account, 'sites', additional_count=1)
+        except HardLimitExceededError as e:
+            from rest_framework.exceptions import PermissionDenied
+            raise PermissionDenied(str(e))
+        
         # Multiple sites can be active simultaneously - no constraint
-        serializer.save(account=account)
+        site = serializer.save(account=account)
+        
+        # Auto-create SiteUserAccess for owner/admin who creates the site
+        user = self.request.user
+        if user and user.is_authenticated and hasattr(user, 'role'):
+            if user.role in ['owner', 'admin']:
+                from igny8_core.auth.models import SiteUserAccess
+                SiteUserAccess.objects.get_or_create(
+                    user=user,
+                    site=site,
+                    defaults={'granted_by': user}
+                )
     
     def perform_update(self, serializer):
         """Update site."""
@@ -727,18 +752,13 @@ class SectorViewSet(AccountModelViewSet):
     """ViewSet for managing Sectors."""
     serializer_class = SectorSerializer
     permission_classes = [IsAuthenticatedAndActive, HasTenantAccess, IsEditorOrAbove]
-    authentication_classes = [JWTAuthentication, CSRFExemptSessionAuthentication]
+    authentication_classes = [JWTAuthentication]
     
     def get_queryset(self):
         """Return sectors from sites accessible to the current user."""
         user = self.request.user
         if not user or not user.is_authenticated:
             return Sector.objects.none()
-        
-        # ADMIN/DEV OVERRIDE: Both admins and developers can see all sectors across all sites
-        if user.is_admin_or_developer():
-            return Sector.objects.all().distinct()
-        
         accessible_sites = user.get_accessible_sites()
         return Sector.objects.filter(site__in=accessible_sites)
     
@@ -819,7 +839,7 @@ class SeedKeywordViewSet(viewsets.ReadOnlyModelViewSet):
     search_fields = ['keyword']
     ordering_fields = ['keyword', 'volume', 'difficulty', 'created_at']
     ordering = ['keyword']
-    filterset_fields = ['industry', 'sector', 'intent', 'is_active']
+    filterset_fields = ['industry', 'sector', 'country', 'is_active']
     
     def retrieve(self, request, *args, **kwargs):
         """Override retrieve to return unified format"""
@@ -838,14 +858,133 @@ class SeedKeywordViewSet(viewsets.ReadOnlyModelViewSet):
         """Filter by industry and sector if provided."""
         queryset = super().get_queryset()
         industry_id = self.request.query_params.get('industry_id')
+        industry_name = self.request.query_params.get('industry_name')
         sector_id = self.request.query_params.get('sector_id')
+        sector_name = self.request.query_params.get('sector_name')
         
         if industry_id:
             queryset = queryset.filter(industry_id=industry_id)
+        if industry_name:
+            queryset = queryset.filter(industry__name__icontains=industry_name)
         if sector_id:
             queryset = queryset.filter(sector_id=sector_id)
+        if sector_name:
+            queryset = queryset.filter(sector__name__icontains=sector_name)
         
         return queryset
+    
+    @action(detail=False, methods=['post'], url_path='import_seed_keywords', url_name='import_seed_keywords')
+    def import_seed_keywords(self, request):
+        """
+        Import seed keywords from CSV (Admin/Superuser only).
+        Expected columns: keyword, industry_name, sector_name, volume, difficulty, country
+        """
+        import csv
+        from django.db import transaction
+        
+        # Check admin/superuser permission
+        if not (request.user.is_staff or request.user.is_superuser):
+            return error_response(
+                error='Admin or superuser access required',
+                status_code=status.HTTP_403_FORBIDDEN,
+                request=request
+            )
+        
+        if 'file' not in request.FILES:
+            return error_response(
+                error='No file provided',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        file = request.FILES['file']
+        if not file.name.endswith('.csv'):
+            return error_response(
+                error='File must be a CSV',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        try:
+            # Parse CSV
+            decoded_file = file.read().decode('utf-8')
+            csv_reader = csv.DictReader(decoded_file.splitlines())
+            
+            imported_count = 0
+            skipped_count = 0
+            errors = []
+            
+            with transaction.atomic():
+                for row_num, row in enumerate(csv_reader, start=2):  # Start at 2 (header is row 1)
+                    try:
+                        keyword_text = row.get('keyword', '').strip()
+                        industry_name = row.get('industry_name', '').strip()
+                        sector_name = row.get('sector_name', '').strip()
+                        
+                        if not all([keyword_text, industry_name, sector_name]):
+                            skipped_count += 1
+                            continue
+                        
+                        # Get or create industry
+                        industry = Industry.objects.filter(name=industry_name).first()
+                        if not industry:
+                            errors.append(f"Row {row_num}: Industry '{industry_name}' not found")
+                            skipped_count += 1
+                            continue
+                        
+                        # Get or create industry sector
+                        sector = IndustrySector.objects.filter(
+                            industry=industry,
+                            name=sector_name
+                        ).first()
+                        if not sector:
+                            errors.append(f"Row {row_num}: Sector '{sector_name}' not found for industry '{industry_name}'")
+                            skipped_count += 1
+                            continue
+                        
+                        # Check if keyword already exists
+                        existing = SeedKeyword.objects.filter(
+                            keyword=keyword_text,
+                            industry=industry,
+                            sector=sector
+                        ).first()
+                        
+                        if existing:
+                            skipped_count += 1
+                            continue
+                        
+                        # Create seed keyword
+                        SeedKeyword.objects.create(
+                            keyword=keyword_text,
+                            industry=industry,
+                            sector=sector,
+                            volume=int(row.get('volume', 0) or 0),
+                            difficulty=int(row.get('difficulty', 0) or 0),
+                            country=row.get('country', 'US') or 'US',
+                            is_active=True
+                        )
+                        imported_count += 1
+                        
+                    except Exception as e:
+                        errors.append(f"Row {row_num}: {str(e)}")
+                        skipped_count += 1
+            
+            return success_response(
+                data={
+                    'imported': imported_count,
+                    'skipped': skipped_count,
+                    'errors': errors[:10] if errors else []  # Limit errors to first 10
+                },
+                message=f'Import completed: {imported_count} keywords imported, {skipped_count} skipped',
+                request=request
+            )
+            
+        except Exception as e:
+            return error_response(
+                error=f'Failed to import keywords: {str(e)}',
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                request=request
+            )
 
 
 # ============================================================================
@@ -1128,16 +1267,21 @@ class AuthViewSet(viewsets.GenericViewSet):
             expires_at=expires_at
         )
         
-        # Send email (async via Celery if available, otherwise sync)
+        # Send password reset email using the email service
         try:
-            from igny8_core.modules.system.tasks import send_password_reset_email
-            send_password_reset_email.delay(user.id, token)
-        except:
-            # Fallback to sync email sending
+            from igny8_core.business.billing.services.email_service import send_password_reset_email
+            send_password_reset_email(user, token)
+        except Exception as e:
+            # Fallback to Django's send_mail if email service fails
+            import logging
+            logger = logging.getLogger(__name__)
+            logger.error(f"Failed to send password reset email via email service: {e}")
+            
             from django.core.mail import send_mail
             from django.conf import settings
             
-            reset_url = f"{request.scheme}://{request.get_host()}/reset-password?token={token}"
+            frontend_url = getattr(settings, 'FRONTEND_URL', 'https://app.igny8.com')
+            reset_url = f"{frontend_url}/reset-password?token={token}"
             
             send_mail(
                 subject='Reset Your IGNY8 Password',
@@ -1197,3 +1341,219 @@ class AuthViewSet(viewsets.GenericViewSet):
             message='Password has been reset successfully',
             request=request
         )
+
+
+# ============================================================================
+# CSV Import/Export Views for Admin
+# ============================================================================
+
+from django.http import HttpResponse, JsonResponse
+from django.contrib.admin.views.decorators import staff_member_required
+from django.views.decorators.http import require_http_methods
+import csv
+import io
+
+
+@staff_member_required
+@require_http_methods(["GET"])
+def industry_csv_template(request):
+    """Download CSV template for Industry import"""
+    response = HttpResponse(content_type='text/csv')
+    response['Content-Disposition'] = 'attachment; filename="industry_template.csv"'
+    
+    writer = csv.writer(response)
+    writer.writerow(['name', 'description', 'is_active'])
+    writer.writerow(['Technology', 'Technology industry', 'true'])
+    writer.writerow(['Healthcare', 'Healthcare and medical services', 'true'])
+    
+    return response
+
+
+@staff_member_required
+@require_http_methods(["POST"])
+def industry_csv_import(request):
+    """Import industries from CSV"""
+    if not request.FILES.get('csv_file'):
+        return JsonResponse({'success': False, 'error': 'No CSV file provided'}, status=400)
+    
+    csv_file = request.FILES['csv_file']
+    decoded_file = csv_file.read().decode('utf-8')
+    io_string = io.StringIO(decoded_file)
+    reader = csv.DictReader(io_string)
+    
+    created = 0
+    updated = 0
+    errors = []
+    
+    from django.utils.text import slugify
+    
+    for row_num, row in enumerate(reader, start=2):
+        try:
+            is_active = row.get('is_active', 'true').lower() in ['true', '1', 'yes']
+            slug = slugify(row['name'])
+            
+            industry, created_flag = Industry.objects.update_or_create(
+                name=row['name'],
+                defaults={
+                    'slug': slug,
+                    'description': row.get('description', ''),
+                    'is_active': is_active
+                }
+            )
+            if created_flag:
+                created += 1
+            else:
+                updated += 1
+        except Exception as e:
+            errors.append(f"Row {row_num}: {str(e)}")
+    
+    return JsonResponse({
+        'success': True,
+        'created': created,
+        'updated': updated,
+        'errors': errors
+    })
+
+
+@staff_member_required
+@require_http_methods(["GET"])
+def industrysector_csv_template(request):
+    """Download CSV template for IndustrySector import"""
+    response = HttpResponse(content_type='text/csv')
+    response['Content-Disposition'] = 'attachment; filename="industrysector_template.csv"'
+    
+    writer = csv.writer(response)
+    writer.writerow(['name', 'industry', 'description', 'is_active'])
+    writer.writerow(['Software Development', 'Technology', 'Software and app development', 'true'])
+    writer.writerow(['Healthcare IT', 'Healthcare', 'Healthcare information technology', 'true'])
+    
+    return response
+
+
+@staff_member_required
+@require_http_methods(["POST"])
+def industrysector_csv_import(request):
+    """Import industry sectors from CSV"""
+    if not request.FILES.get('csv_file'):
+        return JsonResponse({'success': False, 'error': 'No CSV file provided'}, status=400)
+    
+    csv_file = request.FILES['csv_file']
+    decoded_file = csv_file.read().decode('utf-8')
+    io_string = io.StringIO(decoded_file)
+    reader = csv.DictReader(io_string)
+    
+    created = 0
+    updated = 0
+    errors = []
+    
+    from django.utils.text import slugify
+    
+    for row_num, row in enumerate(reader, start=2):
+        try:
+            is_active = row.get('is_active', 'true').lower() in ['true', '1', 'yes']
+            slug = slugify(row['name'])
+            
+            # Find industry by name
+            try:
+                industry = Industry.objects.get(name=row['industry'])
+            except Industry.DoesNotExist:
+                errors.append(f"Row {row_num}: Industry '{row['industry']}' not found")
+                continue
+            
+            sector, created_flag = IndustrySector.objects.update_or_create(
+                name=row['name'],
+                industry=industry,
+                defaults={
+                    'slug': slug,
+                    'description': row.get('description', ''),
+                    'is_active': is_active
+                }
+            )
+            if created_flag:
+                created += 1
+            else:
+                updated += 1
+        except Exception as e:
+            errors.append(f"Row {row_num}: {str(e)}")
+    
+    return JsonResponse({
+        'success': True,
+        'created': created,
+        'updated': updated,
+        'errors': errors
+    })
+
+
+@staff_member_required
+@require_http_methods(["GET"])
+def seedkeyword_csv_template(request):
+    """Download CSV template for SeedKeyword import"""
+    response = HttpResponse(content_type='text/csv')
+    response['Content-Disposition'] = 'attachment; filename="seedkeyword_template.csv"'
+    
+    writer = csv.writer(response)
+    writer.writerow(['keyword', 'industry', 'sector', 'volume', 'difficulty', 'country', 'is_active'])
+    writer.writerow(['python programming', 'Technology', 'Software Development', '10000', '45', 'US', 'true'])
+    writer.writerow(['medical software', 'Healthcare', 'Healthcare IT', '5000', '60', 'CA', 'true'])
+    
+    return response
+
+
+@staff_member_required
+@require_http_methods(["POST"])
+def seedkeyword_csv_import(request):
+    """Import seed keywords from CSV"""
+    if not request.FILES.get('csv_file'):
+        return JsonResponse({'success': False, 'error': 'No CSV file provided'}, status=400)
+    
+    csv_file = request.FILES['csv_file']
+    decoded_file = csv_file.read().decode('utf-8')
+    io_string = io.StringIO(decoded_file)
+    reader = csv.DictReader(io_string)
+    
+    created = 0
+    updated = 0
+    errors = []
+    
+    for row_num, row in enumerate(reader, start=2):
+        try:
+            is_active = row.get('is_active', 'true').lower() in ['true', '1', 'yes']
+            
+            # Find industry and sector by name
+            try:
+                industry = Industry.objects.get(name=row['industry'])
+            except Industry.DoesNotExist:
+                errors.append(f"Row {row_num}: Industry '{row['industry']}' not found")
+                continue
+            
+            try:
+                sector = IndustrySector.objects.get(name=row['sector'], industry=industry)
+            except IndustrySector.DoesNotExist:
+                errors.append(f"Row {row_num}: Sector '{row['sector']}' not found in industry '{row['industry']}'")
+                continue
+            
+            keyword, created_flag = SeedKeyword.objects.update_or_create(
+                keyword=row['keyword'],
+                industry=industry,
+                sector=sector,
+                defaults={
+                    'volume': int(row.get('volume', 0)),
+                    'difficulty': int(row.get('difficulty', 0)),
+                    'country': row.get('country', 'US'),
+                    'is_active': is_active
+                }
+            )
+            if created_flag:
+                created += 1
+            else:
+                updated += 1
+        except Exception as e:
+            errors.append(f"Row {row_num}: {str(e)}")
+    
+    return JsonResponse({
+        'success': True,
+        'created': created,
+        'updated': updated,
+        'errors': errors
+    })
+

backend/igny8_core/business/automation/__init__.py

@@ -1,4 +1,4 @@
 """
-Automation business logic - AutomationRule, ScheduledTask models and services
+Automation Business Logic
+Orchestrates AI functions into automated pipelines
 """
-

backend/igny8_core/business/automation/admin.py

@@ -0,0 +1,166 @@
+"""
+Admin registration for Automation models
+"""
+from django.contrib import admin
+from django.contrib import messages
+from unfold.admin import ModelAdmin
+from igny8_core.admin.base import AccountAdminMixin, Igny8ModelAdmin
+from .models import AutomationConfig, AutomationRun
+
+
+from import_export.admin import ExportMixin
+from import_export import resources
+
+
+class AutomationConfigResource(resources.ModelResource):
+    """Resource class for exporting Automation Configs"""
+    class Meta:
+        model = AutomationConfig
+        fields = ('id', 'site__domain', 'is_enabled', 'frequency', 'scheduled_time',
+                  'within_stage_delay', 'between_stage_delay', 'last_run_at', 'created_at')
+        export_order = fields
+
+
+@admin.register(AutomationConfig)
+class AutomationConfigAdmin(ExportMixin, AccountAdminMixin, Igny8ModelAdmin):
+    resource_class = AutomationConfigResource
+    list_display = ('site', 'is_enabled', 'frequency', 'scheduled_time', 'within_stage_delay', 'between_stage_delay', 'last_run_at')
+    list_filter = ('is_enabled', 'frequency')
+    search_fields = ('site__domain',)
+    actions = [
+        'bulk_enable',
+        'bulk_disable',
+        'bulk_update_frequency',
+        'bulk_update_delays',
+    ]
+    
+    def bulk_enable(self, request, queryset):
+        """Enable selected automation configs"""
+        updated = queryset.update(is_enabled=True)
+        self.message_user(request, f'{updated} automation config(s) enabled.', messages.SUCCESS)
+    bulk_enable.short_description = 'Enable selected automations'
+    
+    def bulk_disable(self, request, queryset):
+        """Disable selected automation configs"""
+        updated = queryset.update(is_enabled=False)
+        self.message_user(request, f'{updated} automation config(s) disabled.', messages.SUCCESS)
+    bulk_disable.short_description = 'Disable selected automations'
+    
+    def bulk_update_frequency(self, request, queryset):
+        """Update frequency for selected automation configs"""
+        from django import forms
+        
+        if 'apply' in request.POST:
+            frequency = request.POST.get('frequency')
+            if frequency:
+                updated = queryset.update(frequency=frequency)
+                self.message_user(request, f'{updated} automation config(s) updated to frequency: {frequency}', messages.SUCCESS)
+                return
+        
+        FREQUENCY_CHOICES = [
+            ('hourly', 'Hourly'),
+            ('daily', 'Daily'),
+            ('weekly', 'Weekly'),
+        ]
+        
+        class FrequencyForm(forms.Form):
+            frequency = forms.ChoiceField(
+                choices=FREQUENCY_CHOICES,
+                label="Select Frequency",
+                help_text=f"Update frequency for {queryset.count()} automation config(s)"
+            )
+        
+        from django.shortcuts import render
+        return render(request, 'admin/bulk_action_form.html', {
+            'title': 'Update Automation Frequency',
+            'queryset': queryset,
+            'form': FrequencyForm(),
+            'action': 'bulk_update_frequency',
+        })
+    bulk_update_frequency.short_description = 'Update frequency'
+    
+    def bulk_update_delays(self, request, queryset):
+        """Update delay settings for selected automation configs"""
+        from django import forms
+        
+        if 'apply' in request.POST:
+            within_delay = int(request.POST.get('within_stage_delay', 0))
+            between_delay = int(request.POST.get('between_stage_delay', 0))
+            
+            updated = queryset.update(
+                within_stage_delay=within_delay,
+                between_stage_delay=between_delay
+            )
+            self.message_user(request, f'{updated} automation config(s) delay settings updated.', messages.SUCCESS)
+            return
+        
+        class DelayForm(forms.Form):
+            within_stage_delay = forms.IntegerField(
+                min_value=0,
+                initial=10,
+                label="Within Stage Delay (minutes)",
+                help_text="Delay between operations within the same stage"
+            )
+            between_stage_delay = forms.IntegerField(
+                min_value=0,
+                initial=60,
+                label="Between Stage Delay (minutes)",
+                help_text="Delay between different stages"
+            )
+        
+        from django.shortcuts import render
+        return render(request, 'admin/bulk_action_form.html', {
+            'title': 'Update Automation Delays',
+            'queryset': queryset,
+            'form': DelayForm(),
+            'action': 'bulk_update_delays',
+        })
+    bulk_update_delays.short_description = 'Update delay settings'
+
+
+class AutomationRunResource(resources.ModelResource):
+    """Resource class for exporting Automation Runs"""
+    class Meta:
+        model = AutomationRun
+        fields = ('id', 'run_id', 'site__domain', 'status', 'current_stage',
+                  'started_at', 'completed_at', 'created_at')
+        export_order = fields
+
+
+@admin.register(AutomationRun)
+class AutomationRunAdmin(ExportMixin, AccountAdminMixin, Igny8ModelAdmin):
+    resource_class = AutomationRunResource
+    list_display = ('run_id', 'site', 'status', 'current_stage', 'started_at', 'completed_at')
+    list_filter = ('status', 'current_stage')
+    search_fields = ('run_id', 'site__domain')
+    actions = [
+        'bulk_retry_failed',
+        'bulk_cancel_running',
+        'bulk_delete_old_runs',
+    ]
+    
+    def bulk_retry_failed(self, request, queryset):
+        """Retry failed automation runs"""
+        failed_runs = queryset.filter(status='failed')
+        count = failed_runs.update(status='pending', current_stage='keyword_research')
+        self.message_user(request, f'{count} failed run(s) marked for retry.', messages.SUCCESS)
+    bulk_retry_failed.short_description = 'Retry failed runs'
+    
+    def bulk_cancel_running(self, request, queryset):
+        """Cancel running automation runs"""
+        running = queryset.filter(status__in=['pending', 'running'])
+        count = running.update(status='failed')
+        self.message_user(request, f'{count} running automation(s) cancelled.', messages.SUCCESS)
+    bulk_cancel_running.short_description = 'Cancel running automations'
+    
+    def bulk_delete_old_runs(self, request, queryset):
+        """Delete automation runs older than 30 days"""
+        from django.utils import timezone
+        from datetime import timedelta
+        
+        cutoff_date = timezone.now() - timedelta(days=30)
+        old_runs = queryset.filter(created_at__lt=cutoff_date)
+        count = old_runs.count()
+        old_runs.delete()
+        self.message_user(request, f'{count} old automation run(s) deleted (older than 30 days).', messages.SUCCESS)
+    bulk_delete_old_runs.short_description = 'Delete old runs (>30 days)'

backend/igny8_core/business/automation/migrations/0001_initial.py

@@ -0,0 +1,89 @@
+# Generated migration for automation models
+
+from django.db import migrations, models
+import django.db.models.deletion
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('igny8_core_auth', '0004_add_invoice_payment_models'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='AutomationConfig',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('is_enabled', models.BooleanField(default=False, help_text='Enable/disable automation for this site')),
+                ('frequency', models.CharField(
+                    choices=[('daily', 'Daily'), ('weekly', 'Weekly'), ('monthly', 'Monthly')],
+                    default='daily',
+                    max_length=20
+                )),
+                ('scheduled_time', models.TimeField(default='02:00', help_text='Time of day to run automation (HH:MM)')),
+                ('stage_1_batch_size', models.IntegerField(default=20, help_text='Keywords → Clusters batch size')),
+                ('stage_2_batch_size', models.IntegerField(default=1, help_text='Clusters → Ideas batch size')),
+                ('stage_3_batch_size', models.IntegerField(default=20, help_text='Ideas → Tasks batch size')),
+                ('stage_4_batch_size', models.IntegerField(default=1, help_text='Tasks → Content batch size')),
+                ('stage_5_batch_size', models.IntegerField(default=1, help_text='Content → Image Prompts batch size')),
+                ('stage_6_batch_size', models.IntegerField(default=1, help_text='Image Prompts → Images batch size')),
+                ('last_run_at', models.DateTimeField(blank=True, null=True)),
+                ('next_run_at', models.DateTimeField(blank=True, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('account', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='igny8_core_auth.account')),
+                ('site', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='automation_config', to='igny8_core_auth.site')),
+            ],
+            options={
+                'db_table': 'igny8_automation_configs',
+            },
+        ),
+        migrations.CreateModel(
+            name='AutomationRun',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('run_id', models.CharField(max_length=100, unique=True)),
+                ('trigger_type', models.CharField(
+                    choices=[('manual', 'Manual'), ('scheduled', 'Scheduled')],
+                    default='manual',
+                    max_length=20
+                )),
+                ('status', models.CharField(
+                    choices=[
+                        ('running', 'Running'),
+                        ('paused', 'Paused'),
+                        ('completed', 'Completed'),
+                        ('failed', 'Failed')
+                    ],
+                    default='running',
+                    max_length=20
+                )),
+                ('current_stage', models.IntegerField(default=1, help_text='Current stage (1-7)')),
+                ('stage_1_result', models.JSONField(blank=True, null=True)),
+                ('stage_2_result', models.JSONField(blank=True, null=True)),
+                ('stage_3_result', models.JSONField(blank=True, null=True)),
+                ('stage_4_result', models.JSONField(blank=True, null=True)),
+                ('stage_5_result', models.JSONField(blank=True, null=True)),
+                ('stage_6_result', models.JSONField(blank=True, null=True)),
+                ('stage_7_result', models.JSONField(blank=True, null=True)),
+                ('total_credits_used', models.IntegerField(default=0)),
+                ('error_message', models.TextField(blank=True, null=True)),
+                ('started_at', models.DateTimeField(auto_now_add=True)),
+                ('completed_at', models.DateTimeField(blank=True, null=True)),
+                ('account', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='igny8_core_auth.account')),
+                ('site', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='automation_runs', to='igny8_core_auth.site')),
+            ],
+            options={
+                'db_table': 'igny8_automation_runs',
+                'ordering': ['-started_at'],
+                'indexes': [
+                    models.Index(fields=['site', 'status'], name='automation_site_status_idx'),
+                    models.Index(fields=['site', 'started_at'], name='automation_site_started_idx'),
+                ],
+            },
+        ),
+    ]

backend/igny8_core/business/automation/migrations/0002_add_delay_configuration.py

@@ -0,0 +1,23 @@
+# Generated migration for delay configuration fields
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('automation', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='automationconfig',
+            name='within_stage_delay',
+            field=models.IntegerField(default=3, help_text='Delay between batches within a stage (seconds)'),
+        ),
+        migrations.AddField(
+            model_name='automationconfig',
+            name='between_stage_delay',
+            field=models.IntegerField(default=5, help_text='Delay between stage transitions (seconds)'),
+        ),
+    ]

backend/igny8_core/business/automation/migrations/0003_alter_automationconfig_options_and_more.py

@@ -0,0 +1,166 @@
+# Generated by Django 5.2.8 on 2025-12-03 16:06
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('automation', '0002_add_delay_configuration'),
+        ('igny8_core_auth', '0003_add_sync_event_model'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='automationconfig',
+            options={'verbose_name': 'Automation Config', 'verbose_name_plural': 'Automation Configs'},
+        ),
+        migrations.AlterModelOptions(
+            name='automationrun',
+            options={'ordering': ['-started_at'], 'verbose_name': 'Automation Run', 'verbose_name_plural': 'Automation Runs'},
+        ),
+        migrations.RemoveIndex(
+            model_name='automationrun',
+            name='automation_site_status_idx',
+        ),
+        migrations.RemoveIndex(
+            model_name='automationrun',
+            name='automation_site_started_idx',
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='account',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='automation_configs', to='igny8_core_auth.account'),
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='is_enabled',
+            field=models.BooleanField(default=False, help_text='Whether scheduled automation is active'),
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='next_run_at',
+            field=models.DateTimeField(blank=True, help_text='Calculated based on frequency', null=True),
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='scheduled_time',
+            field=models.TimeField(default='02:00', help_text='Time to run (e.g., 02:00)'),
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='stage_1_batch_size',
+            field=models.IntegerField(default=20, help_text='Keywords per batch'),
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='stage_2_batch_size',
+            field=models.IntegerField(default=1, help_text='Clusters at a time'),
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='stage_3_batch_size',
+            field=models.IntegerField(default=20, help_text='Ideas per batch'),
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='stage_4_batch_size',
+            field=models.IntegerField(default=1, help_text='Tasks - sequential'),
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='stage_5_batch_size',
+            field=models.IntegerField(default=1, help_text='Content at a time'),
+        ),
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='stage_6_batch_size',
+            field=models.IntegerField(default=1, help_text='Images - sequential'),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='account',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='automation_runs', to='igny8_core_auth.account'),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='current_stage',
+            field=models.IntegerField(default=1, help_text='Current stage number (1-7)'),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='run_id',
+            field=models.CharField(db_index=True, help_text='Format: run_20251203_140523_manual', max_length=100, unique=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='stage_1_result',
+            field=models.JSONField(blank=True, help_text='{keywords_processed, clusters_created, batches}', null=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='stage_2_result',
+            field=models.JSONField(blank=True, help_text='{clusters_processed, ideas_created}', null=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='stage_3_result',
+            field=models.JSONField(blank=True, help_text='{ideas_processed, tasks_created}', null=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='stage_4_result',
+            field=models.JSONField(blank=True, help_text='{tasks_processed, content_created, total_words}', null=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='stage_5_result',
+            field=models.JSONField(blank=True, help_text='{content_processed, prompts_created}', null=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='stage_6_result',
+            field=models.JSONField(blank=True, help_text='{images_processed, images_generated}', null=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='stage_7_result',
+            field=models.JSONField(blank=True, help_text='{ready_for_review}', null=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='started_at',
+            field=models.DateTimeField(auto_now_add=True, db_index=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='status',
+            field=models.CharField(choices=[('running', 'Running'), ('paused', 'Paused'), ('completed', 'Completed'), ('failed', 'Failed')], db_index=True, default='running', max_length=20),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='trigger_type',
+            field=models.CharField(choices=[('manual', 'Manual'), ('scheduled', 'Scheduled')], max_length=20),
+        ),
+        migrations.AddIndex(
+            model_name='automationconfig',
+            index=models.Index(fields=['is_enabled', 'next_run_at'], name='igny8_autom_is_enab_038ce6_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='automationconfig',
+            index=models.Index(fields=['account', 'site'], name='igny8_autom_account_c6092f_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='automationrun',
+            index=models.Index(fields=['site', '-started_at'], name='igny8_autom_site_id_b5bf36_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='automationrun',
+            index=models.Index(fields=['status', '-started_at'], name='igny8_autom_status_1457b0_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='automationrun',
+            index=models.Index(fields=['account', '-started_at'], name='igny8_autom_account_27cb3c_idx'),
+        ),
+    ]

backend/igny8_core/business/automation/migrations/0004_add_pause_resume_cancel_fields.py

@@ -0,0 +1,33 @@
+# Generated by Django 5.2.8 on 2025-12-04 15:27
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('automation', '0003_alter_automationconfig_options_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='automationrun',
+            name='cancelled_at',
+            field=models.DateTimeField(blank=True, help_text='When automation was cancelled', null=True),
+        ),
+        migrations.AddField(
+            model_name='automationrun',
+            name='paused_at',
+            field=models.DateTimeField(blank=True, help_text='When automation was paused', null=True),
+        ),
+        migrations.AddField(
+            model_name='automationrun',
+            name='resumed_at',
+            field=models.DateTimeField(blank=True, help_text='When automation was last resumed', null=True),
+        ),
+        migrations.AlterField(
+            model_name='automationrun',
+            name='status',
+            field=models.CharField(choices=[('running', 'Running'), ('paused', 'Paused'), ('cancelled', 'Cancelled'), ('completed', 'Completed'), ('failed', 'Failed')], db_index=True, default='running', max_length=20),
+        ),
+    ]

backend/igny8_core/business/automation/migrations/0005_add_default_image_service.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.2.9 on 2025-12-20 15:13
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('automation', '0004_add_pause_resume_cancel_fields'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='automationconfig',
+            name='stage_1_batch_size',
+            field=models.IntegerField(default=50, help_text='Keywords per batch'),
+        ),
+    ]

backend/igny8_core/business/automation/migrations/0006_automationrun_initial_snapshot.py

@@ -0,0 +1,22 @@
+# Generated migration for adding initial_snapshot field to AutomationRun
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('automation', '0005_add_default_image_service'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='automationrun',
+            name='initial_snapshot',
+            field=models.JSONField(
+                blank=True,
+                default=dict,
+                help_text='Snapshot of initial queue sizes: {stage_1_initial, stage_2_initial, ..., total_initial_items}'
+            ),
+        ),
+    ]