chore: Various backend improvements and cleanup

- Updated backend routes for improved error handling
- Enhanced authentication service
- Database and post history improvements
- User data cleanup service updates
- Dashboard page refinements

Author: cliff-de-tech

backend/app.py

@@ -630,7 +630,7 @@ async def linkedin_callback(code: str = None, state: str = None, redirect_uri: s
         if user_id and get_user_settings and exchange_code_for_token_with_user:
             settings = await get_user_settings(user_id)
             if settings and settings.get('linkedin_client_id') and settings.get('linkedin_client_secret'):
-                result = exchange_code_for_token_with_user(
+                result = await exchange_code_for_token_with_user(
                     settings['linkedin_client_id'],
                     settings['linkedin_client_secret'],
                     code,
@@ -649,7 +649,7 @@ async def linkedin_callback(code: str = None, state: str = None, redirect_uri: s
 
             # Pass user_id for multi-tenant token storage
             # CRITICAL: We pass backend_callback_uri as 'redirect_uri' for the exchange
-            result = exchange_code_for_token(code, backend_callback_uri, user_id)
+            result = await exchange_code_for_token(code, backend_callback_uri, user_id)
 
         linkedin_urn = result.get("linkedin_user_urn", "")
         return RedirectResponse(f"{frontend_redirect}?linkedin_success=true&linkedin_urn={linkedin_urn}")
@@ -888,9 +888,7 @@ async def get_connection_status_endpoint(user_id: str):
         - github_oauth_connected: Has GitHub OAuth token (for private repos)
     """
     try:
-        # Import get_connection_status from token_store
-        from services.token_store import get_connection_status, get_token_by_user_id
-        
+        # Use top-level imports (get_connection_status, get_token_by_user_id already imported)
         status = await get_connection_status(user_id)
 
         # Get github_username from settings

backend/routes/auth.py

@@ -64,7 +64,7 @@ class AuthRefreshRequest(BaseModel):
 # LINKEDIN OAUTH ENDPOINTS
 # =============================================================================
 @router.get('/linkedin/start')
-def linkedin_start(redirect_uri: str, user_id: str = None):
+async def linkedin_start(redirect_uri: str, user_id: str = None):
     """
     Redirects the user to LinkedIn's authorization page.
     
@@ -87,7 +87,7 @@ def linkedin_start(redirect_uri: str, user_id: str = None):
     # Try to use per-user credentials if user_id provided
     if user_id and get_user_settings:
         try:
-            settings = get_user_settings(user_id)
+            settings = await get_user_settings(user_id)
             if settings and settings.get('linkedin_client_id') and get_authorize_url_for_user:
                 url = get_authorize_url_for_user(
                     settings['linkedin_client_id'],
@@ -107,7 +107,7 @@ def linkedin_start(redirect_uri: str, user_id: str = None):
 
 
 @router.get('/linkedin/callback')
-def linkedin_callback(code: str = None, state: str = None, redirect_uri: str = None):
+async def linkedin_callback(code: str = None, state: str = None, redirect_uri: str = None):
     """
     Exchange code for token and redirect back to frontend.
     
@@ -155,9 +155,9 @@ def linkedin_callback(code: str = None, state: str = None, redirect_uri: str = N
 
         # Use per-user credentials if we have a user_id
         if user_id and get_user_settings and exchange_code_for_token_with_user:
-            settings = get_user_settings(user_id)
+            settings = await get_user_settings(user_id)
             if settings and settings.get('linkedin_client_id') and settings.get('linkedin_client_secret'):
-                result = exchange_code_for_token_with_user(
+                result = await exchange_code_for_token_with_user(
                     settings['linkedin_client_id'],
                     settings['linkedin_client_secret'],
                     code,
@@ -166,14 +166,14 @@ def linkedin_callback(code: str = None, state: str = None, redirect_uri: str = N
                 )
                 if save_user_settings:
                     settings['linkedin_user_urn'] = result.get('linkedin_user_urn')
-                    save_user_settings(user_id, settings)
+                    await save_user_settings(user_id, settings)
 
         # Fallback to global credentials
         if not result:
             if not exchange_code_for_token:
                 return RedirectResponse(f"{frontend_redirect}?linkedin_success=false&error=oauth_not_available")
 
-            result = exchange_code_for_token(code, backend_callback_uri, user_id)
+            result = await exchange_code_for_token(code, backend_callback_uri, user_id)
 
         linkedin_urn = result.get("linkedin_user_urn", "")
         return RedirectResponse(f"{frontend_redirect}?linkedin_success=true&linkedin_urn={linkedin_urn}")
@@ -215,7 +215,7 @@ def github_oauth_start(redirect_uri: str, user_id: str):
 
 
 @router.get('/github/callback')
-def github_oauth_callback(code: str = None, state: str = None, redirect_uri: str = None):
+async def github_oauth_callback(code: str = None, state: str = None, redirect_uri: str = None):
     """
     Handle GitHub OAuth callback.
     
@@ -276,13 +276,13 @@ def github_oauth_callback(code: str = None, state: str = None, redirect_uri: str
 
         # Store the token encrypted
         from services.token_store import save_github_token
-        save_github_token(user_id, github_username, access_token)
+        await save_github_token(user_id, github_username, access_token)
 
         # Also update user settings with username
         if save_user_settings and get_user_settings:
-            settings = get_user_settings(user_id) or {}
+            settings = await get_user_settings(user_id) or {}
             settings['github_username'] = github_username
-            save_user_settings(user_id, settings)
+            await save_user_settings(user_id, settings)
 
         return {
             "status": "success", 
@@ -300,12 +300,12 @@ def github_oauth_callback(code: str = None, state: str = None, redirect_uri: str
 # AUTH UTILITY ENDPOINTS
 # =============================================================================
 @router.post("/refresh")
-def refresh_auth(req: AuthRefreshRequest):
+async def refresh_auth(req: AuthRefreshRequest):
     """Check if user has valid LinkedIn connection"""
     if not get_user_settings:
         return {"error": "Settings service not available"}
     try:
-        settings = get_user_settings(req.user_id)
+        settings = await get_user_settings(req.user_id)
         if settings and settings.get("linkedin_user_urn"):
             return {
                 "access_token": "valid",

backend/routes/posts.py

@@ -121,7 +121,7 @@ async def generate_preview(
     groq_api_key = None
     if user_id and get_user_settings:
         try:
-            settings = get_user_settings(user_id)
+            settings = await get_user_settings(user_id)
             if settings:
                 groq_api_key = settings.get('groq_api_key')
         except Exception as e:
@@ -132,7 +132,7 @@ async def generate_preview(
 
 
 @router.post("/publish")
-def publish(req: PostRequest):
+async def publish(req: PostRequest):
     """Publish a post to LinkedIn."""
     if not generate_post_with_ai:
         return {"error": "generate_post_with_ai not available (import failed)"}
@@ -142,7 +142,7 @@ def publish(req: PostRequest):
     user_settings = None
     if req.user_id and get_user_settings:
         try:
-            user_settings = get_user_settings(req.user_id)
+            user_settings = await get_user_settings(req.user_id)
             if user_settings:
                 groq_api_key = user_settings.get('groq_api_key')
         except Exception as e:
@@ -162,7 +162,7 @@ def publish(req: PostRequest):
     # First try: use user's specific token
     if req.user_id and get_token_by_user_id:
         try:
-            user_token = get_token_by_user_id(req.user_id)
+            user_token = await get_token_by_user_id(req.user_id)
             if user_token:
                 linkedin_urn = user_token.get('linkedin_user_urn')
                 token = user_token.get('access_token')
@@ -180,15 +180,15 @@ def publish(req: PostRequest):
     # Fallback: use first stored account or environment-based service
     accounts = []
     try:
-        accounts = get_all_tokens() if get_all_tokens else []
+        accounts = await get_all_tokens() if get_all_tokens else []
     except Exception:
         accounts = []
 
     if accounts:
         account = accounts[0]
         linkedin_urn = account.get('linkedin_user_urn')
         try:
-            token = get_access_token_for_urn(linkedin_urn)
+            token = await get_access_token_for_urn(linkedin_urn)
         except Exception:
             token = None
 

backend/routes/webhooks.py

@@ -140,7 +140,7 @@ async def handle_clerk_webhook(request: Request):
         # Import and run cleanup
         try:
             from services.user_data_cleanup import delete_all_user_data
-            result = delete_all_user_data(user_id)
+            result = await delete_all_user_data(user_id)
 
             return JSONResponse(
                 status_code=200,

backend_tokens.db

@@ -76,7 +76,7 @@ def get_authorize_url(redirect_uri: str, state: str) -> str:
     return f"https://www.linkedin.com/oauth/v2/authorization?{q}"
 
 
-def exchange_code_for_token(code: str, redirect_uri: str, user_id: str = None) -> dict:
+async def exchange_code_for_token(code: str, redirect_uri: str, user_id: str = None) -> dict:
     """
     Exchange authorization code for access token (OAuth Step 2).
     
@@ -146,7 +146,7 @@ def exchange_code_for_token(code: str, redirect_uri: str, user_id: str = None) -
 
         # Store token securely WITH user_id for multi-tenant isolation
         # SECURITY: Token is stored in SQLite; access is via parameterized queries
-        save_token(linkedin_user_urn, access_token, refresh_token=None, expires_at=expires_at, user_id=user_id)
+        await save_token(linkedin_user_urn, access_token, refresh_token=None, expires_at=expires_at, user_id=user_id)
 
     except Exception as e:
         import traceback
@@ -197,7 +197,7 @@ def get_authorize_url_for_user(client_id: str, redirect_uri: str, state: str) ->
     return f"https://www.linkedin.com/oauth/v2/authorization?{q}"
 
 
-def exchange_code_for_token_with_user(
+async def exchange_code_for_token_with_user(
     client_id: str, 
     client_secret: str, 
     code: str, 
@@ -262,7 +262,7 @@ def exchange_code_for_token_with_user(
     expires_at = int(time.time()) + int(expires_in) if expires_in else None
 
     # Save token with user_id association for multi-tenant isolation
-    save_token(
+    await save_token(
         linkedin_user_urn, 
         access_token, 
         refresh_token=None, 
@@ -324,7 +324,7 @@ def refresh_access_token(refresh_token: str) -> dict:
     }
 
 
-def get_access_token_for_urn(linkedin_user_urn: str, refresh_buffer: int = 60) -> str:
+async def get_access_token_for_urn(linkedin_user_urn: str, refresh_buffer: int = 60) -> str:
     """
     Get a valid access token for a LinkedIn user, refreshing if needed.
     
@@ -344,7 +344,7 @@ def get_access_token_for_urn(linkedin_user_urn: str, refresh_buffer: int = 60) -
     SECURITY: Tokens are refreshed proactively to avoid failed API calls.
     The refresh buffer ensures continuous availability.
     """
-    token_row = get_token_by_urn(linkedin_user_urn)
+    token_row = await get_token_by_urn(linkedin_user_urn)
     if not token_row:
         raise RuntimeError('No token found for this linkedin_user_urn')
 
@@ -362,7 +362,7 @@ def get_access_token_for_urn(linkedin_user_urn: str, refresh_buffer: int = 60) -
         refreshed = refresh_access_token(refresh_token)
 
         # Update stored token with new values
-        save_token(
+        await save_token(
             linkedin_user_urn, 
             refreshed['access_token'], 
             refreshed.get('refresh_token'), 

services/auth_service.py

@@ -46,17 +46,91 @@
 if DATABASE_URL and DATABASE_URL.startswith("postgres://"):
     DATABASE_URL = DATABASE_URL.replace("postgres://", "postgresql://", 1)
 
+# Detect if we're using SQLite
+IS_SQLITE = DATABASE_URL and DATABASE_URL.startswith("sqlite")
+
 # Lazy import to avoid issues if databases package not installed
 database = None
+_wrapper = None
+
+
+def _convert_query_for_sqlite(query: str, params: list) -> tuple:
+    """
+    Convert PostgreSQL-style $1, $2 placeholders to SQLite-compatible :p1, :p2 named params.
+    
+    Args:
+        query: SQL query with $1, $2, ... placeholders
+        params: List of parameter values
+        
+    Returns:
+        Tuple of (converted_query, params_dict)
+    """
+    import re
+    
+    if not params:
+        return query, {}
+    
+    # Convert $1, $2, etc. to :p1, :p2, etc.
+    converted_query = query
+    params_dict = {}
+    
+    # Find all $N placeholders and replace them
+    for i, value in enumerate(params, 1):
+        placeholder = f"${i}"
+        named_param = f":p{i}"
+        converted_query = converted_query.replace(placeholder, named_param)
+        params_dict[f"p{i}"] = value
+    
+    return converted_query, params_dict
+
+
+class DatabaseWrapper:
+    """
+    Wrapper around the databases.Database class that handles
+    PostgreSQL/SQLite parameter compatibility.
+    
+    All services use PostgreSQL-style $1 placeholders, but when running
+    locally with SQLite, this wrapper converts them to named params.
+    """
+    
+    def __init__(self, db):
+        self._db = db
+        self._is_sqlite = IS_SQLITE
+    
+    @property
+    def is_connected(self):
+        return self._db.is_connected
+    
+    async def connect(self):
+        return await self._db.connect()
+    
+    async def disconnect(self):
+        return await self._db.disconnect()
+    
+    async def execute(self, query: str, values: list = None):
+        if self._is_sqlite and values:
+            query, values = _convert_query_for_sqlite(query, values)
+        return await self._db.execute(query=query, values=values)
+    
+    async def fetch_one(self, query: str, values: list = None):
+        if self._is_sqlite and values:
+            query, values = _convert_query_for_sqlite(query, values)
+        return await self._db.fetch_one(query=query, values=values)
+    
+    async def fetch_all(self, query: str, values: list = None):
+        if self._is_sqlite and values:
+            query, values = _convert_query_for_sqlite(query, values)
+        return await self._db.fetch_all(query=query, values=values)
 
 
 def get_database():
     """Get the database instance, initializing if needed."""
-    global database
+    global database, _wrapper
     if database is None:
         from databases import Database
         database = Database(DATABASE_URL)
-    return database
+        _wrapper = DatabaseWrapper(database)
+    return _wrapper
 
 
 async def connect_db():

services/db.py

@@ -200,10 +200,14 @@ async def get_daily_post_count(user_id: str, user_timezone: str = "UTC") -> int:
     import datetime
     try:
         from zoneinfo import ZoneInfo
-        user_tz = ZoneInfo(user_timezone)
+        # Handle common UTC variants
+        tz_key = user_timezone
+        if tz_key.upper() == "UTC":
+            tz_key = "Etc/UTC"
+        user_tz = ZoneInfo(tz_key)
     except Exception:
-        from zoneinfo import ZoneInfo
-        user_tz = ZoneInfo("UTC")
+        # Fallback to UTC using datetime.timezone
+        user_tz = datetime.timezone.utc
 
     now_local = datetime.datetime.now(user_tz)
     today_start_local = now_local.replace(hour=0, minute=0, second=0, microsecond=0)
@@ -246,10 +250,14 @@ async def get_user_usage(user_id: str, tier: str = "free", user_timezone: str =
 
     try:
         from zoneinfo import ZoneInfo
-        user_tz = ZoneInfo(user_timezone)
+        # Handle common UTC variants
+        tz_key = user_timezone
+        if tz_key.upper() == "UTC":
+            tz_key = "Etc/UTC"
+        user_tz = ZoneInfo(tz_key)
     except Exception:
-        from zoneinfo import ZoneInfo
-        user_tz = ZoneInfo("UTC")
+        # Fallback to UTC using datetime.timezone
+        user_tz = datetime.timezone.utc
 
     now_local = datetime.datetime.now(user_tz)
     tomorrow_midnight = (now_local + datetime.timedelta(days=1)).replace(