2026-04-28 19:34:37 -04:00
16 changed files with 732 additions and 23 deletions
@@ -0,0 +1 @@
 ALTER TABLE "users" ADD COLUMN "token_version" integer DEFAULT 0 NOT NULL;
@@ -0,0 +1,477 @@
 {
  "id": "9324fe22-280a-4276-ace3-820f55654ec7",
  "prevId": "8cfe4136-b228-464d-bf2c-e4f2e8c73ce1",
  "version": "7",
  "dialect": "postgresql",
  "tables": {
    "public.achievements": {
      "name": "achievements",
      "schema": "",
      "columns": {
        "id": {
          "name": "id",
          "type": "uuid",
          "primaryKey": true,
          "notNull": true,
          "default": "gen_random_uuid()"
        },
        "user_id": {
          "name": "user_id",
          "type": "uuid",
          "primaryKey": false,
          "notNull": true
        },
        "achievement_id": {
          "name": "achievement_id",
          "type": "text",
          "primaryKey": false,
          "notNull": true
        },
        "unlocked_at": {
          "name": "unlocked_at",
          "type": "timestamp",
          "primaryKey": false,
          "notNull": true,
          "default": "now()"
        }
      },
      "indexes": {
        "achievements_user_id_idx": {
          "name": "achievements_user_id_idx",
          "columns": [
            {
              "expression": "user_id",
              "isExpression": false,
              "asc": true,
              "nulls": "last"
            }
          ],
          "isUnique": false,
          "concurrently": false,
          "method": "btree",
          "with": {}
        }
      },
      "foreignKeys": {
        "achievements_user_id_users_id_fk": {
          "name": "achievements_user_id_users_id_fk",
          "tableFrom": "achievements",
          "tableTo": "users",
          "columnsFrom": [
            "user_id"
          ],
          "columnsTo": [
            "id"
          ],
          "onDelete": "no action",
          "onUpdate": "no action"
        }
      },
      "compositePrimaryKeys": {},
      "uniqueConstraints": {},
      "policies": {},
      "checkConstraints": {},
      "isRLSEnabled": false
    },
    "public.invitations": {
      "name": "invitations",
      "schema": "",
      "columns": {
        "id": {
          "name": "id",
          "type": "uuid",
          "primaryKey": true,
          "notNull": true,
          "default": "gen_random_uuid()"
        },
        "code": {
          "name": "code",
          "type": "text",
          "primaryKey": false,
          "notNull": true
        },
        "created_by": {
          "name": "created_by",
          "type": "uuid",
          "primaryKey": false,
          "notNull": true
        },
        "used_by": {
          "name": "used_by",
          "type": "uuid",
          "primaryKey": false,
          "notNull": false
        },
        "created_at": {
          "name": "created_at",
          "type": "timestamp",
          "primaryKey": false,
          "notNull": true,
          "default": "now()"
        },
        "expires_at": {
          "name": "expires_at",
          "type": "timestamp",
          "primaryKey": false,
          "notNull": false
        }
      },
      "indexes": {},
      "foreignKeys": {
        "invitations_created_by_users_id_fk": {
          "name": "invitations_created_by_users_id_fk",
          "tableFrom": "invitations",
          "tableTo": "users",
          "columnsFrom": [
            "created_by"
          ],
          "columnsTo": [
            "id"
          ],
          "onDelete": "no action",
          "onUpdate": "no action"
        },
        "invitations_used_by_users_id_fk": {
          "name": "invitations_used_by_users_id_fk",
          "tableFrom": "invitations",
          "tableTo": "users",
          "columnsFrom": [
            "used_by"
          ],
          "columnsTo": [
            "id"
          ],
          "onDelete": "no action",
          "onUpdate": "no action"
        }
      },
      "compositePrimaryKeys": {},
      "uniqueConstraints": {
        "invitations_code_unique": {
          "name": "invitations_code_unique",
          "nullsNotDistinct": false,
          "columns": [
            "code"
          ]
        }
      },
      "policies": {},
      "checkConstraints": {},
      "isRLSEnabled": false
    },
    "public.leaderboard": {
      "name": "leaderboard",
      "schema": "",
      "columns": {
        "id": {
          "name": "id",
          "type": "uuid",
          "primaryKey": true,
          "notNull": true,
          "default": "gen_random_uuid()"
        },
        "user_id": {
          "name": "user_id",
          "type": "uuid",
          "primaryKey": false,
          "notNull": true
        },
        "company_name": {
          "name": "company_name",
          "type": "text",
          "primaryKey": false,
          "notNull": true
        },
        "category": {
          "name": "category",
          "type": "text",
          "primaryKey": false,
          "notNull": true
        },
        "score": {
          "name": "score",
          "type": "integer",
          "primaryKey": false,
          "notNull": true
        },
        "era": {
          "name": "era",
          "type": "text",
          "primaryKey": false,
          "notNull": true
        },
        "tick_count": {
          "name": "tick_count",
          "type": "integer",
          "primaryKey": false,
          "notNull": true
        },
        "submitted_at": {
          "name": "submitted_at",
          "type": "timestamp",
          "primaryKey": false,
          "notNull": true,
          "default": "now()"
        }
      },
      "indexes": {
        "leaderboard_category_score_idx": {
          "name": "leaderboard_category_score_idx",
          "columns": [
            {
              "expression": "category",
              "isExpression": false,
              "asc": true,
              "nulls": "last"
            },
            {
              "expression": "score",
              "isExpression": false,
              "asc": true,
              "nulls": "last"
            }
          ],
          "isUnique": false,
          "concurrently": false,
          "method": "btree",
          "with": {}
        }
      },
      "foreignKeys": {
        "leaderboard_user_id_users_id_fk": {
          "name": "leaderboard_user_id_users_id_fk",
          "tableFrom": "leaderboard",
          "tableTo": "users",
          "columnsFrom": [
            "user_id"
          ],
          "columnsTo": [
            "id"
          ],
          "onDelete": "no action",
          "onUpdate": "no action"
        }
      },
      "compositePrimaryKeys": {},
      "uniqueConstraints": {},
      "policies": {},
      "checkConstraints": {},
      "isRLSEnabled": false
    },
    "public.saves": {
      "name": "saves",
      "schema": "",
      "columns": {
        "id": {
          "name": "id",
          "type": "uuid",
          "primaryKey": true,
          "notNull": true,
          "default": "gen_random_uuid()"
        },
        "user_id": {
          "name": "user_id",
          "type": "uuid",
          "primaryKey": false,
          "notNull": true
        },
        "company_name": {
          "name": "company_name",
          "type": "text",
          "primaryKey": false,
          "notNull": true
        },
        "save_version": {
          "name": "save_version",
          "type": "integer",
          "primaryKey": false,
          "notNull": true
        },
        "game_data": {
          "name": "game_data",
          "type": "jsonb",
          "primaryKey": false,
          "notNull": true
        },
        "tick_count": {
          "name": "tick_count",
          "type": "integer",
          "primaryKey": false,
          "notNull": true,
          "default": 0
        },
        "era": {
          "name": "era",
          "type": "text",
          "primaryKey": false,
          "notNull": true,
          "default": "'startup'"
        },
        "created_at": {
          "name": "created_at",
          "type": "timestamp",
          "primaryKey": false,
          "notNull": true,
          "default": "now()"
        },
        "updated_at": {
          "name": "updated_at",
          "type": "timestamp",
          "primaryKey": false,
          "notNull": true,
          "default": "now()"
        }
      },
      "indexes": {
        "saves_user_id_idx": {
          "name": "saves_user_id_idx",
          "columns": [
            {
              "expression": "user_id",
              "isExpression": false,
              "asc": true,
              "nulls": "last"
            }
          ],
          "isUnique": false,
          "concurrently": false,
          "method": "btree",
          "with": {}
        }
      },
      "foreignKeys": {
        "saves_user_id_users_id_fk": {
          "name": "saves_user_id_users_id_fk",
          "tableFrom": "saves",
          "tableTo": "users",
          "columnsFrom": [
            "user_id"
          ],
          "columnsTo": [
            "id"
          ],
          "onDelete": "no action",
          "onUpdate": "no action"
        }
      },
      "compositePrimaryKeys": {},
      "uniqueConstraints": {},
      "policies": {},
      "checkConstraints": {},
      "isRLSEnabled": false
    },
    "public.users": {
      "name": "users",
      "schema": "",
      "columns": {
        "id": {
          "name": "id",
          "type": "uuid",
          "primaryKey": true,
          "notNull": true,
          "default": "gen_random_uuid()"
        },
        "anon_token": {
          "name": "anon_token",
          "type": "uuid",
          "primaryKey": false,
          "notNull": true,
          "default": "gen_random_uuid()"
        },
        "username": {
          "name": "username",
          "type": "text",
          "primaryKey": false,
          "notNull": false
        },
        "email": {
          "name": "email",
          "type": "text",
          "primaryKey": false,
          "notNull": false
        },
        "password_hash": {
          "name": "password_hash",
          "type": "text",
          "primaryKey": false,
          "notNull": false
        },
        "role": {
          "name": "role",
          "type": "text",
          "primaryKey": false,
          "notNull": true,
          "default": "'user'"
        },
        "must_reset_password": {
          "name": "must_reset_password",
          "type": "boolean",
          "primaryKey": false,
          "notNull": true,
          "default": false
        },
        "token_version": {
          "name": "token_version",
          "type": "integer",
          "primaryKey": false,
          "notNull": true,
          "default": 0
        },
        "created_at": {
          "name": "created_at",
          "type": "timestamp",
          "primaryKey": false,
          "notNull": true,
          "default": "now()"
        },
        "last_seen_at": {
          "name": "last_seen_at",
          "type": "timestamp",
          "primaryKey": false,
          "notNull": true,
          "default": "now()"
        }
      },
      "indexes": {},
      "foreignKeys": {},
      "compositePrimaryKeys": {},
      "uniqueConstraints": {
        "users_anon_token_unique": {
          "name": "users_anon_token_unique",
          "nullsNotDistinct": false,
          "columns": [
            "anon_token"
          ]
        },
        "users_username_unique": {
          "name": "users_username_unique",
          "nullsNotDistinct": false,
          "columns": [
            "username"
          ]
        },
        "users_email_unique": {
          "name": "users_email_unique",
          "nullsNotDistinct": false,
          "columns": [
            "email"
          ]
        }
      },
      "policies": {},
      "checkConstraints": {},
      "isRLSEnabled": false
    }
  },
  "enums": {},
  "schemas": {},
  "sequences": {},
  "roles": {},
  "policies": {},
  "views": {},
  "_meta": {
    "columns": {},
    "schemas": {},
    "tables": {}
  }
 }
@@ -8,6 +8,13 @@
      "when": 1777333216602,
      "tag": "0000_tearful_hedge_knight",
      "breakpoints": true
    },
    {
      "idx": 1,
      "version": "7",
      "when": 1777417629552,
      "tag": "0001_certain_aaron_stack",
      "breakpoints": true
    }
  ]
 }
@@ -8,6 +8,7 @@ export const users = pgTable('users', {
  passwordHash: text('password_hash'),
  role: text('role').notNull().default('user'),
  mustResetPassword: boolean('must_reset_password').notNull().default(false),
  tokenVersion: integer('token_version').notNull().default(0),
  createdAt: timestamp('created_at').defaultNow().notNull(),
  lastSeenAt: timestamp('last_seen_at').defaultNow().notNull(),
 });
@@ -14,10 +14,11 @@ export async function createToken(
  role: string,
  username: string | null,
  mustResetPassword: boolean,
  tokenVersion: number = 0,
 ): Promise<string> {
  const now = Math.floor(Date.now() / 1000);
  return sign(
-    { sub: userId, email, role, username, mustResetPassword, iat: now, exp: now + JWT_EXPIRY_SECONDS },
+    { sub: userId, email, role, username, mustResetPassword, tokenVersion, iat: now, exp: now + JWT_EXPIRY_SECONDS },
    getJwtSecret(),
  );
 }
@@ -28,6 +29,7 @@ export async function verifyToken(token: string): Promise<{
  role: string;
  username: string | null;
  mustResetPassword: boolean;
  tokenVersion: number;
 }> {
  const payload = await verify(token, getJwtSecret(), 'HS256');
  return {
@@ -36,5 +38,6 @@ export async function verifyToken(token: string): Promise<{
    role: (payload.role as string) ?? 'user',
    username: (payload.username as string) ?? null,
    mustResetPassword: (payload.mustResetPassword as boolean) ?? false,
    tokenVersion: (payload.tokenVersion as number) ?? 0,
  };
 }
@@ -27,6 +27,10 @@ export const authMiddleware = createMiddleware<AppEnv>(async (c, next) => {
      return c.json({ error: 'Invalid token' }, 401);
    }
    if (payload.tokenVersion !== user.tokenVersion) {
      return c.json({ error: 'Token has been revoked' }, 401);
    }
    await db
      .update(users)
      .set({ lastSeenAt: new Date() })
@@ -40,6 +44,7 @@ export const authMiddleware = createMiddleware<AppEnv>(async (c, next) => {
      email: user.email,
      role: user.role,
      mustResetPassword: user.mustResetPassword,
      tokenVersion: user.tokenVersion,
    });
    await next();
  } catch {
@@ -1,5 +1,5 @@
 import { Hono } from 'hono';
-import { eq, or } from 'drizzle-orm';
+import { eq, or, sql } from 'drizzle-orm';
 import bcrypt from 'bcryptjs';
 import { db } from '../db';
 import { users } from '../db/schema';
@@ -15,7 +15,7 @@ auth.post('/anonymous', async (c) => {
    .values({})
    .returning();
-  const token = await createToken(user.id, null, 'user', null, false);
+  const token = await createToken(user.id, null, 'user', null, false, 0);
  return c.json({ userId: user.id, token });
 });
@@ -80,7 +80,7 @@ auth.post('/register', authMiddleware, async (c) => {
    .where(eq(users.id, userId))
    .returning();
-  const token = await createToken(updated.id, updated.email, updated.role, updated.username, false);
+  const token = await createToken(updated.id, updated.email, updated.role, updated.username, false, updated.tokenVersion);
  return c.json({ userId: updated.id, token });
 });
@@ -106,7 +106,7 @@ auth.post('/login', async (c) => {
    return c.json({ error: 'Invalid credentials' }, 401);
  }
-  const token = await createToken(user.id, user.email, user.role, user.username, user.mustResetPassword);
+  const token = await createToken(user.id, user.email, user.role, user.username, user.mustResetPassword, user.tokenVersion);
  return c.json({ userId: user.id, token });
 });
@@ -141,12 +141,13 @@ auth.post('/change-password', authMiddleware, async (c) => {
  }
  const passwordHash = await bcrypt.hash(newPassword, 10);
-  await db
+  const [updated] = await db
    .update(users)
-    .set({ passwordHash, mustResetPassword: false })
+    .set({ passwordHash, mustResetPassword: false, tokenVersion: sql`${users.tokenVersion} + 1` })
-    .where(eq(users.id, user.id));
+    .where(eq(users.id, user.id))
    .returning({ tokenVersion: users.tokenVersion });
-  const token = await createToken(user.id, user.email, user.role, user.username, false);
+  const token = await createToken(user.id, user.email, user.role, user.username, false, updated.tokenVersion);
  return c.json({ success: true, token });
 });
@@ -176,7 +177,7 @@ auth.post('/change-username', authMiddleware, async (c) => {
    .set({ username })
    .where(eq(users.id, user.id));
-  const token = await createToken(user.id, user.email, user.role, username, user.mustResetPassword);
+  const token = await createToken(user.id, user.email, user.role, username, user.mustResetPassword, user.tokenVersion);
  return c.json({ success: true, token });
 });
@@ -230,8 +231,29 @@ auth.post('/change-email', authMiddleware, async (c) => {
    .set({ email })
    .where(eq(users.id, user.id));
-  const token = await createToken(user.id, email, user.role, user.username, user.mustResetPassword);
+  const token = await createToken(user.id, email, user.role, user.username, user.mustResetPassword, user.tokenVersion);
  return c.json({ success: true, token });
 });
 auth.post('/logout', authMiddleware, async (c) => {
  const user = c.get('user');
  await db
    .update(users)
    .set({ tokenVersion: sql`${users.tokenVersion} + 1` })
    .where(eq(users.id, user.id));
  return c.json({ success: true });
 });
 auth.get('/me', authMiddleware, async (c) => {
  const user = c.get('user');
  return c.json({
    id: user.id,
    username: user.username,
    email: user.email,
    role: user.role,
  });
 });
 export { auth };
@@ -28,6 +28,19 @@ savesRouter.get('/', async (c) => {
  return c.json({ saves: userSaves });
 });
 savesRouter.get('/latest', async (c) => {
  const userId = c.get('userId') as string;
  const [save] = await db
    .select()
    .from(saves)
    .where(eq(saves.userId, userId))
    .orderBy(desc(saves.updatedAt))
    .limit(1);
  return c.json({ save: save ?? null });
 });
 savesRouter.get('/:id', async (c) => {
  const userId = c.get('userId') as string;
  const saveId = c.req.param('id');
@@ -8,6 +8,7 @@ export type AppEnv = {
      email: string | null;
      role: string;
      mustResetPassword: boolean;
      tokenVersion: number;
    };
  };
 };
@@ -6,6 +6,7 @@ import { OfflineCatchUp } from '@/components/game/OfflineCatchUp';
 import { InviteGateScreen } from '@/components/game/InviteGateScreen';
 import { useGameLoop } from '@/hooks/useGameLoop';
 import { useAuthGate } from '@/hooks/useAuthGate';
 import { useCloudSave } from '@/hooks/useCloudSave';
 import { TICK_INTERVAL_MS } from '@token-empire/shared';
 import { Sparkles, RefreshCw, WifiOff } from 'lucide-react';
@@ -53,7 +54,7 @@ function BackendErrorScreen({ error, onRetry }: { error: string; onRetry: () =>
 }
 export function App() {
-  const { loading: authLoading, backendError, needsInvite, needsPasswordReset, setRegistered, setNeedsPasswordReset, retry } = useAuthGate();
+  const { loading: authLoading, backendError, needsInvite, needsPasswordReset, cloudSave, loadCloudSave, setRegistered, setNeedsPasswordReset, retry } = useAuthGate();
  const companyName = useGameStore((s) => s.meta.companyName);
  const lastTickTimestamp = useGameStore((s) => s.meta.lastTickTimestamp);
  const [catchUpTicks, setCatchUpTicks] = useState<number | null>(null);
@@ -71,6 +72,7 @@ export function App() {
  }, [companyName, lastTickTimestamp, catchUpDone]);
  useGameLoop(!catchUpDone || authLoading || !!backendError || needsInvite || needsPasswordReset);
  useCloudSave();
  if (authLoading) {
    return <LoadingScreen />;
@@ -92,7 +94,7 @@ export function App() {
  }
  if (!companyName) {
-    return <NewGameScreen />;
+    return <NewGameScreen cloudSave={cloudSave} onContinue={loadCloudSave} />;
  }
  if (catchUpTicks !== null && !catchUpDone) {
@@ -1,6 +1,7 @@
 import { useState } from 'react';
-import { Sparkles } from 'lucide-react';
+import { Sparkles, Cloud, Play } from 'lucide-react';
 import { useGameStore } from '@/store';
 import type { CloudSaveInfo } from '@/hooks/useAuthGate';
 const SUGGESTED_NAMES = [
  'Nexus AI', 'Cortex Labs', 'Synapse Technologies',
@@ -8,8 +9,32 @@ const SUGGESTED_NAMES = [
  'Neural Forge', 'DeepMind+', 'Cerebral Systems',
 ];
-export function NewGameScreen() {
+const ERA_LABELS: Record<string, string> = {
  startup: 'Startup',
  scaleup: 'Scale-Up',
  bigtech: 'Big Tech',
  agi: 'AGI',
 };
 function formatTimeAgo(dateStr: string): string {
  const diff = Date.now() - new Date(dateStr).getTime();
  const minutes = Math.floor(diff / 60_000);
  if (minutes < 1) return 'just now';
  if (minutes < 60) return `${minutes}m ago`;
  const hours = Math.floor(minutes / 60);
  if (hours < 24) return `${hours}h ago`;
  const days = Math.floor(hours / 24);
  return `${days}d ago`;
 }
 interface Props {
  cloudSave?: CloudSaveInfo | null;
  onContinue?: () => Promise<void>;
 }
 export function NewGameScreen({ cloudSave, onContinue }: Props) {
  const [name, setName] = useState('');
  const [loading, setLoading] = useState(false);
  const startNewGame = useGameStore((s) => s.startNewGame);
  const handleStart = () => {
@@ -17,6 +42,16 @@ export function NewGameScreen() {
    startNewGame(companyName);
  };
  const handleContinue = async () => {
    if (!onContinue) return;
    setLoading(true);
    try {
      await onContinue();
    } finally {
      setLoading(false);
    }
  };
  return (
    <div className="min-h-screen flex items-center justify-center bg-gradient-to-b from-surface-950 to-surface-900">
      <div className="max-w-md w-full mx-4">
@@ -32,7 +67,37 @@ export function NewGameScreen() {
          </p>
        </div>
        {cloudSave && onContinue && (
          <div className="bg-surface-900 border border-accent/30 rounded-xl p-6 mb-4 space-y-4">
            <div className="flex items-center gap-2 text-accent-light">
              <Cloud size={18} />
              <h3 className="font-semibold text-sm">Continue Your Game</h3>
            </div>
            <div className="space-y-1">
              <div className="text-lg font-semibold text-surface-100">{cloudSave.companyName}</div>
              <div className="flex items-center gap-3 text-xs text-surface-400">
                <span className="px-2 py-0.5 rounded-full bg-surface-800 border border-surface-700">
                  {ERA_LABELS[cloudSave.era] ?? cloudSave.era}
                </span>
                <span>Tick {cloudSave.tickCount.toLocaleString()}</span>
                <span>Saved {formatTimeAgo(cloudSave.updatedAt)}</span>
              </div>
            </div>
            <button
              onClick={handleContinue}
              disabled={loading}
              className="w-full inline-flex items-center justify-center gap-2 bg-accent hover:bg-accent-dark text-white font-semibold py-3 rounded-lg transition-colors disabled:opacity-50"
            >
              <Play size={16} />
              {loading ? 'Loading...' : 'Continue'}
            </button>
          </div>
        )}
        <div className="bg-surface-900 border border-surface-700 rounded-xl p-6 space-y-6">
          {cloudSave && onContinue && (
            <div className="text-xs text-surface-500 uppercase tracking-wider font-medium">Or start fresh</div>
          )}
          <div>
            <label className="block text-sm font-medium text-surface-300 mb-2">
              Name your AI company
@@ -44,7 +109,7 @@ export function NewGameScreen() {
              onKeyDown={(e) => e.key === 'Enter' && handleStart()}
              placeholder={SUGGESTED_NAMES[0]}
              className="w-full bg-surface-800 border border-surface-600 rounded-lg px-4 py-3 text-surface-100 placeholder:text-surface-500 focus:outline-none focus:ring-2 focus:ring-accent/50 focus:border-accent"
-              autoFocus
+              autoFocus={!cloudSave}
              maxLength={30}
            />
          </div>
@@ -5,7 +5,7 @@ import {
  PanelLeftClose, PanelLeftOpen, Mail, UserPlus, Copy, Check,
 } from 'lucide-react';
 import { useGameStore, type ActivePage } from '@/store';
-import { isAdmin as checkIsAdmin, isRegistered as checkIsRegistered, api } from '@/lib/api';
+import { isAdmin as checkIsAdmin, isRegistered as checkIsRegistered, getTokenPayload, api } from '@/lib/api';
 const NAV_ITEMS: { page: ActivePage; label: string; icon: typeof LayoutDashboard; era?: string; adminOnly?: boolean }[] = [
  { page: 'dashboard', label: 'Dashboard', icon: LayoutDashboard },
@@ -166,6 +166,11 @@ export function Sidebar() {
      )}
      <div className={`${collapsed ? 'px-2 py-3 text-center' : 'p-4'} border-t border-surface-700 text-xs text-surface-500`}>
        {!collapsed && (() => {
          const payload = getTokenPayload();
          const displayName = payload?.username || payload?.email || 'Guest';
          return <div className="truncate mb-1 text-surface-400">{displayName}</div>;
        })()}
        {collapsed ? 'v0.1' : 'Token Empire v0.1'}
      </div>
    </aside>
@@ -1,7 +1,16 @@
 import { useState, useCallback } from 'react';
 import { api, getTokenPayload, isRegistered as checkRegistered, needsPasswordReset as checkNeedsReset, validateStoredToken } from '@/lib/api';
 import { useGameStore } from '@/store';
 import { ensureAuth } from './useCloudSave';
 export interface CloudSaveInfo {
  id: string;
  companyName: string;
  era: string;
  tickCount: number;
  updatedAt: string;
 }
 interface AuthGateState {
  loading: boolean;
  backendError: string | null;
@@ -10,6 +19,8 @@ interface AuthGateState {
  registered: boolean;
  isAdmin: boolean;
  config: { requireInvite: boolean; userInvitations: number } | null;
  cloudSave: CloudSaveInfo | null;
  loadCloudSave: () => Promise<void>;
  setRegistered: (value: boolean) => void;
  setNeedsPasswordReset: (value: boolean) => void;
  retry: () => void;
@@ -22,6 +33,7 @@ export function useAuthGate(): AuthGateState {
  const [registered, setRegistered] = useState(false);
  const [passwordReset, setPasswordReset] = useState(false);
  const [admin, setAdmin] = useState(false);
  const [cloudSave, setCloudSave] = useState<CloudSaveInfo | null>(null);
  const [initCount, setInitCount] = useState(0);
  const init = useCallback(async () => {
@@ -52,9 +64,30 @@ export function useAuthGate(): AuthGateState {
    }
    const payload = getTokenPayload();
-    setRegistered(checkRegistered());
+    const isReg = checkRegistered();
    setRegistered(isReg);
    setPasswordReset(checkNeedsReset());
    setAdmin(payload?.role === 'admin');
    if (isReg) {
      try {
        const { save } = await api.saves.latest();
        if (save && save.tickCount > 0) {
          setCloudSave({
            id: save.id,
            companyName: save.companyName,
            era: save.era,
            tickCount: save.tickCount,
            updatedAt: save.updatedAt,
          });
        } else {
          setCloudSave(null);
        }
      } catch {
        setCloudSave(null);
      }
    }
    setLoading(false);
  }, []);
@@ -66,6 +99,18 @@ export function useAuthGate(): AuthGateState {
    init();
  }, [init]);
  const loadCloudSave = useCallback(async () => {
    try {
      const { save } = await api.saves.latest();
      if (save?.gameData) {
        const gameData = save.gameData as Record<string, unknown>;
        useGameStore.setState(gameData);
      }
    } catch {
      // Fall through to new game if cloud load fails
    }
  }, []);
  const handleSetRegistered = useCallback((value: boolean) => {
    setRegistered(value);
    const payload = getTokenPayload();
@@ -89,6 +134,8 @@ export function useAuthGate(): AuthGateState {
    registered,
    isAdmin: admin,
    config,
    cloudSave,
    loadCloudSave,
    setRegistered: handleSetRegistered,
    setNeedsPasswordReset: handleSetPasswordReset,
    retry,
@@ -3,22 +3,27 @@ import { useGameStore } from '@/store';
 import { api, getAuthToken, setAuthToken, clearAuthToken, decodeTokenPayload } from '@/lib/api';
 import { AUTO_SAVE_INTERVAL_TICKS } from '@token-empire/shared';
 const MAX_CONSECUTIVE_FAILURES = 3;
 export function useCloudSave() {
  const tickCount = useGameStore((s) => s.meta.tickCount);
  const companyName = useGameStore((s) => s.meta.companyName);
  const lastSaveTick = useRef(0);
  const failureCount = useRef(0);
  useEffect(() => {
    if (!companyName) return;
-    if (tickCount - lastSaveTick.current < AUTO_SAVE_INTERVAL_TICKS * 5) return;
+    if (tickCount - lastSaveTick.current < AUTO_SAVE_INTERVAL_TICKS) return;
    const token = getAuthToken();
    if (!token) return;
    if (failureCount.current >= MAX_CONSECUTIVE_FAILURES) return;
    lastSaveTick.current = tickCount;
    const state = useGameStore.getState();
-    const { activePage, notifications, ...gameState } = state;
+    const { activePage, notifications, infraNav, modelsTab, ...gameState } = state;
    api.saves.put({
      companyName: state.meta.companyName,
@@ -26,7 +31,19 @@ export function useCloudSave() {
      gameData: gameState,
      tickCount: state.meta.tickCount,
      era: state.meta.currentEra,
-    }).catch(() => {});
+    }).then(() => {
      failureCount.current = 0;
    }).catch(() => {
      failureCount.current++;
      if (failureCount.current === MAX_CONSECUTIVE_FAILURES) {
        useGameStore.getState().addNotification({
          title: 'Cloud Save Failed',
          message: 'Unable to save to cloud. Your progress is still saved locally.',
          type: 'danger',
          tick: useGameStore.getState().meta.tickCount,
        });
      }
    });
  }, [tickCount, companyName]);
 }
@@ -14,6 +14,7 @@ export function getAuthToken() {
 export function clearAuthToken() {
  authToken = null;
  localStorage.removeItem('token-empire-auth-token');
  localStorage.removeItem('token-empire-refresh-token');
 }
 export interface TokenPayload {
@@ -63,6 +64,8 @@ export function needsPasswordReset(): boolean {
  return payload?.mustResetPassword === true;
 }
 const AUTH_PATHS = ['/api/auth/anonymous', '/api/auth/login', '/api/auth/logout', '/api/health'];
 async function request<T>(path: string, options: RequestInit & { timeoutMs?: number } = {}): Promise<T> {
  const { timeoutMs = 10_000, ...fetchOptions } = options;
@@ -86,6 +89,11 @@ async function request<T>(path: string, options: RequestInit & { timeoutMs?: num
    });
    if (!res.ok) {
      if (res.status === 401 && authToken && !AUTH_PATHS.includes(path)) {
        clearAuthToken();
        localStorage.removeItem('token-empire-save');
        window.location.reload();
      }
      const body = await res.json().catch(() => null);
      throw new Error(body?.error || `HTTP ${res.status} ${res.statusText}`);
    }
@@ -140,6 +148,10 @@ export const api = {
        method: 'POST',
        body: JSON.stringify({ email, currentPassword }),
      }),
    logout: () =>
      request<{ success: boolean }>('/api/auth/logout', { method: 'POST' }),
    me: () =>
      request<{ id: string; username: string | null; email: string | null; role: string }>('/api/auth/me'),
  },
  config: {
    get: () => request<{ requireInvite: boolean; userInvitations: number }>('/api/config'),
@@ -164,6 +176,7 @@ export const api = {
  saves: {
    list: () => request<{ saves: Array<{ id: string; companyName: string; era: string; tickCount: number; updatedAt: string }> }>('/api/saves'),
    get: (id: string) => request<{ save: { id: string; gameData: unknown } }>(`/api/saves/${id}`),
    latest: () => request<{ save: { id: string; companyName: string; era: string; tickCount: number; updatedAt: string; gameData: unknown } | null }>('/api/saves/latest'),
    put: (data: { companyName: string; saveVersion: number; gameData: unknown; tickCount: number; era: string }) =>
      request<{ id: string }>('/api/saves', { method: 'PUT', body: JSON.stringify(data) }),
    delete: (id: string) => request<{ deleted: boolean }>(`/api/saves/${id}`, { method: 'DELETE' }),
@@ -1,8 +1,8 @@
 import { useRef, useState } from 'react';
-import { Pencil, Check, X } from 'lucide-react';
+import { Pencil, Check, X, LogOut } from 'lucide-react';
 import { useGameStore } from '@/store';
 import { ConfirmModal } from '@/components/common/ConfirmModal';
-import { api, setAuthToken, getTokenPayload, isRegistered, isAdmin } from '@/lib/api';
+import { api, setAuthToken, getTokenPayload, isRegistered, isAdmin, clearAuthToken } from '@/lib/api';
 export function SettingsPage() {
  const settings = useGameStore((s) => s.meta.settings);
@@ -18,6 +18,8 @@ export function SettingsPage() {
  const [usernameError, setUsernameError] = useState('');
  const [usernameSaving, setUsernameSaving] = useState(false);
  const [showLogoutConfirm, setShowLogoutConfirm] = useState(false);
  const [editingEmail, setEditingEmail] = useState(false);
  const [emailValue, setEmailValue] = useState('');
  const [emailPassword, setEmailPassword] = useState('');
@@ -207,6 +209,16 @@ export function SettingsPage() {
        ) : (
          <div className="text-sm text-surface-400">Playing as guest.</div>
        )}
        <div className="pt-2 border-t border-surface-700">
          <button
            onClick={() => setShowLogoutConfirm(true)}
            className="inline-flex items-center gap-2 px-4 py-2 rounded bg-surface-800 hover:bg-surface-700 border border-surface-600 text-sm text-surface-300 hover:text-surface-100 transition-colors"
          >
            <LogOut size={14} />
            {registered ? 'Log Out' : 'Sign Out'}
          </button>
        </div>
      </div>
      <div className="bg-surface-900 border border-surface-700 rounded-xl p-4 space-y-4">
@@ -290,6 +302,24 @@ export function SettingsPage() {
          onCancel={() => setImportData(null)}
        />
      )}
      {showLogoutConfirm && (
        <ConfirmModal
          title={registered ? 'Log Out' : 'Sign Out'}
          message={registered
            ? 'You will be logged out. Your game progress is saved to the cloud and will be available when you log back in.'
            : 'You will be signed out. As a guest, your local progress will be lost. Consider registering first to save your progress.'}
          confirmLabel={registered ? 'Log Out' : 'Sign Out'}
          danger={!registered}
          onConfirm={async () => {
            try { await api.auth.logout(); } catch {}
            clearAuthToken();
            localStorage.removeItem('token-empire-save');
            window.location.reload();
          }}
          onCancel={() => setShowLogoutConfirm(false)}
        />
      )}
    </div>
  );
 }
		`@@ -0,0 +1 @@`
							`ALTER TABLE "users" ADD COLUMN "token_version" integer DEFAULT 0 NOT NULL;`