senutpal · senutpal · Jan 14, 2026 · Jan 14, 2026 · Jan 14, 2026 · Jan 14, 2026
diff --git a/.env.example b/.env.example
@@ -1,36 +1,15 @@
-# Node Environment
-NODE_ENV=development
-
-# Server Configuration
-PORT=3000
-HOST=localhost
-
-# Database (PostgreSQL)
-DATABASE_URL=postgresql://devradar:devradar@localhost:5432/devradar?schema=public
-
-# Redis
-REDIS_URL=redis://localhost:6379
-
-# GitHub OAuth
-GITHUB_CLIENT_ID=your_github_client_id
-GITHUB_CLIENT_SECRET=your_github_client_secret
-GITHUB_CALLBACK_URL=http://localhost:3000/auth/callback
-# GitHub Webhooks (for Boss Battles - achievements from GitHub events)
-# Generate with: openssl rand -hex 32
-GITHUB_WEBHOOK_SECRET=your_webhook_secret_for_github
-
-# JWT
-JWT_SECRET=your_super_secret_jwt_key_change_in_production
-JWT_EXPIRES_IN=7d
-
-# WebSocket
-WS_PORT=3001
-
-# Logging
-LOG_LEVEL=debug
-
-# Slack Integration (Phase 3 - Optional)
-# Create a Slack App at https://api.slack.com/apps
-SLACK_CLIENT_ID=
-SLACK_CLIENT_SECRET=
-SLACK_SIGNING_SECRET=
+# ============================================
+# DevRadar Environment Configuration
+# ============================================
+
+# Environment variables are now organized per application:
+#
+# - Server variables:  apps/server/.env.example
+# - Web variables:     apps/web/.env.example
+#
+# Copy the appropriate .env.example to .env in each app directory
+# and fill in your values before running locally.
+#
+# For production deployment:
+# - Vercel: Add NEXT_PUBLIC_RAZORPAY_KEY_ID in Vercel dashboard
+# - Koyeb:  Add all vars from apps/server/.env.example in Koyeb dashboard
diff --git a/.gitignore b/.gitignore
@@ -47,4 +47,6 @@ coverage/
 docker-compose.override.yml
 apps/server/src/generated/
 
-rules/
+rules/
+docs/
+opencode.jsonc
diff --git a/apps/extension/.env.example b/apps/extension/.env.example
@@ -0,0 +1,26 @@
+# ============================================
+# DevRadar VS Code Extension Environment Configuration
+# ============================================
+# Copy this file to .env and fill in your values
+
+# -----------------------------------------------------------------------------
+# DEPLOYMENT: Add these in VS Code Extension settings or .env file
+# -----------------------------------------------------------------------------
+
+# Development Server URLs (for local development)
+DEV_SERVER_URL=http://localhost:3000
+DEV_WS_URL=ws://localhost:3000/ws
+
+# Production Server URLs (for Koyeb deployment)
+# Replace with your Koyeb app URL after deployment
+PROD_SERVER_URL=https://your-koyeb-app.koyeb.app
+PROD_WS_URL=wss://your-koyeb-app.koyeb.app/ws
+
+# Web Application URL (for links from extension to web app)
+# Update this to your Vercel deployment URL in production
+NEXT_PUBLIC_WEB_APP_URL=http://localhost:3000
+
+# -----------------------------------------------------------------------------
+# PRODUCTION VALUES (update these when deploying)
+# -----------------------------------------------------------------------------
+# NEXT_PUBLIC_WEB_APP_URL=https://devradar.io
-# Web Application URL (for links from extension to web app)
-# Update this to your Vercel deployment URL in production
-NEXT_PUBLIC_WEB_APP_URL=http://localhost:3000
-
-# -----------------------------------------------------------------------------
-# PRODUCTION VALUES (update these when deploying)
-# -----------------------------------------------------------------------------
-# NEXT_PUBLIC_WEB_APP_URL=https://devradar.io
+# Web Application URL (for links from extension to web app)
+# Update this to your Vercel deployment URL in production
+WEB_APP_URL=http://localhost:3000
+
+# -----------------------------------------------------------------------------
+# PRODUCTION VALUES (update these when deploying)
+# -----------------------------------------------------------------------------
+# WEB_APP_URL=https://devradar.io
-# Web Application URL (for links from extension to web app)
-# Update this to your Vercel deployment URL in production
-NEXT_PUBLIC_WEB_APP_URL=http://localhost:3000
-
-# -----------------------------------------------------------------------------
-# PRODUCTION VALUES (update these when deploying)
-# -----------------------------------------------------------------------------
-# NEXT_PUBLIC_WEB_APP_URL=https://devradar.io
+# Web Application URL (for links from extension to web app)
+# Update this to your Vercel deployment URL in production
+WEB_APP_URL=http://localhost:3000
+
+# -----------------------------------------------------------------------------
+# PRODUCTION VALUES (update these when deploying)
+# -----------------------------------------------------------------------------
+# WEB_APP_URL=https://devradar.io
diff --git a/apps/extension/src/extension.ts b/apps/extension/src/extension.ts
@@ -11,6 +11,7 @@ import * as vscode from 'vscode';
 
 import { ActivityTracker } from './services/activityTracker';
 import { AuthService } from './services/authService';
+import { FeatureGatingService } from './services/featureGatingService';
 import { FriendRequestService } from './services/friendRequestService';
 import { WebSocketClient } from './services/wsClient';
 import { ConfigManager } from './utils/configManager';
@@ -48,6 +49,8 @@ class DevRadarExtension implements vscode.Disposable {
   private readonly statsProvider: StatsProvider;
   private readonly leaderboardProvider: LeaderboardProvider;
   private statsRefreshInterval: NodeJS.Timeout | null = null;
+  // Phase 5: Feature Gating
+  private readonly featureGatingService: FeatureGatingService;
 
   constructor(context: vscode.ExtensionContext) {
     this.logger = new Logger('DevRadar');
@@ -77,6 +80,12 @@ class DevRadarExtension implements vscode.Disposable {
     // Phase 2: Gamification views
     this.statsProvider = new StatsProvider(this.logger);
     this.leaderboardProvider = new LeaderboardProvider(this.logger);
+    // Phase 5: Feature Gating
+    this.featureGatingService = new FeatureGatingService(
+      this.authService,
+      this.logger,
+      this.configManager
+    );
     /* Track disposables */
     this.disposables.push(
       this.authService,
@@ -89,7 +98,8 @@ class DevRadarExtension implements vscode.Disposable {
       this.statusBar,
       this.configManager,
       this.statsProvider,
-      this.leaderboardProvider
+      this.leaderboardProvider,
+      this.featureGatingService
     );
   }
 
@@ -194,6 +204,14 @@ class DevRadarExtension implements vscode.Disposable {
           void vscode.commands.executeCommand('devradar.friendRequests.focus');
         },
       },
+      {
+        id: 'devradar.enableGhostMode',
+        handler: () => this.handleEnableGhostMode(),
+      },
+      {
+        id: 'devradar.openBilling',
+        handler: () => this.handleOpenBilling(),
+      },
     ];
 
     for (const command of commands) {
@@ -761,6 +779,34 @@ class DevRadarExtension implements vscode.Disposable {
     }
   }
 
+  private async handleEnableGhostMode(): Promise<void> {
+    // Check if user has access to ghost mode feature
+    const hasAccess = await this.featureGatingService.promptUpgrade('ghostMode');
+    if (!hasAccess) {
+      return;
+    }
+
+    // Toggle ghost mode
+    const currentMode = this.configManager.get('privacyMode');
+    await this.configManager.update('privacyMode', !currentMode);
+
+    const message = !currentMode
+      ? 'DevRadar: Ghost mode enabled - you are now invisible to others'
+      : 'DevRadar: Ghost mode disabled - your activity is now visible';
+
+    void vscode.window.showInformationMessage(message);
+    this.activityTracker.sendStatusUpdate();
+  }
+
+  private async handleOpenBilling(): Promise<void> {
+    const webAppUrl = this.featureGatingService.getWebAppUrl();
+    const tier = this.featureGatingService.getCurrentTier();
+    const billingUrl = `${webAppUrl}/dashboard/billing?current=${tier}`;
+
+    await vscode.env.openExternal(vscode.Uri.parse(billingUrl));
+    this.logger.info('Opened billing page', { currentTier: tier });
+  }
+
   dispose(): void {
     this.logger.info('Disposing DevRadar extension...');
 

diff --git a/apps/extension/src/services/featureGatingService.ts b/apps/extension/src/services/featureGatingService.ts
@@ -0,0 +1,143 @@
+/**
+ * Feature Gating Service
+ *
+ * Client-side feature access control for the VS Code extension.
+ * Checks user tier and prompts for upgrade when accessing gated features.
+ */
+
+import {
+  type Feature,
+  type SubscriptionTier,
+  SUBSCRIPTION_FEATURES,
+  FEATURE_DESCRIPTIONS,
+} from '@devradar/shared';
+import * as vscode from 'vscode';
+
+import type { AuthService } from './authService';
+import type { ConfigManager } from '../utils/configManager';
+import type { Logger } from '../utils/logger';
+
+const FEATURE_TIER_MAP: Record<Feature, SubscriptionTier> = {
+  presence: 'FREE',
+  friends: 'FREE',
+  globalLeaderboard: 'FREE',
+  friendsLeaderboard: 'FREE',
+  streaks: 'FREE',
+  achievements: 'FREE',
+  poke: 'FREE',
+  privacyMode: 'FREE',
+  unlimitedFriends: 'PRO',
+  ghostMode: 'PRO',
+  customStatus: 'PRO',
+  history30d: 'PRO',
+  themes: 'PRO',
+  customEmoji: 'PRO',
+  prioritySupport: 'PRO',
+  conflictRadar: 'TEAM',
+  teamCreation: 'TEAM',
+  teamAnalytics: 'TEAM',
+  slackIntegration: 'TEAM',
+  privateLeaderboards: 'TEAM',
+  adminControls: 'TEAM',
+  ssoSaml: 'TEAM',
+  dedicatedSupport: 'TEAM',
+} as const;
+
+/** Manages feature access control and upgrade prompts. */
+export class FeatureGatingService implements vscode.Disposable {
+  constructor(
+    private readonly authService: AuthService,
+    private readonly logger: Logger,
+    private readonly configManager: ConfigManager
+  ) {}
+
+  /**
+   * Checks if the current user has access to a feature.
+   * @param feature - The feature to check access for
+   * @returns true if the user has access
+   */
+  hasAccess(feature: Feature): boolean {
+    const user = this.authService.getUser();
+    if (!user) {
+      return false;
+    }
+
+    // Defensive: ensure tier is valid, default to FREE if not
+    // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition -- runtime value might differ from type
+    const tier = (user.tier ?? 'FREE') as SubscriptionTier;
+    return SUBSCRIPTION_FEATURES[tier].includes(feature);
+  }
+
+  /**
+   * Gets the minimum tier required for a feature.
+   * @param feature - The feature to check
+   * @returns The minimum tier required
+   */
+  getRequiredTier(feature: Feature): SubscriptionTier {
+    return FEATURE_TIER_MAP[feature];
+  }
+
+  /**
+   * Gets the user's current tier.
+   * @returns The user's tier or 'FREE' if not authenticated
+   */
+  getCurrentTier(): SubscriptionTier {
+    const user = this.authService.getUser();
+    return (user?.tier ?? 'FREE') as SubscriptionTier;
+  }
+
+  /**
+   * Prompts the user to upgrade if they don't have access to a feature.
+   * Opens the billing page in the browser with upgrade parameters.
+   *
+   * @param feature - The feature requiring upgrade
+   * @returns true if the user has access, false if they need to upgrade
+   */
+  async promptUpgrade(feature: Feature): Promise<boolean> {
+    if (this.hasAccess(feature)) {
+      return true;
+    }
+
+    const requiredTier = this.getRequiredTier(feature);
+    const featureDescription = FEATURE_DESCRIPTIONS[feature];
+
+    const action = await vscode.window.showWarningMessage(
+      `DevRadar: "${featureDescription}" requires ${requiredTier} tier.`,
+      'Upgrade Now',
+      'Maybe Later'
+    );
+
+    if (action === 'Upgrade Now') {
+      const webAppUrl = this.getWebAppUrl();
+      const upgradeUrl = `${webAppUrl}/dashboard/billing?upgrade=${requiredTier}&feature=${feature}`;
+
+      await vscode.env.openExternal(vscode.Uri.parse(upgradeUrl));
+      this.logger.info('Opened upgrade page', { feature, requiredTier });
+    }
+
+    return false;
+  }
-  async promptUpgrade(feature: Feature): Promise<boolean> {
-    if (this.hasAccess(feature)) {
-      return true;
-    }
-
-    const requiredTier = this.getRequiredTier(feature);
-    const featureDescription = FEATURE_DESCRIPTIONS[feature];
-
-    const action = await vscode.window.showWarningMessage(
-      `DevRadar: "${featureDescription}" requires ${requiredTier} tier.`,
-      'Upgrade Now',
-      'Maybe Later'
-    );
-
-    if (action === 'Upgrade Now') {
-      const webAppUrl = this.getWebAppUrl();
-      const upgradeUrl = `${webAppUrl}/dashboard/billing?upgrade=${requiredTier}&feature=${feature}`;
-
-      await vscode.env.openExternal(vscode.Uri.parse(upgradeUrl));
-      this.logger.info('Opened upgrade page', { feature, requiredTier });
-    }
-
-    return false;
-  }
+  async promptUpgrade(feature: Feature): Promise<boolean> {
+    if (this.hasAccess(feature)) {
+      return true;
+    }
+
+    const requiredTier = this.getRequiredTier(feature);
+    const featureDescription = FEATURE_DESCRIPTIONS[feature];
+
+    const action = await vscode.window.showWarningMessage(
+      `DevRadar: "${featureDescription}" requires ${requiredTier} tier.`,
+      'Upgrade Now',
+      'Maybe Later'
+    );
+
+    if (action === 'Upgrade Now') {
+      const webAppUrl = this.getWebAppUrl();
+      const upgradeUrl = `${webAppUrl}/dashboard/billing?upgrade=${encodeURIComponent(requiredTier)}&feature=${encodeURIComponent(feature)}`;
+
+      await vscode.env.openExternal(vscode.Uri.parse(upgradeUrl));
+      this.logger.info('Opened upgrade page', { feature, requiredTier });
+    }
+
+    return false;
+  }
-  async promptUpgrade(feature: Feature): Promise<boolean> {
-    if (this.hasAccess(feature)) {
-      return true;
-    }
-
-    const requiredTier = this.getRequiredTier(feature);
-    const featureDescription = FEATURE_DESCRIPTIONS[feature];
-
-    const action = await vscode.window.showWarningMessage(
-      `DevRadar: "${featureDescription}" requires ${requiredTier} tier.`,
-      'Upgrade Now',
-      'Maybe Later'
-    );
-
-    if (action === 'Upgrade Now') {
-      const webAppUrl = this.getWebAppUrl();
-      const upgradeUrl = `${webAppUrl}/dashboard/billing?upgrade=${requiredTier}&feature=${feature}`;
-
-      await vscode.env.openExternal(vscode.Uri.parse(upgradeUrl));
-      this.logger.info('Opened upgrade page', { feature, requiredTier });
-    }
-
-    return false;
-  }
+  async promptUpgrade(feature: Feature): Promise<boolean> {
+    if (this.hasAccess(feature)) {
+      return true;
+    }
+
+    const requiredTier = this.getRequiredTier(feature);
+    const featureDescription = FEATURE_DESCRIPTIONS[feature];
+
+    const action = await vscode.window.showWarningMessage(
+      `DevRadar: "${featureDescription}" requires ${requiredTier} tier.`,
+      'Upgrade Now',
+      'Maybe Later'
+    );
+
+    if (action === 'Upgrade Now') {
+      const webAppUrl = this.getWebAppUrl();
+      const upgradeUrl = `${webAppUrl}/dashboard/billing?upgrade=${encodeURIComponent(requiredTier)}&feature=${encodeURIComponent(feature)}`;
+
+      await vscode.env.openExternal(vscode.Uri.parse(upgradeUrl));
+      this.logger.info('Opened upgrade page', { feature, requiredTier });
+    }
+
+    return false;
+  }
+
+  /**
+   * Gets the upgrade URL for a specific tier.
+   * @param tier - The target tier
+   * @returns The full upgrade URL
+   */
+  getUpgradeUrl(tier: SubscriptionTier): string {
+    const webAppUrl = this.getWebAppUrl();
+    return `${webAppUrl}/dashboard/billing?upgrade=${tier}`;
+  }
+
+  /**
+   * Gets the web app URL from config or uses default.
+   * @returns The web application URL
+   */
+  getWebAppUrl(): string {
+    // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition -- config.get() can return undefined
+    return this.configManager.get('webAppUrl') ?? 'http://localhost:3000';
+  }
-  getWebAppUrl(): string {
-    return this.configManager.get('webAppUrl') ?? 'http://localhost:3000';
-  }
+  getWebAppUrl(): string {
+    return this.configManager.get('webAppUrl');
+  }
-  getWebAppUrl(): string {
-    return this.configManager.get('webAppUrl') ?? 'http://localhost:3000';
-  }
+  getWebAppUrl(): string {
+    return this.configManager.get('webAppUrl');
+  }
+
+  dispose(): void {
+    // No disposables to clean up
+  }
+}
diff --git a/apps/extension/src/services/index.ts b/apps/extension/src/services/index.ts
@@ -2,3 +2,4 @@ export { AuthService, type AuthState } from './authService';
 export { WebSocketClient, type ConnectionState } from './wsClient';
 export { ActivityTracker } from './activityTracker';
 export { FriendRequestService } from './friendRequestService';
+export { FeatureGatingService } from './featureGatingService';
diff --git a/apps/extension/src/utils/configManager.ts b/apps/extension/src/utils/configManager.ts
@@ -11,6 +11,7 @@ import * as vscode from 'vscode';
 export interface DevRadarConfig {
   serverUrl: string;
   wsUrl: string;
+  webAppUrl: string;
   privacyMode: boolean;
   showFileName: boolean;
   showProject: boolean;
@@ -27,10 +28,12 @@ const DEFAULT_CONFIG: DevRadarConfig = {
   /* Production */
   serverUrl: 'https://wispy-netti-devradar-c95bfbd3.koyeb.app',
   wsUrl: 'wss://wispy-netti-devradar-c95bfbd3.koyeb.app/ws',
+  webAppUrl: 'https://devradar.dev',
 
   /* Development */
   // serverUrl: 'http://localhost:3000',
   // wsUrl: 'ws://localhost:3000/ws',
+  // webAppUrl: 'http://localhost:3000',
   privacyMode: false,
   showFileName: true,
   showProject: true,
@@ -96,6 +99,7 @@ export class ConfigManager implements vscode.Disposable {
     return {
       serverUrl: config.get<string>('serverUrl') ?? DEFAULT_CONFIG.serverUrl,
       wsUrl: config.get<string>('wsUrl') ?? DEFAULT_CONFIG.wsUrl,
+      webAppUrl: config.get<string>('webAppUrl') ?? DEFAULT_CONFIG.webAppUrl,
       privacyMode: config.get<boolean>('privacyMode') ?? DEFAULT_CONFIG.privacyMode,
       showFileName: config.get<boolean>('showFileName') ?? DEFAULT_CONFIG.showFileName,
       showProject: config.get<boolean>('showProject') ?? DEFAULT_CONFIG.showProject,