Altien turns a login stub into real account management

What was a one-line bookkeeping endpoint is now a full surface for reading profiles, tracking usage, and deleting accounts cleanly.

complianceinfrastructure

Maintained by Allen Morgan · verified on MikeWatch

Upstream Mike barely had an account layer: logging in quietly recorded that you existed, and that was it. Altien rebuilds it into four distinct operations - read your profile and a rolling 30-day usage allowance, update a tightly controlled set of fields, tick up a per-message usage counter, and fully delete your account.

Two details stand out. The usage allowance resets on your next visit after the 30 days lapse, not on a fixed billing date - fine for gentle rate-limiting, but not a hard billing cycle. And account deletion actually tears things down: where the fork runs on Supabase (a hosted database-and-login service), it also removes the underlying login identity, not just the data rows. The app can also signal which AI models are available to a user without ever exposing the keys behind them.

So what Anyone weighing a Mike fork for client-facing use should note this is where deletion-on-request and usage limits become real rather than aspirational.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?

Commits in this thread

1 commit from Altien/mikeOssAzure, oldest first. Source extracted verbatim from the harvested git log.

SHA Subject Author Date

ff992534 feat(user): full /user/profile REST surface Allen Morgan 2026-05-08 ↗ GitHub

SHA	Subject	Author	Date
`ff992534`	feat(user): full /user/profile REST surface	Allen Morgan	2026-05-08	↗ GitHub
commit body Replaces the upstream POST /user/profile stub + auth.admin.deleteUser account-deletion path with: * GET /user/profile - returns the profile row plus a global_api_keys map telling the frontend which providers have shared keys configured server-side. * PATCH /user/profile - whitelist of editable fields (display_name, organisation, tabular_model, fast_model, claude/gemini/openai/aoai keys). * POST /user/profile/credits/increment - used by chat to count billable messages. * DELETE /user/account - cascades through every user-owned table; returns 403 in entra mode (account closure for tenant-owned identities is handled out of band by the tenant admin). GET /user/profile also normalises credits_reset_date so the 30-day window self-refreshes when the previous one has passed. The auth- admin-deleteUser path is gone - provider-specific identity teardown is the IdP's responsibility, not the app's.

commit body

Replaces the upstream POST /user/profile stub + auth.admin.deleteUser
account-deletion path with:

  * GET    /user/profile               - returns the profile row plus
                                          a global_api_keys map telling
                                          the frontend which providers
                                          have shared keys configured
                                          server-side.
  * PATCH  /user/profile                - whitelist of editable fields
                                          (display_name, organisation,
                                          tabular_model, fast_model,
                                          claude/gemini/openai/aoai keys).
  * POST   /user/profile/credits/increment - used by chat to count
                                          billable messages.
  * DELETE /user/account                - cascades through every
                                          user-owned table; returns 403
                                          in entra mode (account closure
                                          for tenant-owned identities is
                                          handled out of band by the
                                          tenant admin).

GET /user/profile also normalises credits_reset_date so the 30-day
window self-refreshes when the previous one has passed. The auth-
admin-deleteUser path is gone - provider-specific identity teardown is
the IdP's responsibility, not the app's.

Capture this thread into my fork

Download a single Markdown prompt that tells Claude how to port every commit above into your working tree — adapting paths and structure to match your repo. Run it via claude -p < capture-thread-194.md from inside the repo you want the changes in.

⬇ Download capture-thread-194.md