new apps/dashboard/wallet.html for stripe payment integration and user's consumables; nav added to _footer.html & also dynamic copyright year with django now Y template; new apps.dash.tests ITs & UTs reflect new wallet functionality in .urls & .views

src/apps/lyric/admin.py

@@ -1,6 +1,6 @@
 from django.contrib import admin
 
-from .models import Token, User
+from .models import LoginToken, User
 
 
 class UserAdmin(admin.ModelAdmin):
@@ -8,4 +8,4 @@ class UserAdmin(admin.ModelAdmin):
     search_fields = ["email"]
 
 admin.site.register(User, UserAdmin)
-admin.site.register(Token)
+admin.site.register(LoginToken)

src/apps/lyric/authentication.py

@@ -1,5 +1,5 @@
 from django.core.exceptions import ValidationError
-from .models import Token, User
+from .models import LoginToken, User
 
 
 class PasswordlessAuthenticationBackend:
@@ -7,13 +7,13 @@ class PasswordlessAuthenticationBackend:
         if uid is None:
             return None
         try:
-            token = Token.objects.get(uid=uid)
-        except (Token.DoesNotExist, ValidationError):
+            login_token = LoginToken.objects.get(uid=uid)
+        except (LoginToken.DoesNotExist, ValidationError):
             return None
         try:
-            return User.objects.get(email=token.email)
+            return User.objects.get(email=login_token.email)
         except User.DoesNotExist:
-            return User.objects.create_user(email=token.email)
+            return User.objects.create_user(email=login_token.email)
 
     def get_user(self, user_id):
         try:

src/apps/lyric/migrations/0005_rename_logintoken.py

@@ -0,0 +1,14 @@
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('lyric', '0004_remove_user_theme_user_palette'),
+    ]
+
+    operations = [
+        migrations.RenameModel(
+            old_name="Token",
+            new_name="LoginToken",
+        ),
+    ]

src/apps/lyric/migrations/0006_token_wallet.py

@@ -0,0 +1,33 @@
+# Generated by Django 6.0 on 2026-03-08 18:19
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('lyric', '0005_rename_logintoken'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Token',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('token_type', models.CharField(choices=[('coin', 'Coin-on-a-String'), ('Free', 'Free Token'), ('tithe', 'Tithe Token')], max_length=8)),
+                ('expires_at', models.DateTimeField(blank=True, null=True)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='tokens', to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Wallet',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('writs', models.IntegerField(default=0)),
+                ('esteem', models.IntegerField(default=0)),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='wallet', to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+    ]

src/apps/lyric/models.py

@@ -1,7 +1,11 @@
 import uuid
 
+from datetime import timedelta
 from django.contrib.auth.base_user import AbstractBaseUser, BaseUserManager
 from django.db import models
+from django.db.models.signals import post_save
+from django.dispatch import receiver
+from django.utils import timezone
 
 
 class UserManager(BaseUserManager):
@@ -17,7 +21,7 @@ class UserManager(BaseUserManager):
         user.save(using=self._db)
         return user
 
-class Token(models.Model):
+class LoginToken(models.Model):
     email = models.EmailField()
     uid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
 
@@ -40,3 +44,48 @@ class User(AbstractBaseUser):
     
     def has_module_perms(self, app_label):
         return self.is_superuser
+    
+class Wallet(models.Model):
+    user = models.OneToOneField(User, on_delete=models.CASCADE, related_name="wallet")
+    writs = models.IntegerField(default=0)
+    esteem = models.IntegerField(default=0)
+
+class Token(models.Model):
+    COIN = "coin"
+    FREE = "Free"
+    TITHE = "tithe"
+    TOKEN_TYPE_CHOICES = [
+        (COIN, "Coin-on-a-String"),
+        (FREE, "Free Token"),
+        (TITHE, "Tithe Token"),
+    ]
+
+    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name="tokens")
+    token_type = models.CharField(max_length=8, choices=TOKEN_TYPE_CHOICES)
+    expires_at = models.DateTimeField(null=True, blank=True)
+
+    def tooltip_text(self):
+        if self.token_type == self.COIN:
+            return (
+                "Coin-on-a-String: Admit 1 Entry"
+                " (and another after that, and another after that\u2026)"
+                " \u2014 no expiry"
+            )
+        if self.token_type == self.FREE:
+            return (
+                f"Free Token: Admit 1 Entry"
+                f" \u2014 Expires {self.expires_at.strftime('%Y-%m-%d')}"
+            )
+        return self.get_token_type_display()
+    
+@receiver(post_save, sender=User)
+def create_wallet_and_tokens(sender, instance, created, **kwargs):
+    if not created:
+        return
+    Wallet.objects.create(user=instance, writs=144)
+    Token.objects.create(user=instance, token_type=Token.COIN)
+    Token.objects.create(
+        user=instance,
+        token_type=Token.FREE,
+        expires_at=timezone.now() + timedelta(days=7),
+    )

src/apps/lyric/tests/integrated/test_authentication.py

@@ -3,39 +3,39 @@ from django.http import HttpRequest
 from django.test import TestCase
 
 from apps.lyric.authentication import PasswordlessAuthenticationBackend
-from apps.lyric.models import Token, User
+from apps.lyric.models import LoginToken, User
 
 
 class AuthenticateTest(TestCase):
-    def test_returns_None_if_token_uuid_not_found(self):
+    def test_returns_None_if_login_token_uuid_not_found(self):
         uid = uuid.uuid4()
         result = PasswordlessAuthenticationBackend().authenticate(
             HttpRequest(), uid
         )
         self.assertIsNone(result)
 
-    def test_returns_new_user_with_correct_email_if_token_exists(self):
+    def test_returns_new_user_with_correct_email_if_login_token_exists(self):
         email = "discoman@example.com"
-        token = Token.objects.create(email=email)
+        login_token = LoginToken.objects.create(email=email)
         user = PasswordlessAuthenticationBackend().authenticate(
-            HttpRequest(), token.uid
+            HttpRequest(), login_token.uid
         )
         new_user = User.objects.get(email=email)
         self.assertEqual(user, new_user)
 
-    def test_returns_existing_user_with_correct_email_if_token_exists(self):
+    def test_returns_existing_user_with_correct_email_if_login_token_exists(self):
         email = "discoman@example.com"
         existing_user = User.objects.create(email=email)
-        token = Token.objects.create(email=email)
+        login_token = LoginToken.objects.create(email=email)
         user = PasswordlessAuthenticationBackend().authenticate(
-            HttpRequest(), token.uid
+            HttpRequest(), login_token.uid
         )
         self.assertEqual(user, existing_user)
 
-    def test_can_retrieve_token_by_uuid(self):
-        token = Token.objects.create(email="a@b.cde")
-        fetched = Token.objects.get(pk=token.uid)
-        self.assertEqual(fetched, token)
+    def test_can_retrieve_login_token_by_uuid(self):
+        login_token = LoginToken.objects.create(email="a@b.cde")
+        fetched = LoginToken.objects.get(pk=login_token.uid)
+        self.assertEqual(fetched, login_token)
 
 class GetUserTest(TestCase):
     def test_gets_user_by_uuid(self):

src/apps/lyric/tests/integrated/test_models.py

@@ -1,8 +1,9 @@
 import uuid
 from django.contrib import auth
 from django.test import TestCase
+from django.utils import timezone
 
-from apps.lyric.models import Token, User
+from apps.lyric.models import LoginToken, Token, User, Wallet
 
 
 class UserModelTest(TestCase):
@@ -28,12 +29,12 @@ class UserModelTest(TestCase):
         user = User.objects.create(email="a@b.cde")
         self.assertFalse(user.searchable)
 
-class TokenModelTest(TestCase):
+class LoginTokenModelTest(TestCase):
     def test_links_user_with_autogen_uid(self):
-        token1 = Token.objects.create(email="a@b.cde")
-        token2 = Token.objects.create(email="v@w.xyz")
-        self.assertNotEqual(token1.pk, token2.pk)
-        self.assertIsInstance(token1.pk, uuid.UUID)
+        login_token1 = LoginToken.objects.create(email="a@b.cde")
+        login_token2 = LoginToken.objects.create(email="v@w.xyz")
+        self.assertNotEqual(login_token1.pk, login_token2.pk)
+        self.assertIsInstance(login_token1.pk, uuid.UUID)
 
 class UserManagerTest(TestCase):
     def test_create_superuser_sets_is_staff_and_is_superuser(self):
@@ -55,3 +56,43 @@ class UserPaletteTest(TestCase):
     def test_palette_field_defaults_to_palette_default(self):
         user = User.objects.create(email="a@b.cde")
         self.assertEqual(user.palette, "palette-default")
+
+class WalletCreationTest(TestCase):
+    def setUp(self):
+        self.user = User.objects.create(email="capman@test.io")
+
+    def test_wallet_is_created_for_new_user(self):
+        self.assertTrue(Wallet.objects.filter(user=self.user).exists())
+    
+    def test_new_wallet_has_144_writs(self):
+        wallet = Wallet.objects.get(user = self.user)
+        self.assertEqual(wallet.writs, 144)
+
+    def test_new_wallet_has_0_esteem(self):
+        wallet = Wallet.objects.get(user=self.user)
+        self.assertEqual(wallet.esteem, 0)
+
+class TokenCreationTest(TestCase):
+    def setUp(self):
+        self.user = User.objects.create(email="capman@test.io")
+
+    def test_coin_on_a_string_created_for_new_user(self):
+        self.assertTrue(
+            Token.objects.filter(user=self.user, token_type=Token.COIN).exists()
+        )
+
+    def test_free_token_created_for_new_user(self):
+        self.assertTrue(
+            Token.objects.filter(user=self.user, token_type=Token.FREE).exists()
+        )
+
+    def test_coin_on_a_string_has_no_expiry(self):
+        coin = Token.objects.get(user=self.user, token_type=Token.COIN)
+        self.assertIsNone(coin.expires_at)
+
+    def test_free_token_has_expiry_within_7_days(self):
+        free = Token.objects.get(user=self.user, token_type=Token.FREE)
+        self.assertIsNotNone(free.expires_at)
+        delta = free.expires_at - timezone.now()
+        self.assertLessEqual(delta.days, 7)
+        self.assertGreater(delta.total_seconds(), 0)

src/apps/lyric/tests/integrated/test_views.py

@@ -2,7 +2,7 @@ from django.contrib import auth
 from django.test import TestCase
 from unittest import mock
 
-from apps.lyric.models import Token
+from apps.lyric.models import LoginToken
 
 
 @mock.patch("apps.lyric.views.send_login_email_task.delay")
@@ -35,20 +35,20 @@ class SendLoginEmailViewTest(TestCase):
         )
         self.assertEqual(message.tags, "success")
 
-    def test_creates_token_associated_with_email(self, mock_delay):
+    def test_creates_login_token_associated_with_email(self, mock_delay):
         self.client.post(
             "/lyric/send_login_email", data={"email": "discoman@example.com"}
         )
-        token = Token.objects.get()
-        self.assertEqual(token.email, "discoman@example.com")
+        login_token = LoginToken.objects.get()
+        self.assertEqual(login_token.email, "discoman@example.com")
         
-    def test_sends_link_to_login_using_token_uid(self, mock_delay):
+    def test_sends_link_to_login_using_login_token_uid(self, mock_delay):
         self.client.post(
             "/lyric/send_login_email", data={"email": "discoman@example.com"}
         )
 
-        token = Token.objects.get()
-        expected_url = f"http://testserver/lyric/login?token={token.uid}"
+        login_token = LoginToken.objects.get()
+        expected_url = f"http://testserver/lyric/login?token={login_token.uid}"
         self.assertEqual(mock_delay.call_args.args[1], expected_url)
 
 class LoginViewTest(TestCase):
@@ -56,18 +56,18 @@ class LoginViewTest(TestCase):
         response = self.client.get("/lyric/login?token=abc123")
         self.assertRedirects(response, "/")
 
-    def test_logs_in_if_given_valid_token(self):
+    def test_logs_in_if_given_valid_login_token(self):
         anon_user = auth.get_user(self.client)
         self.assertEqual(anon_user.is_authenticated, False)
 
-        token = Token.objects.create(email="discoman@example.com")
-        self.client.get(f"/lyric/login?token={token.uid}", follow=True)
+        login_token = LoginToken.objects.create(email="discoman@example.com")
+        self.client.get(f"/lyric/login?token={login_token.uid}", follow=True)
 
         user = auth.get_user(self.client)
         self.assertEqual(user.is_authenticated, True)
         self.assertEqual(user.email, "discoman@example.com")
 
-    def test_shows_login_error_if_token_invalid(self):
+    def test_shows_login_error_if_login_token_invalid(self):
         response = self.client.get("/lyric/login?token=invalid-token", follow=True)
         user = auth.get_user(self.client)
         self.assertEqual(user.is_authenticated, False)

src/apps/lyric/tests/unit/test_tokens.py

@@ -0,0 +1,43 @@
+from django.test import SimpleTestCase
+from unittest.mock import MagicMock
+
+from apps.lyric.models import Token
+
+
+class CoinTooltipTest(SimpleTestCase):
+    def setUp(self):
+        self.coin = Token ()
+        self.coin.token_type = Token.COIN
+        self.coin.expires_at = None
+
+    def test_tooltip_contains_name(self):
+        self.assertIn("Coin-on-a-String", self.coin.tooltip_text())
+
+    def test_tooltip_contains_entry(self):
+        self.assertIn("Admit 1 Entry", self.coin.tooltip_text())
+
+    def test_tooltip_contains_reuse_description(self):
+        self.assertIn("and another after that", self.coin.tooltip_text())
+
+    def test_tooltip_contains_no_expiry(self):
+        self.assertIn("no expiry", self.coin.tooltip_text())
+
+class FreeTokenTooltipTest(SimpleTestCase):
+    def setUp(self):
+        self.token = Token()
+        self.token.token_type = Token.FREE
+        self.token.expires_at = MagicMock()
+        self.token.expires_at.strftime = lambda fmt: "2026-03-15"
+
+    def test_tooltip_contains_name(self):
+        self.assertIn("Free Token", self.token.tooltip_text())
+
+    def test_tooltip_contains_entry(self):
+        self.assertIn("Admit 1 Entry", self.token.tooltip_text())
+
+    def test_tooltip_contains_expires(self):
+        self.assertIn("Expires", self.token.tooltip_text())
+
+    def test_tooltip_contains_expiry_date(self):
+        self.assertIn("2026-03-15", self.token.tooltip_text())
+

src/apps/lyric/views.py

@@ -2,15 +2,15 @@ from django.contrib import auth, messages
 from django.shortcuts import redirect
 from django.urls import reverse
 
-from .models import Token
+from .models import LoginToken
 from .tasks import send_login_email_task
 
 
 def send_login_email(request):
     email = request.POST["email"]
-    token = Token.objects.create(email=email)
+    login_token = LoginToken.objects.create(email=email)
     url = request.build_absolute_uri(
-        reverse("login") + "?token=" + str(token.uid),
+        reverse("login") + "?token=" + str(login_token.uid),
     )
 
     send_login_email_task.delay(email, url)