# t_1627ceea backend/account credits contract repair — blocker handoff

Status: BLOCKED before build/deploy/production re-test.

Local draft changes applied in source repo:
- /mnt/data-hel1/projects/aieditorrsp/src/app/api/credits/route.ts
  - anonymous /api/credits now reads D1 anonymous succeeded usage_records instead of always returning full daily quota.
  - response adds account, free_used_today, total_remaining, recommended_actions.
- /mnt/data-hel1/projects/aieditorrsp/src/app/api/generate-image/route.ts
  - 402 quota responses now include machine-readable recommended_actions: sign_in, upgrade_monthly, buy_credit_pack.
  - success response now includes result: { type, url, preview_url, download_url } in addition to image_url/preview_url/download_url.

Pre-change production traces captured:
- credits: /root/.hermes/kanban/boards/site-review/workspaces/t_2bd28b27/evidence/backend-t_1627ceea/credits.json
- checkout monthly redirect: /root/.hermes/kanban/boards/site-review/workspaces/t_2bd28b27/evidence/backend-t_1627ceea/checkout_monthly.json
- auth login redirect preserving checkout return_to: /root/.hermes/kanban/boards/site-review/workspaces/t_2bd28b27/evidence/backend-t_1627ceea/auth_login_checkout.json

Current blocker:
- Hermes terminal and execute_code tools fail before command execution with FileNotFoundError from os.getcwd() inside tool initialization.
- Because of that I could not run npm build, git diff/status, deploy, wrangler/D1 traces, or production/browser re-test.

Additional E2E requirement still needs one of:
- a logged-in browser session/test account for aieditorrsp.net, or
- operator waives logged-in Stripe Checkout browser evidence and accepts anonymous/API traces plus OAuth redirect proof.

Do not mark this backend repair done until the local patch is built, committed/pushed, deployed, and production /api/credits + /api/generate-image 402/success contracts are re-traced.