Skip to main content

Overview

Percify enforces safety through proactive account bans, visibility controls, and standardized API denial responses. This page summarizes mechanisms derived from the internal Ban System Guide.

Ban System

FieldPurpose
bannedBoolean flag blocking feature use
banned_atTimestamp of ban action
banned_reasonHuman-readable rationale
Utility functions:
  • checkUserBanned(userId) returns status
  • requireNotBanned(userId) throws if banned
  • createBannedUserResponse() returns 403 standardized JSON

Integration Pattern (Route Snippet)

const session = await auth.api.getSession({ headers: request.headers });
if (!session?.user) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
try { await requireNotBanned(session.user.id); } 
catch { return createBannedUserResponse(); }

Protected Endpoints (High Priority)

  • Avatar generation & management
  • Video & audio creation routes
  • Profile update (handle, bio, avatar image)

Visibility Controls

StateIndexedPublic FeedAPI PublicOwner Access
DraftNoNoAuth onlyYes
PrivateYes (limited)NoAuth onlyYes
PublishedYesYesPublicYes

Content Moderation (Recommended)

LayerStrategy
Prompt FilteringBlock disallowed terms pre-generation
Post-Gen ReviewFlag suspicious outputs for manual audit
Rate LimitsThrottle abuse patterns
Ban EscalationAutomated triggers (credit exploit, spam)

Exploit Mitigations

Internal fixes cover:
  • Credit real-time synchronization to stop race conditions
  • Hardening against duplicate API calls (idempotency)
  • Centralized cost logic removal of scattered constants

Standard Error Responses

StatusCaseBody
401Missing auth{ "error": "Unauthorized" }
403Banned user{ "error": "Access denied", "reason": "banned" }
429Rate limit{ "error": "Too Many Requests" }
400Validation{ "error": "Invalid input" }

Logging & Audit

Log structure suggestion: 
{
  "type": "ban_check",
  "userId": "usr_123",
  "result": "blocked",
  "route": "/api/images/generate",
  "timestamp": "2025-11-24T12:45:00Z"
}

User Data Privacy (High Level)

  • Minimal PII stored (email, optional display name)
  • Media assets segregated by userId
  • Token-based API access (no password sharing)
  1. Detect anomaly (logs / alerts)
  2. Temporarily ban account (script)
  3. Archive related assets
  4. Review root cause
  5. Restore or escalate permanent ban
  • [/percify/credits]
  • [/percify/performance]
  • [/percify/faq]
Performance safeguards next: [/percify/performance].