AZA License Server – Architektur (MVP)

Dateien
1) license_server.py
- Public API:
  - /register
  - /login
  - /license/check
  - /health
- DB-Init/Migration (SQLite)
- Token-Generierung + Token-Rotation (max 3 aktive Tokens/User)
- Plan/Device-Limit Logik (basic=3, team=5)
- Account-Status Gate (active/suspended/cancelled)

2) admin_routes.py
- Admin API (AZA_ADMIN_KEY erforderlich):
  - POST /admin/set_plan
  - POST /admin/set_status
  - POST /admin/revoke_token
  - POST /admin/audit/list
- Audit-Logging via admin_audit Tabelle

DB
- users (email, plan, status, ...)
- tokens (token, user_id, revoked, ...)
- devices (user_id, device_id, ...)
- admin_audit (action, email, token, old_value, new_value, created_at)

Hinweis
- Admin-Endpunkte sind bewusst ohne UI (Support/MVP).
- Payment (Stripe) kommt später über Status/Plan-Updates.