docs(01-02): complete database schema plan

Tasks completed: 3/3
- Create database migration with plans and profiles
- Create seed file for development
- Document database schema

SUMMARY: .planning/phases/01-foundation-auth/01-02-SUMMARY.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

.planning/phases/01-foundation-auth/01-02-SUMMARY.md

@@ -0,0 +1,116 @@
+---
+phase: 01-foundation-auth
+plan: 02
+subsystem: database
+tags: [supabase, postgresql, rls, multi-tenant, auth]
+
+# Dependency graph
+requires:
+  - phase: none
+    provides: First database schema
+provides:
+  - plans table with Free, Creator, Pro tiers
+  - profiles table with auto-creation trigger
+  - RLS policies for tenant isolation
+  - Helper functions for plan feature checking
+affects: [01-03-supabase-client, 01-04-auth-ui, 02-social-accounts]
+
+# Tech tracking
+tech-stack:
+  added: []
+  patterns:
+    - "RLS with (SELECT auth.uid()) subquery for performance"
+    - "SECURITY DEFINER functions for bypassing RLS"
+    - "Auto-profile creation via auth.users trigger"
+    - "JSONB for flexible feature flags"
+
+key-files:
+  created:
+    - supabase/migrations/001_initial_auth_setup.sql
+    - supabase/seed.sql
+    - docs/DATABASE.md
+  modified: []
+
+key-decisions:
+  - "tenant_id in profiles table, not JWT (simpler for v1)"
+  - "Plans seeded in migration, not seed file (always exist)"
+  - "JSONB features for flexible plan limits"
+  - "Italian display names for i18n readiness"
+
+patterns-established:
+  - "RLS Policy Pattern: Use (SELECT auth.uid()) for 99% performance improvement"
+  - "Auto-profile Pattern: Trigger creates profile on auth.users insert"
+  - "Helper Function Pattern: SECURITY DEFINER for cross-table queries"
+
+# Metrics
+duration: 5min
+completed: 2026-01-31
+---
+
+# Phase 01 Plan 02: Database Schema Summary
+
+**Multi-tenant auth schema with plans table, profiles table, RLS policies, and auto-profile trigger for Supabase**
+
+## Performance
+
+- **Duration:** 5 min
+- **Started:** 2026-01-31T03:24:00Z
+- **Completed:** 2026-01-31T03:29:00Z
+- **Tasks:** 3
+- **Files created:** 3
+
+## Accomplishments
+
+- Created plans table with Free, Creator, Pro tiers (0, 19, 49 EUR/month)
+- Created profiles table with tenant_id for multi-tenant isolation
+- Enabled RLS on all tables with optimized policies
+- Added auto-profile creation trigger on user signup
+- Added helper functions for plan limit checking
+- Documented complete schema with security notes
+
+## Task Commits
+
+Each task was committed atomically:
+
+1. **Task 1: Create database migration with plans and profiles** - `f271d7f` (feat)
+2. **Task 2: Create seed file for development** - `16b3053` (feat)
+3. **Task 3: Document database schema** - `fd56b12` (docs)
+
+## Files Created
+
+- `supabase/migrations/001_initial_auth_setup.sql` - Complete auth schema with RLS
+- `supabase/seed.sql` - Development verification seed
+- `docs/DATABASE.md` - Schema documentation with examples
+
+## Decisions Made
+
+1. **tenant_id in profiles, not JWT** - Simpler approach for v1, avoids JWT refresh complexity
+2. **Plans in migration, not seed** - Plans must always exist, migration guarantees this
+3. **JSONB for features** - Flexible structure for plan limits, easy to extend
+4. **Italian display names** - i18n ready from day 1
+
+## Deviations from Plan
+
+None - plan executed exactly as written.
+
+## Issues Encountered
+
+None.
+
+## User Setup Required
+
+**Database migration must be applied to Supabase.** See `docs/DATABASE.md` for:
+- SQL Editor copy/paste method
+- Supabase CLI method
+- Direct psql connection method
+
+## Next Phase Readiness
+
+- Schema ready for Supabase project creation (01-03)
+- Plans table ready for auth flow (01-04)
+- Profiles auto-creation ready for signup testing
+- RLS policies ready for security verification
+
+---
+*Phase: 01-foundation-auth*
+*Completed: 2026-01-31*