- Fix pgx/v5 SQL placeholder bug (? -> /) in tenant_handlers.go
- tenant_id was silently failing to write/read, causing empty TenantID in JWT
- Harden requireSOC middleware to BLOCK when TenantID is empty (was pass-through)
- Block paid plan upgrades without Stripe payment verification
- Add in-memory cache update for tenant_id on registration
- Add fallback tenant_id read from User object in HandleVerifyEmail
dd977b7d46