Add multi-user auth, admin panel, and timezone support; rename to Yolkbook

- Rename app from Eggtracker to Yolkbook throughout - Add JWT-based authentication (python-jose, passlib/bcrypt) - Add users table; all data tables gain user_id FK for full data isolation - Super admin credentials sourced from ADMIN_USERNAME/ADMIN_PASSWORD env vars, synced on every startup; orphaned rows auto-assigned to admin post-migration - Login page with self-registration; JWT stored in localStorage (30-day expiry) - Admin panel (/admin): list users, reset passwords, disable/enable, delete, and impersonate (Login As) with Return to Admin banner - Settings modal (gear icon in nav): timezone selector and change password - Timezone stored per-user; stats date windows computed in user's timezone; date input setToday() respects user timezone via Intl API - migrate_v2.sql for existing single-user installs - Auto-migration adds timezone column to users on startup - Updated README with full setup, auth, admin, and migration docs Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 23:19:29 -07:00
parent 7d50af0054
commit aa12648228
31 changed files with 1572 additions and 140 deletions
--- a/mysql/init.sql
+++ b/mysql/init.sql
@@ -1,4 +1,4 @@
-- Eggtracker schema
+-- Eggtracker schema — multi-user edition
 -- This file runs automatically on first container startup only.
 -- To re-run it, remove the mysql_data volume: docker compose down -v

@@ -8,50 +8,72 @@ CREATE DATABASE IF NOT EXISTS eggtracker

 USE eggtracker;

+-- ── Users ─────────────────────────────────────────────────────────────────────
+CREATE TABLE IF NOT EXISTS users (
+    id              INT UNSIGNED    NOT NULL AUTO_INCREMENT,
+    username        VARCHAR(64)     NOT NULL,
+    hashed_password VARCHAR(255)    NOT NULL,
+    is_admin        TINYINT(1)      NOT NULL DEFAULT 0,
+    is_disabled     TINYINT(1)      NOT NULL DEFAULT 0,
+    created_at      DATETIME        NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    PRIMARY KEY (id),
+    UNIQUE KEY uq_username (username)
+) ENGINE=InnoDB;
+
 -- ── Egg collections ───────────────────────────────────────────────────────────
 CREATE TABLE IF NOT EXISTS egg_collections (
    id          INT UNSIGNED    NOT NULL AUTO_INCREMENT,
+    user_id     INT UNSIGNED    NOT NULL,
    date        DATE            NOT NULL,
    eggs        INT UNSIGNED    NOT NULL,
    notes       TEXT,
    created_at  DATETIME        NOT NULL DEFAULT CURRENT_TIMESTAMP,
    PRIMARY KEY (id),
-    UNIQUE KEY uq_date (date)
+    UNIQUE KEY uq_user_date (user_id, date),
+    INDEX idx_user_id (user_id),
+    INDEX idx_date (date),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
 ) ENGINE=InnoDB;

 -- ── Flock history ─────────────────────────────────────────────────────────────
-- Each row records a change in flock size. The count in effect for any given
-- date is the most recent row with date <= that date.
 CREATE TABLE IF NOT EXISTS flock_history (
    id             INT UNSIGNED    NOT NULL AUTO_INCREMENT,
+    user_id        INT UNSIGNED    NOT NULL,
    date           DATE            NOT NULL,
    chicken_count  INT UNSIGNED    NOT NULL,
    notes          TEXT,
    created_at     DATETIME        NOT NULL DEFAULT CURRENT_TIMESTAMP,
    PRIMARY KEY (id),
-    INDEX idx_date (date)
+    INDEX idx_user_id (user_id),
+    INDEX idx_date (date),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
 ) ENGINE=InnoDB;

 -- ── Feed purchases ────────────────────────────────────────────────────────────
 CREATE TABLE IF NOT EXISTS feed_purchases (
    id             INT UNSIGNED      NOT NULL AUTO_INCREMENT,
+    user_id        INT UNSIGNED      NOT NULL,
    date           DATE              NOT NULL,
-    bags           DECIMAL(5, 2)     NOT NULL,   -- decimal for partial bags
+    bags           DECIMAL(5, 2)     NOT NULL,
    price_per_bag  DECIMAL(10, 2)    NOT NULL,
    notes          TEXT,
    created_at     DATETIME          NOT NULL DEFAULT CURRENT_TIMESTAMP,
    PRIMARY KEY (id),
-    INDEX idx_date (date)
+    INDEX idx_user_id (user_id),
+    INDEX idx_date (date),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
 ) ENGINE=InnoDB;

 -- ── Other purchases ───────────────────────────────────────────────────────────
-- Catch-all for non-feed costs: bedding, snacks, shelter, etc.
 CREATE TABLE IF NOT EXISTS other_purchases (
    id         INT UNSIGNED   NOT NULL AUTO_INCREMENT,
+    user_id    INT UNSIGNED   NOT NULL,
    date       DATE           NOT NULL,
    total      DECIMAL(10, 2) NOT NULL,
    notes      TEXT,
    created_at DATETIME       NOT NULL DEFAULT CURRENT_TIMESTAMP,
    PRIMARY KEY (id),
-    INDEX idx_date (date)
+    INDEX idx_user_id (user_id),
+    INDEX idx_date (date),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
 ) ENGINE=InnoDB;
--- a/mysql/migrate_v2.sql
+++ b/mysql/migrate_v2.sql
@@ -0,0 +1,50 @@
+-- Eggtracker v2 migration — adds multi-user support to an existing database.
+-- Run this ONCE on an existing install BEFORE restarting with the new image:
+--
+--   docker compose exec db mysql -u root -p"${MYSQL_ROOT_PASSWORD}" eggtracker < mysql/migrate_v2.sql
+--
+-- After running this script, restart the stack (docker compose up -d --build).
+-- The API will automatically create the admin user (from ADMIN_USERNAME /
+-- ADMIN_PASSWORD in .env) and assign all existing records to that admin account.
+--
+-- NOTE: Run this script only ONCE. Running it again will fail on the ADD COLUMN
+-- statements since the columns will already exist.
+
+USE eggtracker;
+
+-- ── Create users table ────────────────────────────────────────────────────────
+CREATE TABLE IF NOT EXISTS users (
+    id              INT UNSIGNED    NOT NULL AUTO_INCREMENT,
+    username        VARCHAR(64)     NOT NULL,
+    hashed_password VARCHAR(255)    NOT NULL,
+    is_admin        TINYINT(1)      NOT NULL DEFAULT 0,
+    is_disabled     TINYINT(1)      NOT NULL DEFAULT 0,
+    created_at      DATETIME        NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    PRIMARY KEY (id),
+    UNIQUE KEY uq_username (username)
+) ENGINE=InnoDB;
+
+-- ── Add user_id columns (nullable so existing rows remain valid) ───────────────
+ALTER TABLE egg_collections
+    ADD COLUMN user_id INT UNSIGNED NULL AFTER id,
+    ADD INDEX idx_user_id (user_id);
+
+ALTER TABLE flock_history
+    ADD COLUMN user_id INT UNSIGNED NULL AFTER id,
+    ADD INDEX idx_user_id (user_id);
+
+ALTER TABLE feed_purchases
+    ADD COLUMN user_id INT UNSIGNED NULL AFTER id,
+    ADD INDEX idx_user_id (user_id);
+
+ALTER TABLE other_purchases
+    ADD COLUMN user_id INT UNSIGNED NULL AFTER id,
+    ADD INDEX idx_user_id (user_id);
+
+-- ── Remove old single-column unique index on egg_collections.date ─────────────
+-- It will be replaced by (user_id, date) once the admin is seeded.
+ALTER TABLE egg_collections DROP INDEX uq_date;
+
+-- The API startup will:
+-- 1. Create the admin user from ADMIN_USERNAME / ADMIN_PASSWORD in .env
+-- 2. Set user_id = admin.id on all rows where user_id IS NULL