CooperandGoodman/yolkbook
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
31dd106ebdd055502c6018e9d4b0501fbee54aed
yolkbook/backend/routers/feed.py
derekc aa12648228 Add multi-user auth, admin panel, and timezone support; rename to Yolkbook 
- Rename app from Eggtracker to Yolkbook throughout
- Add JWT-based authentication (python-jose, passlib/bcrypt)
- Add users table; all data tables gain user_id FK for full data isolation
- Super admin credentials sourced from ADMIN_USERNAME/ADMIN_PASSWORD env vars,
  synced on every startup; orphaned rows auto-assigned to admin post-migration
- Login page with self-registration; JWT stored in localStorage (30-day expiry)
- Admin panel (/admin): list users, reset passwords, disable/enable, delete,
  and impersonate (Login As) with Return to Admin banner
- Settings modal (gear icon in nav): timezone selector and change password
- Timezone stored per-user; stats date windows computed in user's timezone;
  date input setToday() respects user timezone via Intl API
- migrate_v2.sql for existing single-user installs
- Auto-migration adds timezone column to users on startup
- Updated README with full setup, auth, admin, and migration docs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 23:19:29 -07:00

81 lines
2.4 KiB
Python
Raw Blame History

from datetime import date
from typing import Optional
from fastapi import APIRouter, Depends, HTTPException
from sqlalchemy import select
from sqlalchemy.orm import Session
from database import get_db
from models import FeedPurchase, User
from schemas import FeedPurchaseCreate, FeedPurchaseUpdate, FeedPurchaseOut
from auth import get_current_user
router = APIRouter(prefix="/api/feed", tags=["feed"])
@router.get("", response_model=list[FeedPurchaseOut])
def list_feed_purchases(
start: Optional[date] = None,
end: Optional[date] = None,
db: Session = Depends(get_db),
current_user: User = Depends(get_current_user),
):
q = (
select(FeedPurchase)
.where(FeedPurchase.user_id == current_user.id)
.order_by(FeedPurchase.date.desc())
)
if start:
q = q.where(FeedPurchase.date >= start)
if end:
q = q.where(FeedPurchase.date <= end)
return db.scalars(q).all()
@router.post("", response_model=FeedPurchaseOut, status_code=201)
def create_feed_purchase(
body: FeedPurchaseCreate,
db: Session = Depends(get_db),
current_user: User = Depends(get_current_user),
):
record = FeedPurchase(**body.model_dump(), user_id=current_user.id)
db.add(record)
db.commit()
db.refresh(record)
return record
@router.put("/{record_id}", response_model=FeedPurchaseOut)
def update_feed_purchase(
record_id: int,
body: FeedPurchaseUpdate,
db: Session = Depends(get_db),
current_user: User = Depends(get_current_user),
):
record = db.scalars(
select(FeedPurchase)
.where(FeedPurchase.id == record_id, FeedPurchase.user_id == current_user.id)
).first()
if not record:
raise HTTPException(status_code=404, detail="Record not found")
for field, value in body.model_dump(exclude_none=True).items():
setattr(record, field, value)
db.commit()
db.refresh(record)
return record
@router.delete("/{record_id}", status_code=204)
def delete_feed_purchase(
record_id: int,
db: Session = Depends(get_db),
current_user: User = Depends(get_current_user),
):
record = db.scalars(
select(FeedPurchase)
.where(FeedPurchase.id == record_id, FeedPurchase.user_id == current_user.id)
).first()
if not record:
raise HTTPException(status_code=404, detail="Record not found")
db.delete(record)
db.commit()
Reference in New Issue View Git Blame Copy Permalink