CooperandGoodman/yolkbook
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b660263f30a806a286973414147c0b52f0b42b88
yolkbook/backend/routers/other.py
derekc aa12648228 Add multi-user auth, admin panel, and timezone support; rename to Yolkbook 
- Rename app from Eggtracker to Yolkbook throughout
- Add JWT-based authentication (python-jose, passlib/bcrypt)
- Add users table; all data tables gain user_id FK for full data isolation
- Super admin credentials sourced from ADMIN_USERNAME/ADMIN_PASSWORD env vars,
  synced on every startup; orphaned rows auto-assigned to admin post-migration
- Login page with self-registration; JWT stored in localStorage (30-day expiry)
- Admin panel (/admin): list users, reset passwords, disable/enable, delete,
  and impersonate (Login As) with Return to Admin banner
- Settings modal (gear icon in nav): timezone selector and change password
- Timezone stored per-user; stats date windows computed in user's timezone;
  date input setToday() respects user timezone via Intl API
- migrate_v2.sql for existing single-user installs
- Auto-migration adds timezone column to users on startup
- Updated README with full setup, auth, admin, and migration docs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 23:19:29 -07:00

81 lines
2.4 KiB
Python
Raw Blame History

from datetime import date
from typing import Optional
from fastapi import APIRouter, Depends, HTTPException
from sqlalchemy import select
from sqlalchemy.orm import Session
from database import get_db
from models import OtherPurchase, User
from schemas import OtherPurchaseCreate, OtherPurchaseUpdate, OtherPurchaseOut
from auth import get_current_user
router = APIRouter(prefix="/api/other", tags=["other"])
@router.get("", response_model=list[OtherPurchaseOut])
def list_other_purchases(
start: Optional[date] = None,
end: Optional[date] = None,
db: Session = Depends(get_db),
current_user: User = Depends(get_current_user),
):
q = (
select(OtherPurchase)
.where(OtherPurchase.user_id == current_user.id)
.order_by(OtherPurchase.date.desc())
)
if start:
q = q.where(OtherPurchase.date >= start)
if end:
q = q.where(OtherPurchase.date <= end)
return db.scalars(q).all()
@router.post("", response_model=OtherPurchaseOut, status_code=201)
def create_other_purchase(
body: OtherPurchaseCreate,
db: Session = Depends(get_db),
current_user: User = Depends(get_current_user),
):
record = OtherPurchase(**body.model_dump(), user_id=current_user.id)
db.add(record)
db.commit()
db.refresh(record)
return record
@router.put("/{record_id}", response_model=OtherPurchaseOut)
def update_other_purchase(
record_id: int,
body: OtherPurchaseUpdate,
db: Session = Depends(get_db),
current_user: User = Depends(get_current_user),
):
record = db.scalars(
select(OtherPurchase)
.where(OtherPurchase.id == record_id, OtherPurchase.user_id == current_user.id)
).first()
if not record:
raise HTTPException(status_code=404, detail="Record not found")
for field, value in body.model_dump(exclude_none=True).items():
setattr(record, field, value)
db.commit()
db.refresh(record)
return record
@router.delete("/{record_id}", status_code=204)
def delete_other_purchase(
record_id: int,
db: Session = Depends(get_db),
current_user: User = Depends(get_current_user),
):
record = db.scalars(
select(OtherPurchase)
.where(OtherPurchase.id == record_id, OtherPurchase.user_id == current_user.id)
).first()
if not record:
raise HTTPException(status_code=404, detail="Record not found")
db.delete(record)
db.commit()
Reference in New Issue View Git Blame Copy Permalink