---
# nuzlocke-tracker-d98o
title: User Account integration
status: draft
type: epic
priority: normal
created_at: 2026-02-04T16:17:01Z
updated_at: 2026-02-04T16:20:05Z
---

Enable user accounts so players can track multiple Nuzlocke runs, access them from any device, and view detailed statistics across all their playthroughs.

## Goals
- Users can create accounts and log in securely
- Support social login providers for frictionless onboarding
- Each user can have multiple runs (no longer single-user assumption)
- Provide an overview dashboard of all runs
- Provide detailed statistics aggregated across all runs

## Features

### Authentication
- [ ] Email/password registration and login
- [ ] Social login with Google
- [ ] Social login with Apple
- [ ] Password reset flow via email
- [ ] Session management (remember me, logout)
- [ ] Secure token handling (JWT or session-based)

### User Profile
- [ ] Basic profile info (display name, avatar)
- [ ] Account settings page
- [ ] Delete account option (with data export)

### Multi-Run Support
- [ ] Associate runs with user accounts
- [ ] Users can have unlimited runs
- [ ] Migrate any existing local/anonymous runs to account
- [ ] Run visibility settings (private by default)

### Runs Overview Page
- [ ] Dashboard showing all user's runs
- [ ] Display per run: game, start date, status (active/completed/abandoned), team snapshot
- [ ] Filter/sort runs by game, status, date
- [ ] Quick actions: continue run, view details, archive
- [ ] Visual indicator for currently active run(s)
- [ ] Create new run button

### Detailed Stats Page
- [ ] Aggregate statistics across all runs:
  - [ ] Total runs started / completed / abandoned
  - [ ] Total Pokémon caught / lost
  - [ ] Favorite games (most runs)
  - [ ] Average run completion rate
  - [ ] Longest surviving Pokémon across runs
  - [ ] Most common cause of death
- [ ] Per-game statistics breakdown
- [ ] Historical timeline of runs
- [ ] Achievements/milestones (e.g., "Completed 5 runs", "No deaths in a run")

## Technical Considerations
- Backend: Add user model, auth middleware, update all run endpoints
- Frontend: Auth context/provider, protected routes, login/register forms
- Database: Users table, user_id foreign key on runs
- Consider OAuth libraries (e.g., Authlib for Python, or Auth0/Firebase Auth)
- GDPR considerations for EU users (data export, deletion)

## Dependencies
- Requires MVP core features to be functional first
- API endpoints need user-scoping
- Database schema needs user table and migrations

## Out of Scope (for now)
- Social features (sharing runs, leaderboards)
- Team collaboration
- Public run profiles