Daedalus and Talos integration test

.beans/nuzlocke-tracker-2561--supabase-auth-project-setup-and-provider-config.md

@@ -0,0 +1,21 @@
+---
+# nuzlocke-tracker-2561
+title: Supabase Auth project setup and provider config
+status: todo
+type: task
+priority: normal
+created_at: 2026-03-20T15:28:08Z
+updated_at: 2026-03-20T15:28:33Z
+parent: nuzlocke-tracker-d98o
+---
+
+Set up Supabase project with Auth enabled. Configure Google and Discord as social login providers. Add Supabase URL and keys to backend/frontend environment variables. This is the foundation — nothing else can start until the Supabase project exists.
+
+## Checklist
+- [ ] Create Supabase project (or configure existing one)
+- [ ] Enable email/password auth
+- [ ] Configure Google OAuth provider
+- [ ] Configure Discord OAuth provider
+- [ ] Add SUPABASE_URL, SUPABASE_ANON_KEY, SUPABASE_JWT_SECRET to backend env
+- [ ] Add VITE_SUPABASE_URL, VITE_SUPABASE_ANON_KEY to frontend env
+- [ ] Document setup steps for local development

.beans/nuzlocke-tracker-b311--backend-auth-middleware-and-jwt-verification.md

@@ -0,0 +1,23 @@
+---
+# nuzlocke-tracker-b311
+title: Backend auth middleware and JWT verification
+status: todo
+type: task
+priority: normal
+created_at: 2026-03-20T15:28:13Z
+updated_at: 2026-03-20T15:28:33Z
+parent: nuzlocke-tracker-d98o
+blocked_by:
+    - nuzlocke-tracker-2561
+---
+
+Add Supabase JWT verification to the FastAPI backend. Create a reusable dependency that extracts and validates the Bearer token, resolves the current user, and provides it to endpoints. Protect all write endpoints (POST/PUT/DELETE) while leaving read endpoints open.
+
+## Checklist
+- [ ] Add python-jose[cryptography] or PyJWT dependency
+- [ ] Create auth dependency that extracts Bearer token from Authorization header
+- [ ] Verify JWT against Supabase JWT secret
+- [ ] Create `get_current_user` dependency (returns User or None)
+- [ ] Create `require_auth` dependency (raises 401 if not authenticated)
+- [ ] Apply `require_auth` to all write endpoints (POST, PUT, DELETE)
+- [ ] Add tests for auth middleware (valid token, expired token, missing token)

.beans/nuzlocke-tracker-bnhh--user-model-run-ownership-and-visibility-migration.md

@@ -0,0 +1,23 @@
+---
+# nuzlocke-tracker-bnhh
+title: User model, run ownership, and visibility migration
+status: todo
+type: task
+priority: normal
+created_at: 2026-03-20T15:28:18Z
+updated_at: 2026-03-20T15:28:34Z
+parent: nuzlocke-tracker-d98o
+blocked_by:
+    - nuzlocke-tracker-2561
+---
+
+Create a User model synced from Supabase Auth. Add owner_id FK to runs table. Add visibility column (public/private) to runs with default public. Existing runs will have NULL owner_id (unowned).
+
+## Checklist
+- [ ] Create User model (id matches Supabase user UUID, email, display_name, created_at)
+- [ ] Alembic migration: create users table
+- [ ] Alembic migration: add owner_id (nullable FK to users) and visibility (enum: public/private, default public) to runs table
+- [ ] Update Run model with owner relationship and visibility field
+- [ ] Create user sync endpoint or webhook (on first login, upsert user record from Supabase JWT claims)
+- [ ] Update RunResponse schema to include owner and visibility
+- [ ] Add visibility enforcement: private runs return 403 unless requester is owner

.beans/nuzlocke-tracker-bw1m--errors.md

@@ -0,0 +1,10 @@
+---
+# nuzlocke-tracker-bw1m
+title: Errors
+status: todo
+type: epic
+created_at: 2026-03-20T15:19:43Z
+updated_at: 2026-03-20T15:19:43Z
+---
+
+Container for crash and blocker beans created by Talos.

.beans/nuzlocke-tracker-d68l--frontend-journal-entry-editor-and-list-view.md

@@ -0,0 +1,35 @@
+---
+# nuzlocke-tracker-d68l
+title: 'Frontend: Journal entry editor and list view'
+status: todo
+type: task
+priority: normal
+created_at: 2026-03-20T15:15:55Z
+updated_at: 2026-03-20T15:15:59Z
+parent: nuzlocke-tracker-mz16
+blocked_by:
+    - nuzlocke-tracker-vmto
+---
+
+Create the frontend UI for writing and viewing journal entries.
+
+## Design Decisions
+- Plain markdown textarea (no WYSIWYG)
+- Images via markdown URL syntax (`![alt](url)`)
+- Blank slate — no templates
+- Private only (no sharing UI)
+
+## Checklist
+
+- [ ] Add `JournalEntry` TypeScript types to `frontend/src/types/`
+- [ ] Create API client functions for journal CRUD
+- [ ] Create `JournalList` component — chronological list of entries for a run
+  - Show title, date, preview snippet, and linked boss (if any)
+  - Link each entry to its detail/edit view
+- [ ] Create `JournalEditor` component — markdown textarea with title input
+  - Optional boss result selector dropdown (link entry to a boss battle)
+  - Preview tab to render markdown
+  - Save and delete actions
+- [ ] Create `JournalEntryView` component — rendered markdown display
+- [ ] Add journal section/tab to the run detail page
+- [ ] Add route for journal entry detail/edit view

.beans/nuzlocke-tracker-d98o--user-account-integration.md

@@ -1,11 +1,11 @@
 ---
 # nuzlocke-tracker-d98o
 title: User Account integration
-status: draft
+status: todo
 type: epic
-priority: deferred
+priority: normal
 created_at: 2026-02-04T16:17:01Z
-updated_at: 2026-02-10T12:05:43Z
+updated_at: 2026-03-20T15:28:45Z
 blocking:
     - nuzlocke-tracker-0jec
 ---
@@ -75,4 +75,18 @@ Enable user accounts so players can track multiple Nuzlocke runs, access them fr
 ## Out of Scope (for now)
 - Social features (sharing runs, leaderboards)
 - Team collaboration
-- Public run profiles
+- Public run profiles
+
+## Decisions (resolved 2026-03-20)
+
+- **Auth provider:** Supabase Auth (third-party, self-hostable, AWS-compatible)
+- **Social login:** Google + Discord
+- **Run migration:** Existing runs stay unowned, admin assigns manually post-signup
+- **Auth scope:** Write operations require auth; per-run public/private visibility toggle
+- **Editor for journal (related):** Plain markdown
+
+## Execution Order
+
+1. `nuzlocke-tracker-2561` — Supabase project setup (unblocked)
+2. `nuzlocke-tracker-b311` + `nuzlocke-tracker-bnhh` + `nuzlocke-tracker-l9xh` — Backend auth, user model, frontend auth (parallel, after setup)
+3. `nuzlocke-tracker-k1l1` — Run ownership + visibility (after all above)

.beans/nuzlocke-tracker-k1l1--run-ownership-assignment-and-visibility-toggle.md

@@ -0,0 +1,24 @@
+---
+# nuzlocke-tracker-k1l1
+title: Run ownership assignment and visibility toggle
+status: todo
+type: feature
+priority: normal
+created_at: 2026-03-20T15:28:27Z
+updated_at: 2026-03-20T15:28:36Z
+parent: nuzlocke-tracker-d98o
+blocked_by:
+    - nuzlocke-tracker-b311
+    - nuzlocke-tracker-bnhh
+    - nuzlocke-tracker-l9xh
+---
+
+Wire up run ownership in the UI. New runs created by logged-in users are automatically assigned to them. Add a visibility toggle (public/private) to run settings. Update run list to show owned runs and public runs separately.
+
+## Checklist
+- [ ] Auto-assign owner_id when creating a new run (if authenticated)
+- [ ] Add visibility toggle to run settings/edit page
+- [ ] Update run list view: show 'My Runs' section for authenticated users
+- [ ] Show public/private badge on run cards
+- [ ] Enforce visibility on frontend (don't show edit controls for non-owned runs)
+- [ ] Admin script/endpoint to assign existing unowned runs to a user by ID

.beans/nuzlocke-tracker-l9xh--frontend-auth-flow-login-signup-session-management.md

@@ -0,0 +1,26 @@
+---
+# nuzlocke-tracker-l9xh
+title: Frontend auth flow (login, signup, session management)
+status: todo
+type: feature
+priority: normal
+created_at: 2026-03-20T15:28:24Z
+updated_at: 2026-03-20T15:28:35Z
+parent: nuzlocke-tracker-d98o
+blocked_by:
+    - nuzlocke-tracker-2561
+---
+
+Add Supabase JS client to the frontend. Build login and signup pages with email/password and social login buttons (Google, Discord). Implement auth context/provider for session management, protected route wrapper, and auth-aware API client that attaches Bearer tokens.
+
+## Checklist
+- [ ] Install @supabase/supabase-js
+- [ ] Create Supabase client singleton with env vars
+- [ ] Create AuthContext/AuthProvider with session state, login, logout, signup methods
+- [ ] Build login page (email/password form + Google/Discord buttons)
+- [ ] Build signup page (email/password form + Google/Discord buttons)
+- [ ] Add auth callback route for OAuth redirects
+- [ ] Create ProtectedRoute wrapper component
+- [ ] Update API client to attach Authorization header when user is logged in
+- [ ] Add user menu (avatar/email, logout) to header when authenticated
+- [ ] Handle token refresh automatically via Supabase client

.beans/nuzlocke-tracker-mz16--session-journal-blog-posts.md

@@ -1,10 +1,11 @@
 ---
 # nuzlocke-tracker-mz16
 title: Session Journal / Blog Posts
-status: draft
+status: completed
 type: epic
+priority: normal
 created_at: 2026-02-19T07:43:05Z
-updated_at: 2026-02-19T07:43:05Z
+updated_at: 2026-03-20T15:30:38Z
 ---
 
 Let users tell the story of their nuzlocke run through session journal entries (blog posts).
@@ -23,10 +24,15 @@ For each play session, users can write a short post to document what happened. P
 
 The journal becomes a chronological narrative of the nuzlocke run, with game data woven in automatically.
 
-## Open Questions
+## Decisions
 
-- [ ] What editor experience? (Markdown, rich text, block editor?)
-- [ ] How are images stored? (Local uploads, external links, cloud storage?)
-- [ ] What run events can be linked/embedded? (Team snapshots, deaths, catches, badge progress?)
-- [ ] Should posts be publishable/shareable, or private by default?
-- [ ] How does the journal UI look? Timeline view? Blog-style list?
+- **Editor:** Plain markdown textarea with preview
+- **Images:** Via markdown URL syntax (no uploads)
+- **Run linkage:** Entries belong to a run, optionally linked to a boss battle
+- **Visibility:** Private only (no sharing — deferred until user accounts exist)
+- **Templates:** Blank slate — no templates
+
+## Success Criteria
+
+- [x] Backend: journal entries CRUD API is complete (`nuzlocke-tracker-vmto`)
+- [ ] Frontend: journal list, editor, and view are functional (`nuzlocke-tracker-d68l`)

.beans/nuzlocke-tracker-neqv--add-detailed-boss-battle-information.md

@@ -2,26 +2,16 @@
 # nuzlocke-tracker-neqv
 title: Add detailed boss battle information
 status: todo
-type: feature
+type: epic
 priority: low
 created_at: 2026-02-08T11:21:22Z
-updated_at: 2026-02-10T12:05:43Z
+updated_at: 2026-03-20T15:25:04Z
 ---
 
-Enhance boss battles with more detailed information for each boss pokemon and the player's team.
+Enhance boss battles with more detailed information. Split into child beans:
 
-## Boss Pokemon Details
-Add the following optional fields to boss pokemon entries:
-- **Ability** – the pokemon's ability
-- **Held item** – item the pokemon is holding
-- **Nature** – the pokemon's nature
-- **Moveset** – up to 4 moves per pokemon
-
-This requires backend model/schema changes (BossPokemon fields), migration, admin UI for editing, and display in the run encounter boss cards.
-
-## Team Snapshot
-When recording a boss battle result, allow the player to snapshot which of their alive team pokemon they used and at what levels. This gives a record of "what I brought to the fight."
-
-- Add a `boss_result_team` join table (boss_result_id, encounter_id, level)
-- In the BossDefeatModal, show checkboxes for alive team members with optional level override
-- Display the team snapshot when viewing past boss results
+## Success Criteria
+- [x] Moves and abilities tables seeded (names + introduced generation)
+- [ ] Boss pokemon entries support ability, held item, nature, and moveset
+- [ ] Boss battle results can capture a team snapshot
+- [ ] (Future) Moves/abilities enriched with generation-specific stats

.beans/nuzlocke-tracker-nvd6--add-detailed-boss-pokemon-information-ability-item.md

@@ -0,0 +1,30 @@
+---
+# nuzlocke-tracker-nvd6
+title: Add detailed boss pokemon information (ability, item, nature, moveset)
+status: todo
+type: feature
+priority: low
+created_at: 2026-03-20T15:11:50Z
+updated_at: 2026-03-20T15:12:33Z
+parent: nuzlocke-tracker-neqv
+blocked_by:
+    - nuzlocke-tracker-vc5o
+---
+
+Add optional detail fields to boss pokemon entries: ability, held item, nature, and moveset (up to 4 moves).
+
+## Approach
+- Ability and moves reference the seeded `moves`/`abilities` tables via FK (hybrid approach — names only, no gen-specific stats yet)
+- Held item and nature stored as plain strings (items table can come later; natures are static)
+
+## Checklist
+- [ ] **Migration**: Add columns to `boss_pokemon` — `ability_id` (FK|null), `held_item` (str|null), `nature` (str|null), `move1_id`–`move4_id` (FK|null)
+- [ ] **Model**: Update `BossPokemon` in `backend/src/app/models/boss_pokemon.py` with relationships
+- [ ] **Schemas**: Update `BossPokemonResponse` and `BossPokemonInput` in `backend/src/app/schemas/boss.py`
+- [ ] **Admin UI**: Add fields to `BossTeamEditor.tsx` (ability autocomplete, item input, nature dropdown, 4 move autocomplete inputs)
+- [ ] **Frontend types**: Update `BossPokemon` in `frontend/src/types/game.ts` and admin input types
+- [ ] **Frontend display**: Show details on boss cards in `RunEncounters.tsx` and `BossDefeatModal.tsx`
+- [ ] **Seed data**: Update bulk import format to support new fields
+
+## Dependencies
+- Requires moves and abilities tables to be seeded first

.beans/nuzlocke-tracker-ququ--enrich-moves-and-abilities-with-generation-specifi.md

@@ -0,0 +1,29 @@
+---
+# nuzlocke-tracker-ququ
+title: Enrich moves and abilities with generation-specific stats
+status: draft
+type: feature
+priority: deferred
+created_at: 2026-03-20T15:11:59Z
+updated_at: 2026-03-20T15:12:33Z
+blocked_by:
+    - nuzlocke-tracker-vc5o
+---
+
+Follow-up to the hybrid moves/abilities seeding. Add full generation-specific data to enable rich display.
+
+## Approach
+Add a `move_gen_details` table (or similar) with per-generation stats: power, accuracy, PP, type, category, effect text. Same pattern for `ability_gen_details`. Seed from PokeAPI data.
+
+This is additive — the base `moves`/`abilities` tables already exist with names and introduced_gen.
+
+## Checklist
+- [ ] Design schema for generation-specific move data (power, accuracy, PP, type, category, effect)
+- [ ] Design schema for generation-specific ability data (description, effect)
+- [ ] Create migrations
+- [ ] Seed from PokeAPI or equivalent data source
+- [ ] Update boss pokemon display to show enriched move/ability info when available
+
+## Open Questions
+- Should we pull directly from PokeAPI at seed time, or maintain our own data files?
+- How to handle edge cases (e.g., moves that exist in romhacks but not official games)?

.beans/nuzlocke-tracker-t90q--crash-backend-journal-entries-model-api-and-migrat.md

@@ -0,0 +1,20 @@
+---
+# nuzlocke-tracker-t90q
+title: 'Crash: Backend: Journal entries model, API, and migration'
+status: todo
+type: bug
+priority: high
+created_at: 2026-03-20T15:30:02Z
+updated_at: 2026-03-20T15:30:24Z
+parent: nuzlocke-tracker-bw1m
+blocking:
+    - nuzlocke-tracker-vmto
+---
+
+Bean was found in 'in-progress' status on startup but no agent was running.
+This likely indicates a crash or unexpected termination.
+
+Manual review required before retrying.
+
+Bean: nuzlocke-tracker-vmto
+Title: Backend: Journal entries model, API, and migration

.beans/nuzlocke-tracker-vc5o--seed-moves-and-abilities-tables-names-introduced-g.md

@@ -0,0 +1,53 @@
+---
+# nuzlocke-tracker-vc5o
+title: Seed moves and abilities tables (names + introduced generation)
+status: completed
+type: task
+priority: normal
+created_at: 2026-03-20T15:11:44Z
+updated_at: 2026-03-20T15:25:11Z
+parent: nuzlocke-tracker-neqv
+---
+
+Create and seed `moves` and `abilities` tables with name and generation data using the hybrid approach.
+
+## Approach
+Seed move/ability **names** with `introduced_gen` only. Full generation-specific stats (power, accuracy, type changes, effect text) will be added in a follow-up bean.
+
+This enables FK references and autocomplete from boss pokemon fields without blocking on a full moves database.
+
+## Checklist
+- [x] **Migration**: Create `moves` table (`id`, `name`, `introduced_gen`, `type` optional)
+- [x] **Migration**: Create `abilities` table (`id`, `name`, `introduced_gen`)
+- [x] **Models**: Create `Move` and `Ability` SQLAlchemy models
+- [x] **Seed data**: Seed all move names with introduced generation (source: PokeAPI or Bulbapedia)
+- [x] **Seed data**: Seed all ability names with introduced generation
+- [x] **Seed script**: Add to existing seeding pipeline (`backend/src/app/seed/`)
+- [x] **Schemas**: Create basic response schemas for API consumption
+
+## Summary of Changes
+
+### Migration
+- Created `j1e2f3a4b5c6_add_moves_and_abilities_tables.py` migration
+- `moves` table: `id`, `name` (unique), `introduced_gen`, `type` (optional)
+- `abilities` table: `id`, `name` (unique), `introduced_gen`
+- Added indexes on `introduced_gen` for both tables
+
+### Models
+- `backend/src/app/models/move.py`: `Move` SQLAlchemy model
+- `backend/src/app/models/ability.py`: `Ability` SQLAlchemy model
+- Updated `models/__init__.py` to export both
+
+### Schemas
+- `backend/src/app/schemas/move.py`: `MoveResponse`, `AbilityResponse`, and paginated variants
+- Updated `schemas/__init__.py` to export all new schemas
+
+### Seed Data
+- Created `backend/scripts/fetch_moves_abilities.py` to fetch data from PokeAPI
+- Generated `moves.json` (937 moves) and `abilities.json` (367 abilities)
+- Data includes name, introduced generation, and type (for moves)
+
+### Seed Pipeline
+- Added `upsert_moves` and `upsert_abilities` functions to `loader.py`
+- Updated `run.py` to seed moves and abilities after Pokemon
+- Updated `verify()` to include move/ability counts

.beans/nuzlocke-tracker-vmto--backend-journal-entries-model-api-and-migration.md

@@ -0,0 +1,62 @@
+---
+# nuzlocke-tracker-vmto
+title: 'Backend: Journal entries model, API, and migration'
+status: completed
+type: task
+priority: normal
+tags:
+    - failed
+created_at: 2026-03-20T15:15:48Z
+updated_at: 2026-03-20T15:30:47Z
+parent: nuzlocke-tracker-mz16
+---
+
+Create the backend infrastructure for session journal entries.
+
+## Data Model
+
+`journal_entries` table:
+- `id` (UUID, PK)
+- `run_id` (FK to runs)
+- `boss_result_id` (FK to boss_results, nullable) — optional link to a boss battle
+- `title` (str, required)
+- `body` (text, required) — raw markdown content
+- `created_at`, `updated_at` (timestamps)
+
+## Checklist
+
+- [x] Create Alembic migration for `journal_entries` table
+- [x] Create `JournalEntry` SQLAlchemy model with relationships to `Run` and `BossResult`
+- [x] Create Pydantic schemas (`JournalEntryCreate`, `JournalEntryUpdate`, `JournalEntryResponse`)
+- [x] Create CRUD operations for journal entries
+- [x] Create API endpoints under `/runs/{run_id}/journal`:
+  - `GET /` — list entries for a run (ordered by created_at desc)
+  - `POST /` — create entry
+  - `GET /{entry_id}` — get single entry
+  - `PUT /{entry_id}` — update entry
+  - `DELETE /{entry_id}` — delete entry
+- [x] Add optional `boss_result_id` query filter to GET list endpoint
+
+
+## Summary of Changes
+
+Implemented backend infrastructure for session journal entries:
+
+**Files created:**
+- `backend/src/app/alembic/versions/k2f3a4b5c6d7_add_journal_entries_table.py` - Migration creating `journal_entries` table with UUID PK, foreign keys to `nuzlocke_runs` and `boss_results`, and timestamp columns
+- `backend/src/app/models/journal_entry.py` - SQLAlchemy model with relationships to `NuzlockeRun` and `BossResult`
+- `backend/src/app/schemas/journal_entry.py` - Pydantic schemas for create, update, and response
+- `backend/src/app/api/journal_entries.py` - API endpoints for CRUD operations
+
+**Files modified:**
+- `backend/src/app/models/nuzlocke_run.py` - Added `journal_entries` relationship
+- `backend/src/app/models/__init__.py` - Exported `JournalEntry`
+- `backend/src/app/schemas/__init__.py` - Exported journal entry schemas
+- `backend/src/app/api/routes.py` - Registered journal entries router
+
+**API Endpoints:**
+- `GET /runs/{run_id}/journal` - List entries (supports `boss_result_id` filter)
+- `POST /runs/{run_id}/journal` - Create entry
+- `GET /runs/{run_id}/journal/{entry_id}` - Get single entry
+- `PUT /runs/{run_id}/journal/{entry_id}` - Update entry
+- `DELETE /runs/{run_id}/journal/{entry_id}` - Delete entry

.beans/nuzlocke-tracker-xd9j--add-team-snapshot-to-boss-battle-results.md

@@ -0,0 +1,20 @@
+---
+# nuzlocke-tracker-xd9j
+title: Add team snapshot to boss battle results
+status: todo
+type: feature
+priority: low
+created_at: 2026-03-20T15:11:53Z
+updated_at: 2026-03-20T15:12:32Z
+parent: nuzlocke-tracker-neqv
+---
+
+When recording a boss battle result, allow the player to snapshot which alive team pokemon they used and at what levels. This gives a record of "what I brought to the fight."
+
+## Checklist
+- [ ] **Migration**: Create \`boss_result_team\` table (\`id\`, \`boss_result_id\` FK, \`encounter_id\` FK, \`level\`)
+- [ ] **Model**: Create \`BossResultTeam\` model, add relationship to \`BossResult\`
+- [ ] **Schemas**: Add \`BossResultTeamInput\` and update \`BossResultCreate\`/\`BossResultResponse\`
+- [ ] **API**: Update \`POST /runs/{run_id}/boss-results\` to accept and save team snapshot
+- [ ] **BossDefeatModal**: Add checkboxes for alive team members with optional level override
+- [ ] **Display**: Show team snapshot when viewing past boss results in \`RunEncounters.tsx\`