nuzlocke-tracker

pokemon/nuzlocke-tracker

Fork 0

Commit Graph

Author	SHA1	Message	Date
Julian Tabel	7a828d7215	feat: add optional TOTP MFA for email/password accounts All checks were successful CI / backend-tests (pull_request) Successful in 26s Details CI / frontend-tests (pull_request) Successful in 28s Details - Add MFA enrollment UI in new Settings page with QR code and backup secret - Add TOTP challenge step to login flow for enrolled users - Check AAL after login and show TOTP input when aal2 required - Add disable MFA option with TOTP re-verification - Only show MFA options for email/password users (not OAuth) - Add Settings link to user dropdown menu Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-21 13:56:48 +01:00
Julian Tabel	e8ded9184b	feat: auth-aware UI and role-based access control (#67 ) All checks were successful CI / backend-tests (push) Successful in 32s Details CI / frontend-tests (push) Successful in 29s Details ## Summary - Add `is_admin` column to users table with Alembic migration and a `require_admin` FastAPI dependency that protects all admin-facing write endpoints (games, pokemon, evolutions, bosses, routes CRUD) - Expose admin status to frontend via user API and update AuthContext to fetch/store `isAdmin` after login - Make navigation menu auth-aware (different links for logged-out, logged-in, and admin users) and protect frontend routes with `ProtectedRoute` and `AdminRoute` components, preserving deep-linking through redirects - Fix test reliability: `drop_all` before `create_all` to clear stale PostgreSQL enums from interrupted test runs - Fix test auth: add `admin_client` fixture and use valid UUID for mock user so tests pass with new admin-protected endpoints ## Test plan - [x] All 252 backend tests pass - [ ] Verify non-admin users cannot access admin write endpoints (games, pokemon, evolutions, bosses CRUD) - [ ] Verify admin users can access admin endpoints normally - [ ] Verify navigation shows correct links for logged-out, logged-in, and admin states - [ ] Verify `/admin/*` routes redirect non-admin users with a toast - [ ] Verify `/runs/new` and `/genlockes/new` redirect unauthenticated users to login, then back after auth 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: #67 Co-authored-by: Julian Tabel <juliantabel.jt@gmail.com> Co-committed-by: Julian Tabel <juliantabel.jt@gmail.com>	2026-03-21 11:44:05 +01:00
Julian Tabel	0a519e356e	feat: add auth system, boss pokemon details, moves/abilities API, and run ownership Some checks failed CI / backend-tests (push) Failing after 1m16s Details CI / frontend-tests (push) Successful in 57s Details Add user authentication with login/signup/protected routes, boss pokemon detail fields and result team tracking, moves and abilities selector components and API, run ownership and visibility controls, and various UI improvements across encounters, run list, and journal pages. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-20 21:41:38 +01:00

Author

SHA1

Message

Date

Julian Tabel

7a828d7215

feat: add optional TOTP MFA for email/password accounts

CI / backend-tests (pull_request) Successful in 26s

Details

CI / frontend-tests (pull_request) Successful in 28s

Details

- Add MFA enrollment UI in new Settings page with QR code and backup secret
- Add TOTP challenge step to login flow for enrolled users
- Check AAL after login and show TOTP input when aal2 required
- Add disable MFA option with TOTP re-verification
- Only show MFA options for email/password users (not OAuth)
- Add Settings link to user dropdown menu

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-21 13:56:48 +01:00

Julian Tabel

e8ded9184b

feat: auth-aware UI and role-based access control (#67 )

CI / backend-tests (push) Successful in 32s

Details

CI / frontend-tests (push) Successful in 29s

Details

## Summary

- Add `is_admin` column to users table with Alembic migration and a `require_admin` FastAPI dependency that protects all admin-facing write endpoints (games, pokemon, evolutions, bosses, routes CRUD)
- Expose admin status to frontend via user API and update AuthContext to fetch/store `isAdmin` after login
- Make navigation menu auth-aware (different links for logged-out, logged-in, and admin users) and protect frontend routes with `ProtectedRoute` and `AdminRoute` components, preserving deep-linking through redirects
- Fix test reliability: `drop_all` before `create_all` to clear stale PostgreSQL enums from interrupted test runs
- Fix test auth: add `admin_client` fixture and use valid UUID for mock user so tests pass with new admin-protected endpoints

## Test plan

- [x] All 252 backend tests pass
- [ ] Verify non-admin users cannot access admin write endpoints (games, pokemon, evolutions, bosses CRUD)
- [ ] Verify admin users can access admin endpoints normally
- [ ] Verify navigation shows correct links for logged-out, logged-in, and admin states
- [ ] Verify `/admin/*` routes redirect non-admin users with a toast
- [ ] Verify `/runs/new` and `/genlockes/new` redirect unauthenticated users to login, then back after auth

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Reviewed-on: #67
Co-authored-by: Julian Tabel <juliantabel.jt@gmail.com>
Co-committed-by: Julian Tabel <juliantabel.jt@gmail.com>

2026-03-21 11:44:05 +01:00

Julian Tabel

0a519e356e

feat: add auth system, boss pokemon details, moves/abilities API, and run ownership

CI / backend-tests (push) Failing after 1m16s

Details

CI / frontend-tests (push) Successful in 57s

Details

Add user authentication with login/signup/protected routes, boss pokemon
detail fields and result team tracking, moves and abilities selector
components and API, run ownership and visibility controls, and various
UI improvements across encounters, run list, and journal pages.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-20 21:41:38 +01:00

3 Commits