pokemon/nuzlocke-tracker
1
1
Fork 0
Code Issues Pull Requests 10 Actions Packages Projects Releases Wiki Activity
Files
e8ded9184b34c2de44d4f54a607e30efd3c3586e
nuzlocke-tracker/backend
History
Julian Tabel e8ded9184b
All checks were successful
CI / backend-tests (push) Successful in 32s
Details
CI / frontend-tests (push) Successful in 29s
Details
feat: auth-aware UI and role-based access control (#67) 
## Summary

- Add `is_admin` column to users table with Alembic migration and a `require_admin` FastAPI dependency that protects all admin-facing write endpoints (games, pokemon, evolutions, bosses, routes CRUD)
- Expose admin status to frontend via user API and update AuthContext to fetch/store `isAdmin` after login
- Make navigation menu auth-aware (different links for logged-out, logged-in, and admin users) and protect frontend routes with `ProtectedRoute` and `AdminRoute` components, preserving deep-linking through redirects
- Fix test reliability: `drop_all` before `create_all` to clear stale PostgreSQL enums from interrupted test runs
- Fix test auth: add `admin_client` fixture and use valid UUID for mock user so tests pass with new admin-protected endpoints

## Test plan

- [x] All 252 backend tests pass
- [ ] Verify non-admin users cannot access admin write endpoints (games, pokemon, evolutions, bosses CRUD)
- [ ] Verify admin users can access admin endpoints normally
- [ ] Verify navigation shows correct links for logged-out, logged-in, and admin states
- [ ] Verify `/admin/*` routes redirect non-admin users with a toast
- [ ] Verify `/runs/new` and `/genlockes/new` redirect unauthenticated users to login, then back after auth

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Reviewed-on: #67
Co-authored-by: Julian Tabel <juliantabel.jt@gmail.com>
Co-committed-by: Julian Tabel <juliantabel.jt@gmail.com>
2026-03-21 11:44:05 +01:00
..
scripts
feat: add auth system, boss pokemon details, moves/abilities API, and run ownership
2026-03-20 21:41:38 +01:00
src/app
feat: auth-aware UI and role-based access control (#67)
2026-03-21 11:44:05 +01:00
tests
feat: auth-aware UI and role-based access control (#67)
2026-03-21 11:44:05 +01:00
.dockerignore
.env.example
feat: add auth system, boss pokemon details, moves/abilities API, and run ownership
2026-03-20 21:41:38 +01:00
.gitignore
.tool-versions
Add backend tool-versions and update bean status
2026-03-20 15:29:22 +01:00
alembic.ini
Dockerfile
Change Dockerfile ordering
2026-02-13 15:53:22 +01:00
Dockerfile.prod
pyproject.toml
feat: add auth system, boss pokemon details, moves/abilities API, and run ownership
2026-03-20 21:41:38 +01:00
README.md
uv.lock
chore: archive 42 completed/scrapped beans
2026-03-20 21:31:23 +01:00

README.md

Nuzlocke Tracker API

Backend API for the Nuzlocke Tracker application, built with FastAPI.

Development Setup

Option 1: Docker (Recommended)

From the project root:

docker compose up

This starts the API, frontend, and PostgreSQL database with hot reload enabled.

Option 2: Local Setup

  1. Create and activate virtual environment:

    python -m venv .venv
source .venv/bin/activate  # On Windows: .venv\Scripts\activate

  2. Install dependencies:

    pip install -e ".[dev]"

  3. Copy environment file:

    cp .env.example .env

  4. Run the development server:

    uvicorn app.main:app --reload --app-dir src

The API will be available at http://localhost:8000

API Documentation

Project Structure

backend/
├── src/
│   └── app/
│       ├── api/          # API routes
│       ├── core/         # Core configuration
│       ├── models/       # Database models
│       ├── schemas/      # Pydantic schemas
│       └── services/     # Business logic
├── tests/                # Test files
├── pyproject.toml        # Project configuration
└── .env.example          # Example environment variables

Linting & Formatting

ruff check .        # Check for issues
ruff check . --fix  # Fix auto-fixable issues
ruff format .       # Format code
Reference in New Issue View Git Blame Copy Permalink