rohskiddo/UMBRA
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
81 Commits 29 Branches 0 Tags
Commit Graph

5 Commits

Author SHA1 Message Date
Kyle Pope
79b3097410 Fix QA review issues: transaction safety, validation, accessibility 
Critical fixes:
- [C1] _reactivate_recurring_todos now uses flush + with_for_update
  instead of mid-request commit; get_todos commits the full transaction
- [C2] recurrence_rule validated via Literal["daily","weekly","monthly"]
  in Pydantic schemas (rejects invalid values with 422)

Warnings fixed:
- [W3] Clear due_time when due_date is set to null in update endpoint

Suggestions applied:
- [S2] Wrap filteredTodos in useMemo for consistent memoization
- [S6] Add aria-labels to edit/delete icon buttons

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-23 20:38:01 +08:00
Kyle Pope
66ad8902d7 Calculate recurrence schedule on todo update, not just toggle 
When editing an already-completed todo to add/change recurrence or
due_date, recalculate reset_at and next_due_date so the reset info
displays immediately without needing to uncomplete and re-complete.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-23 20:09:42 +08:00
Kyle Pope
46d4c5e28b Implement todo recurrence logic with auto-reset scheduling 
Backend:
- Add reset_at (datetime) and next_due_date (date) columns to todos
- Toggle endpoint calculates reset schedule when completing recurring todos:
  daily resets next day, weekly resets start of next week (respects
  first_day_of_week setting), monthly resets 1st of next month
- GET /todos auto-reactivates recurring todos whose reset_at has passed,
  updating due_date to next_due_date and clearing completion state
- Alembic migration 014

Frontend:
- Add reset_at and next_due_date to Todo type
- TodoItem shows recurrence badge (Daily/Weekly/Monthly) in purple
- Completed recurring todos display reset info:
  "Resets Mon 02/03/26 · Next due 06/03/26"

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-23 17:04:12 +08:00
Kyle Pope
1aaa2b3a74 Fix code review findings: security hardening and frontend fixes 
Backend:
- Add rate limiting to login (5 attempts / 5 min window)
- Add secure flag to session cookies with helper function
- Add PIN min-length validation via Pydantic field_validator
- Fix naive datetime usage in todos.py (datetime.now() not UTC)
- Disable SQLAlchemy echo in production
- Remove auto-commit from get_db to prevent double commits
- Add lower bound filter to upcoming events query
- Add SECRET_KEY default warning on startup
- Remove create_all from lifespan (Alembic handles migrations)

Frontend:
- Fix ReminderForm remind_at slice for datetime-local input
- Add window.confirm() dialogs on all destructive actions
- Redirect authenticated users away from login screen
- Replace error: any with getErrorMessage helper in LockScreen

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 07:49:21 +08:00
Kyle Pope
1f6519635f Initial commit 2026-02-15 16:13:41 +08:00