rohskiddo/UMBRA
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
UMBRA/backend/alembic/versions
History
Kyle Pope bcfebbc9ae feat(backend): Phase 1 passwordless login — migration, models, toggle endpoints, unlock, delete guard, admin controls 
- Migration 062: adds users.passwordless_enabled and system_config.allow_passwordless (both default false)
- User model: passwordless_enabled field after must_change_password
- SystemConfig model: allow_passwordless field after enforce_mfa_new_users
- auth.py login(): block passwordless-enabled accounts from password login path (403) with audit log
- auth.py auth_status(): change has_passkeys query to full COUNT, add passkey_count + passwordless_enabled to response
- auth.py get_current_user(): add /api/auth/passkeys/login/begin and /login/complete to lock_exempt set
- passkeys.py: add PasswordlessEnableRequest + PasswordlessDisableRequest schemas
- passkeys.py: PUT /passwordless/enable — verify password, check system config, require >= 2 passkeys, set flag
- passkeys.py: POST /passwordless/disable/begin — generate user-bound challenge for passkey auth ceremony
- passkeys.py: PUT /passwordless/disable — verify passkey auth response, clear flag, update sign count
- passkeys.py: PasskeyLoginCompleteRequest.unlock field — passkey re-auth into locked session without new session
- passkeys.py: delete guard — 409 if passwordless user attempts to drop below 2 passkeys
- schemas/admin.py: add passwordless_enabled to UserListItem + UserDetailResponse; add allow_passwordless to SystemConfigResponse + SystemConfigUpdate; add TogglePasswordlessRequest
- admin.py: PUT /users/{user_id}/passwordless — admin-only disable (enabled=False only), revokes all sessions, audit log
- admin.py: update_system_config handles allow_passwordless field

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-18 00:15:39 +08:00
..
001_initial_migration.py
Initial commit
2026-02-15 16:13:41 +08:00
002_add_subtasks.py
Add subtasks feature to project tasks
2026-02-16 01:31:46 +08:00
003_add_preferred_name.py
Dashboard personalization: preferred name, colored dots, smart briefing
2026-02-20 07:37:43 +08:00
004_add_starred_and_weather_city.py
Dashboard Phase 2: weather widget, starred events, quick add, thinner events
2026-02-20 13:15:43 +08:00
005_add_weather_coordinates.py
Add coordinate-based weather lookup with location search
2026-02-21 12:11:02 +08:00
006_add_calendars.py
Add multi-calendar backend support with virtual birthday events
2026-02-21 19:07:35 +08:00
007_add_recurrence_fields.py
Add materialized recurring events backend
2026-02-22 00:37:21 +08:00
008_add_first_day_of_week.py
Add first day of week setting and fix calendar header alignment
2026-02-22 01:33:45 +08:00
009_add_task_comments.py
ProjectDetail overhaul: master-detail layout, comments, sorting, kanban
2026-02-22 03:22:44 +08:00
010_make_remind_at_nullable.py
Global enhancements: none priority, optional remind_at, required labels, textarea flex, remove color picker
2026-02-22 11:58:19 +08:00
011_add_event_templates.py
Calendar enhancements: scroll navigation, birthday color editing, event templates
2026-02-22 17:34:16 +08:00
012_add_project_is_tracked.py
Add track project feature with sidebar nav and dashboard widget
2026-02-23 01:20:36 +08:00
013_drop_template_duration.py
Remove duration_minutes from event templates, auto-prefill event times
2026-02-23 10:55:27 +08:00
014_add_todo_recurrence_fields.py
Implement todo recurrence logic with auto-reset scheduling
2026-02-23 17:04:12 +08:00
015_add_todo_due_time.py
Add optional due time to todos, fix date not being optional
2026-02-23 19:59:38 +08:00
016_add_todo_indexes_and_defaults.py
Address remaining QA items: indexes, validation, UX improvements
2026-02-23 21:24:59 +08:00
017_add_reminder_snoozed_until.py
Address remaining QA items: index, validation, accessibility, guard
2026-02-24 01:02:19 +08:00
018_extend_due_lookup_index.py
Fix migration 018: use DROP INDEX IF EXISTS for safety
2026-02-24 04:07:51 +08:00
019_extend_person_model.py
Entity pages enhancement: backend model extensions, shared components, Locations rebuild, panel animations
2026-02-24 21:10:26 +08:00
020_extend_location_model.py
Entity pages enhancement: backend model extensions, shared components, Locations rebuild, panel animations
2026-02-24 21:10:26 +08:00
021_drop_person_relationship_column.py
Address all QA review warnings and suggestions for entity pages
2026-02-25 01:04:20 +08:00
022_add_ntfy_settings_and_sent_table.py
Implement Track C: NTFY push notification integration
2026-02-25 04:04:23 +08:00
023_auth_migration_users_sessions.py
Address QA review: model registry, NOT NULL constraint, variable naming, toggle defaults, lockout UX
2026-02-25 04:34:21 +08:00
024_totp_mfa_tables.py
Implement Stage 6 Track B: TOTP MFA (pyotp, Fernet-encrypted secrets, backup codes)
2026-02-25 04:18:05 +08:00
025_add_auto_lock_settings.py
Add lock screen, auto-lock timeout, and login visual upgrade
2026-02-25 10:03:12 +08:00
026_add_user_role_and_system_config.py
Fix QA review findings: C-01 through C-04, W-01 through W-07, S-01/S-04/S-05/S-06
2026-02-26 19:19:04 +08:00
027_add_user_id_to_todos.py
Implement multi-user RBAC: database, auth, routing, admin API (Phases 1-6)
2026-02-26 19:06:25 +08:00
028_add_user_id_to_reminders.py
Implement multi-user RBAC: database, auth, routing, admin API (Phases 1-6)
2026-02-26 19:06:25 +08:00
029_add_user_id_to_projects.py
Implement multi-user RBAC: database, auth, routing, admin API (Phases 1-6)
2026-02-26 19:06:25 +08:00
030_add_user_id_to_calendars.py
Fix migration 030 failing on fresh DB with no admin user
2026-02-27 04:49:57 +08:00
031_add_user_id_to_people.py
Implement multi-user RBAC: database, auth, routing, admin API (Phases 1-6)
2026-02-26 19:06:25 +08:00
032_add_user_id_to_locations.py
Implement multi-user RBAC: database, auth, routing, admin API (Phases 1-6)
2026-02-26 19:06:25 +08:00
033_add_user_id_to_event_templates.py
Implement multi-user RBAC: database, auth, routing, admin API (Phases 1-6)
2026-02-26 19:06:25 +08:00
034_add_user_id_to_ntfy_sent.py
Fix migration 034 failing on fresh DB: drop index not constraint
2026-02-27 06:06:13 +08:00
035_add_performance_indexes.py
Fix QA review #2: W-03/W-04, S-01 through S-04
2026-02-27 05:41:16 +08:00
036_add_cascade_to_transitive_fks.py
Add admin delete-user with full cascade cleanup
2026-02-27 19:20:47 +08:00
037_add_user_profile_fields.py
Add user profile fields + IAM search, email column, detail panel
2026-02-27 22:40:20 +08:00
038_add_date_of_birth_and_email_partial_index.py
Add required email + date of birth to registration, shared validators, partial index
2026-03-02 19:21:11 +08:00
039_add_umbral_name_to_users.py
Add user connections, notification centre, and people integration
2026-03-04 02:10:16 +08:00
040_expand_settings_profile_social.py
Add user connections, notification centre, and people integration
2026-03-04 02:10:16 +08:00
041_create_notifications_table.py
Add user connections, notification centre, and people integration
2026-03-04 02:10:16 +08:00
042_create_connection_tables.py
Add user connections, notification centre, and people integration
2026-03-04 02:10:16 +08:00
043_add_linked_fields_to_people.py
Add user connections, notification centre, and people integration
2026-03-04 02:10:16 +08:00
044_add_notification_type_check.py
Fix QA W-01/W-05/W-06/W-08: cancel requests, detach umbral, notifications
2026-03-04 07:17:31 +08:00
045_add_share_name_fields.py
Fix notification background polling, add first/last name sharing
2026-03-04 07:34:13 +08:00
046_add_person_id_to_connection_requests.py
Add umbral name header, preferred name field, and link button for contacts
2026-03-04 08:37:01 +08:00
047_add_is_shared_to_calendars.py
Phase 1: Schema and models for shared calendars
2026-03-06 03:22:44 +08:00
048_create_calendar_members.py
Phase 1: Schema and models for shared calendars
2026-03-06 03:22:44 +08:00
049_create_event_locks.py
Phase 1: Schema and models for shared calendars
2026-03-06 03:22:44 +08:00
050_expand_notification_types_calendar.py
Phase 1: Schema and models for shared calendars
2026-03-06 03:22:44 +08:00
051_add_updated_by_to_calendar_events.py
Phase 1: Schema and models for shared calendars
2026-03-06 03:22:44 +08:00
052_add_session_lock_columns.py
Fix lock screen bypass, theme flicker, skeleton flash, and sidebar click target
2026-03-12 19:00:55 +08:00
053_add_composite_indexes.py
Phase 3: Backend queries and indexes optimization
2026-03-13 00:08:45 +08:00
054_event_invitations.py
Implement event invitation feature (invite, RSVP, per-occurrence override, leave)
2026-03-15 02:47:27 +08:00
055_add_display_calendar_to_event_invitations.py
Fix QA review findings: C-01, C-02, W-01, W-02, W-04, S-01, S-02, S-03
2026-03-16 20:27:01 +08:00
056_add_can_modify_to_event_invitations.py
Add per-invitee can_modify toggle for event edit access
2026-03-17 00:59:36 +08:00
057_project_collab_prep.py
Fix migration 057: use IF NOT EXISTS for indexes that may pre-exist
2026-03-17 03:30:19 +08:00
058_project_members.py
Add collaborative project sharing, task assignments, and delta polling
2026-03-17 03:18:35 +08:00
059_project_task_assignments.py
Add collaborative project sharing, task assignments, and delta polling
2026-03-17 03:18:35 +08:00
060_expand_notification_types_project.py
Add project notification types to CHECK constraint (migration 060)
2026-03-17 03:54:54 +08:00
061_add_passkey_credentials.py
Phase 1: Add passkey (WebAuthn/FIDO2) backend
2026-03-17 22:46:00 +08:00
062_passwordless_login.py
feat(backend): Phase 1 passwordless login — migration, models, toggle endpoints, unlock, delete guard, admin controls
2026-03-18 00:15:39 +08:00