Resolved a critical issue preventing the first user from registering on newly deployed instances. The fix includes:
- Added missing logger import in `backend/auth_routes.py`, resolving a "logger not defined" error.
- Improved the `owner` check in `backend/app.py` to account for missing `is_owner` column during initial database migrations.
- Implemented graceful error handling for column existence checks to prevent runtime failures during startup.
- These fixes ensure smooth initial registration without internal server errors on fresh deployments.
This major update introduces several significant new features, critical bug fixes, and key enhancements across the application, focusing on user customization, administration, and system stability.
New Features
Currency Position Control: Allows users to choose whether the currency symbol appears on the left or right of numbers. This setting is applied universally across the app, including warranty cards and forms, and is saved per-user.
Super-Admin (Owner) Role: Implements an immutable Owner role for the primary administrator, who cannot be deleted or demoted. A secure ownership transfer process has been added to the admin settings.
OIDC-Only Login Mode: Adds a site-wide setting to enforce OIDC-only authentication, which hides the traditional username/password login form to streamline SSO environments.
Product Age Tracking & Sorting: Displays the age of a product (e.g., "2 years, 3 months") on warranty cards and adds a new "Sort by Age" option to organize items by their purchase date.
Global View Photo Access: Permits users to view product photos on warranties shared in global view, while ensuring other sensitive documents like invoices remain private to the owner.
Persistent View Scope: The application now remembers the user's last selected view (Global or Personal) and automatically loads the appropriate data on page refresh for a seamless experience.
Export Debug Tools: Introduces a comprehensive debugging system, including a new debug page and API endpoint, to help administrators troubleshoot and verify warranty exports.
Key Enhancements
About Page Redesign: A complete visual overhaul of the "About" page with a modern, card-based layout, prominent community links, and improved branding.
Flexible Apprise Notifications: Admins can now configure Apprise notifications to be a single global summary or sent as per-user messages. Additionally, the scope can be set to include warranties from all users or only the admin's warranties.
Larger Product Photo Thumbnails: Increased the size of product photo thumbnails in all views (grid, list, and table) for better product visibility.
Smart Currency Default: The "Add Warranty" form now intelligently defaults to the user's preferred currency setting, rather than always using USD.
Bug Fixes
Critical OIDC & Proxy Fixes: Resolved two major OIDC issues: a RecursionError with gevent workers and incorrect http:// callback URLs when behind an HTTPS reverse proxy, enabling reliable OIDC login.
Critical User Preferences Persistence: Fixed a bug where user settings for currency symbol and date format were not being saved correctly to the database.
Apprise & Notification Settings: Corrected an issue preventing user notification channel and Apprise timing settings from saving. The Apprise message format is now standardized, and the admin UI has been cleaned up.
CSV Import Currency: Ensured that warranties imported via CSV correctly use the user's preferred currency instead of defaulting to USD.
Maintenance & Refactoring
Authentication System Refactoring: Migrated all authentication-related routes from app.py into a dedicated Flask Blueprint (auth_routes.py) to improve code organization and maintainability.
Legacy Code Cleanup: Removed over 290 lines of orphaned and commented-out legacy OIDC code from the main application file.
### Major Features
- **Public Global Warranty View:** All authenticated users can now view global warranties. Admins retain full control; regular users get read-only access to others’ warranties.
- **Global View Admin Controls:** Admins can now toggle global view availability and limit it to admins only via site settings.
- **Global Status Dashboard View:** Extended global view to warranty statistics and dashboards with full permissions enforcement.
- **Apprise Push Notifications:** Integrated Apprise for multi-platform warranty alerts with extensive backend and frontend support (80+ services).
- **Warranty Type Filtering/Sorting:** Introduced dynamic, case-insensitive filtering and sorting by warranty type on the main page.
- **Admin Global Warranty View:** Dedicated admin tools and UI for viewing all warranties with enhanced styling and user info.
### UX/UI Enhancements
- **Product Photo Thumbnails:** Added interactive, responsive photo previews on warranty cards across all views.
- **Updated Footer Links:** All "Powered by Warracker" footers now link to the official website (`https://warracker.com`).
### Fixes and Stability Improvements
- **Status Dashboard Chart Fixes:** Resolved canvas reuse errors and chart switching issues.
- **CSS Cache Busting:** Ensured consistent styling across domain/IP access by versioning CSS/JS and updating service worker.
- **Settings Access Fixes:** Regular users can now access the settings page without triggering admin-only API calls.
- **Settings Persistence Fixes:** Addressed major frontend/backend issues preventing correct saving/loading of user preferences.
- **Notification Timing Overhaul:** Rewrote logic for precise notification delivery and implemented duplicate prevention.
### Security and Technical Enhancements
- Global view maintains secure ownership enforcement.
- Improved permission checks, graceful degradation, and responsive design across all new features.
This update resolves several critical bugs and introduces enhancements for improved reliability and UX:
View Preference Persistence:
Fixed issues where user view preferences (Grid/List/Table) weren't retained across logins or tabs. Changes span both backend and frontend to ensure proper key prefixing and prevent overwrites or sync issues.
Password Management Fixes:
Added missing /api/auth/password/change endpoint. Fixed password reset behavior and improved frontend error handling for clarity and accuracy.
SMTP Port 587 (STARTTLS) Support:
Updated email logic to reliably support both SMTPS (port 465) and STARTTLS (port 587), ensuring compatibility with major email services.
UI Consistency:
Standardized headers across auth pages and made the app title consistently clickable for improved navigation.
Branding Enhancement:
Updated footer links from GitHub to the official Warracker site across all major pages for better branding and user guidance.
This update introduces comprehensive OpenID Connect (OIDC) Single Sign-On support with dynamic configuration via the database and full frontend/backend integration. Key additions include:
- OIDC SSO login via external providers (e.g., Google, Keycloak), with automatic user provisioning and session linking.
- Admin settings UI for enabling/disabling SSO and managing provider credentials.
- Provider-branded SSO buttons with dynamic labels, icons, and styles.
- Exact warranty expiration date support alongside duration-based input, with full validation and UI enhancements.
- Full UI responsiveness for warranty field updates, tag creation, and note editing.
- Memory usage optimization for low-resource deployments via configurable modes (optimized, ultra-light, performance).
- Numerous fixes for SSO authentication flow, UI sync issues, database constraints, and modal interactions.
- Upgraded dependencies for security, performance, and compatibility (Flask 3.0.3, Gunicorn 23.0.0, etc.).
- Frontend improvements: Chart.js loading fix, tooltips for long product names, and dark/light mode-compatible footer.
This release significantly improves authentication flexibility, performance, and user experience across all major components.
sassanix