### Highlights:
- **Environment Variable Precedence Fix:** Corrected config loading logic to prioritize environment variables over database defaults on fresh installations. Ensured OIDC, Apprise, and email settings are now correctly derived from `.env` files. Also fixed the `/api/auth/oidc-status` endpoint to reflect the true state.
- **PostgreSQL Migration Permissions:** Updated migration scripts to avoid `CREATEROLE` errors on standard DB users by using `DO` blocks with graceful fallbacks.
### Major Code Refactoring:
- **Blueprint Extraction:**
- Moved admin, warranty, tag, file handling, and statistics routes into dedicated Flask Blueprints for improved maintainability.
- Introduced `file_routes.py`, `tags_routes.py`, `admin_routes.py`, `warranties_routes.py`, and `statistics_routes.py`.
- **Application Factory Pattern:**
- Adopted the Flask Application Factory pattern using `create_app()` for modular, testable architecture.
- Added `config.py`, centralized `extensions.py`, and simplified `app.py` to a minimal entry point.
### Additional Fixes:
- Restored missing `/api/currencies` and `/api/settings/global-view-status` endpoints.
- Fixed status page warranty expansion and toast notification issues.
- Updated frontend logic to properly show Paperless-ngx documents on warranty cards and status page.
### Impact:
- Configuration via Docker `.env` now works reliably.
- Application can now run on standard PostgreSQL setups.
- Codebase is modular and easier to maintain.
- Frontend issues related to missing endpoints and document visibility are resolved.
### Enhanced
- Implemented comprehensive cache busting with version `v=20250118001` across all HTML, CSS, JS, and service worker assets.
- Updated service worker to force cache refresh and manage new asset list.
- Improved performance and consistency with synchronized frontend and PWA cache handling.
### Added
- Introduced full internationalization support for 17 languages including RTL support for Arabic and Persian.
- Language detection, native name display, and instant switching without reload.
- Updated UI, dropdowns, and translation files for complete multilingual experience.
### Fixed
- Resolved Paperless-ngx document auto-linking when adding a warranty (file association now preserved pre-reset).
- Prevented duplicate toast warnings when submitting forms with missing fields.
### Backend
- Extended language code validation and updated DB constraints for new language support.
### Files
- HTML, JS, CSS, service worker, translation files, and backend routes/migrations.
Introduced full integration with Paperless-ngx to enable intelligent document management and flexible storage options.
Key changes:
- Added admin settings section for configuring Paperless-ngx (server URL, API token, connection testing, toggle).
- Implemented hybrid storage logic in `backend/app.py` allowing per-document selection between local and Paperless-ngx.
- Enhanced warranty card UI with visual indicators for storage location (cloud vs. local icons).
- Integrated storage selection and upload process into both Add and Edit Warranty workflows with parity.
- Enabled direct access to Paperless-ngx documents via the warranty interface.
- Ensured automatic cleanup of old documents when storage preference is switched.
Affected files:
- `backend/app.py`
- `frontend/script.js`
- `frontend/settings-new.html`
- `frontend/settings-new.js`
This major update introduces several significant new features, critical bug fixes, and key enhancements across the application, focusing on user customization, administration, and system stability.
New Features
Currency Position Control: Allows users to choose whether the currency symbol appears on the left or right of numbers. This setting is applied universally across the app, including warranty cards and forms, and is saved per-user.
Super-Admin (Owner) Role: Implements an immutable Owner role for the primary administrator, who cannot be deleted or demoted. A secure ownership transfer process has been added to the admin settings.
OIDC-Only Login Mode: Adds a site-wide setting to enforce OIDC-only authentication, which hides the traditional username/password login form to streamline SSO environments.
Product Age Tracking & Sorting: Displays the age of a product (e.g., "2 years, 3 months") on warranty cards and adds a new "Sort by Age" option to organize items by their purchase date.
Global View Photo Access: Permits users to view product photos on warranties shared in global view, while ensuring other sensitive documents like invoices remain private to the owner.
Persistent View Scope: The application now remembers the user's last selected view (Global or Personal) and automatically loads the appropriate data on page refresh for a seamless experience.
Export Debug Tools: Introduces a comprehensive debugging system, including a new debug page and API endpoint, to help administrators troubleshoot and verify warranty exports.
Key Enhancements
About Page Redesign: A complete visual overhaul of the "About" page with a modern, card-based layout, prominent community links, and improved branding.
Flexible Apprise Notifications: Admins can now configure Apprise notifications to be a single global summary or sent as per-user messages. Additionally, the scope can be set to include warranties from all users or only the admin's warranties.
Larger Product Photo Thumbnails: Increased the size of product photo thumbnails in all views (grid, list, and table) for better product visibility.
Smart Currency Default: The "Add Warranty" form now intelligently defaults to the user's preferred currency setting, rather than always using USD.
Bug Fixes
Critical OIDC & Proxy Fixes: Resolved two major OIDC issues: a RecursionError with gevent workers and incorrect http:// callback URLs when behind an HTTPS reverse proxy, enabling reliable OIDC login.
Critical User Preferences Persistence: Fixed a bug where user settings for currency symbol and date format were not being saved correctly to the database.
Apprise & Notification Settings: Corrected an issue preventing user notification channel and Apprise timing settings from saving. The Apprise message format is now standardized, and the admin UI has been cleaned up.
CSV Import Currency: Ensured that warranties imported via CSV correctly use the user's preferred currency instead of defaulting to USD.
Maintenance & Refactoring
Authentication System Refactoring: Migrated all authentication-related routes from app.py into a dedicated Flask Blueprint (auth_routes.py) to improve code organization and maintainability.
Legacy Code Cleanup: Removed over 290 lines of orphaned and commented-out legacy OIDC code from the main application file.
### Major Features
- **Public Global Warranty View:** All authenticated users can now view global warranties. Admins retain full control; regular users get read-only access to others’ warranties.
- **Global View Admin Controls:** Admins can now toggle global view availability and limit it to admins only via site settings.
- **Global Status Dashboard View:** Extended global view to warranty statistics and dashboards with full permissions enforcement.
- **Apprise Push Notifications:** Integrated Apprise for multi-platform warranty alerts with extensive backend and frontend support (80+ services).
- **Warranty Type Filtering/Sorting:** Introduced dynamic, case-insensitive filtering and sorting by warranty type on the main page.
- **Admin Global Warranty View:** Dedicated admin tools and UI for viewing all warranties with enhanced styling and user info.
### UX/UI Enhancements
- **Product Photo Thumbnails:** Added interactive, responsive photo previews on warranty cards across all views.
- **Updated Footer Links:** All "Powered by Warracker" footers now link to the official website (`https://warracker.com`).
### Fixes and Stability Improvements
- **Status Dashboard Chart Fixes:** Resolved canvas reuse errors and chart switching issues.
- **CSS Cache Busting:** Ensured consistent styling across domain/IP access by versioning CSS/JS and updating service worker.
- **Settings Access Fixes:** Regular users can now access the settings page without triggering admin-only API calls.
- **Settings Persistence Fixes:** Addressed major frontend/backend issues preventing correct saving/loading of user preferences.
- **Notification Timing Overhaul:** Rewrote logic for precise notification delivery and implemented duplicate prevention.
### Security and Technical Enhancements
- Global view maintains secure ownership enforcement.
- Improved permission checks, graceful degradation, and responsive design across all new features.
This update introduces comprehensive OpenID Connect (OIDC) Single Sign-On support with dynamic configuration via the database and full frontend/backend integration. Key additions include:
- OIDC SSO login via external providers (e.g., Google, Keycloak), with automatic user provisioning and session linking.
- Admin settings UI for enabling/disabling SSO and managing provider credentials.
- Provider-branded SSO buttons with dynamic labels, icons, and styles.
- Exact warranty expiration date support alongside duration-based input, with full validation and UI enhancements.
- Full UI responsiveness for warranty field updates, tag creation, and note editing.
- Memory usage optimization for low-resource deployments via configurable modes (optimized, ultra-light, performance).
- Numerous fixes for SSO authentication flow, UI sync issues, database constraints, and modal interactions.
- Upgraded dependencies for security, performance, and compatibility (Flask 3.0.3, Gunicorn 23.0.0, etc.).
- Frontend improvements: Chart.js loading fix, tooltips for long product names, and dark/light mode-compatible footer.
This release significantly improves authentication flexibility, performance, and user experience across all major components.
Refer to changelogs for more details.
- Replaced single warranty period field with separate Year/Month/Day inputs
- Added support for uploading ZIP/RAR documents to warranties
- Made JWT secret and upload size limits configurable via environment variables
- Fixed backend indentation error, SQL migration bug, and smtplib re-import
- Cleaned up obsolete frontend settings files
1. **Simplified nginx configuration:**
- Changed from `root /data` back to `alias /data/uploads/` which is the correct way to map `/uploads/` to `/data/uploads/`
- Removed potentially conflicting location blocks
- Fixed the error handling to not redirect upload 404s to the index page
2. **Improved startup script:**
- Added checking and reporting of directory permissions
- Added explicit chmod during startup
3. **Simplified Flask route:**
- Removed all the complex debugging code
- Returned to a simple `send_from_directory` call
4. **Added a basic test file:**
- Created ping.html to test basic nginx functionality
Fixed API Connection Issue
Changed the Nginx proxy configuration from proxy_pass http://localhost:5000; to proxy_pass http://127.0.0.1:5000; in the container's configuration
This resolved the "ERR_CONNECTION_REFUSED" error by ensuring proper communication between Nginx and the Flask backend within the Docker container
Fixed Database Serialization Error
Updated the Python imports in app.py to properly include the date class: from datetime import datetime, timedelta, date
Modified the type checking code to correctly identify date objects: isinstance(value, (datetime, date))
This resolved the "isinstance() arg 2 must be a type or tuple of types" error that was preventing the application from retrieving warranty data
These changes resolved the connection issues between frontend and backend components, allowing the application to successfully add and display warranty information.
