Updated checks

backend/app/api/routes/auth.py

@@ -42,14 +42,14 @@ async def set_auth_enabled(db: AsyncSession, enabled: bool) -> None:
 async def setup_auth(request: SetupRequest, db: AsyncSession = Depends(get_db)):
     """First-time setup: enable/disable authentication and create admin user."""
     import logging
-    
+
     logger = logging.getLogger(__name__)
-    
+
     try:
         # Check if auth is already configured (prevent re-setup)
         result = await db.execute(select(Settings).where(Settings.key == "auth_enabled"))
         existing_setting = result.scalar_one_or_none()
-        
+
         # Check if users exist
         user_count_result = await db.execute(select(User))
         user_count = len(user_count_result.scalars().all())
@@ -60,7 +60,7 @@ async def setup_auth(request: SetupRequest, db: AsyncSession = Depends(get_db)):
                 status_code=status.HTTP_400_BAD_REQUEST,
                 detail="Authentication is already configured. Use user management to modify users.",
             )
-        
+
         # If auth_enabled is true but no users exist, allow re-setup (recovery scenario)
 
         admin_created = False
@@ -103,7 +103,7 @@ async def setup_auth(request: SetupRequest, db: AsyncSession = Depends(get_db)):
         # Set auth enabled and commit everything together
         await set_auth_enabled(db, request.auth_enabled)
         await db.commit()
-        
+
         if admin_created:
             await db.refresh(admin_user)
             logger.info(f"Admin user created successfully: {admin_user.id}")
@@ -134,16 +134,16 @@ async def disable_auth(
 ):
     """Disable authentication (admin only)."""
     import logging
-    
+
     logger = logging.getLogger(__name__)
-    
+
     # Only admins can disable authentication
     if current_user.role != "admin":
         raise HTTPException(
             status_code=status.HTTP_403_FORBIDDEN,
             detail="Only admins can disable authentication",
         )
-    
+
     try:
         await set_auth_enabled(db, False)
         await db.commit()

backend/app/api/routes/users.py

@@ -2,7 +2,7 @@ from fastapi import APIRouter, Depends, HTTPException, status
 from sqlalchemy import select
 from sqlalchemy.ext.asyncio import AsyncSession
 
-from backend.app.core.auth import RequireAdmin, get_current_active_user, get_password_hash
+from backend.app.core.auth import RequireAdmin, get_password_hash
 from backend.app.core.database import get_db
 from backend.app.models.user import User
 from backend.app.schemas.auth import UserCreate, UserResponse, UserUpdate

backend/app/core/auth.py

@@ -1,15 +1,14 @@
 import secrets
 from datetime import datetime, timedelta
-from typing import Annotated, TYPE_CHECKING
+from typing import TYPE_CHECKING, Annotated
 
 from fastapi import Depends, Header, HTTPException, status
-from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 from jose import JWTError, jwt
 from passlib.context import CryptContext
 from sqlalchemy import select
 from sqlalchemy.ext.asyncio import AsyncSession
 
-from backend.app.core.config import settings
 from backend.app.core.database import async_session, get_db
 from backend.app.models.settings import Settings
 from backend.app.models.user import User
@@ -33,7 +32,7 @@ security = HTTPBearer(auto_error=False)
 
 def verify_password(plain_password: str, hashed_password: str) -> bool:
     """Verify a password against a hash.
-    
+
     Uses pbkdf2_sha256 which handles long passwords automatically.
     """
     return pwd_context.verify(plain_password, hashed_password)
@@ -41,7 +40,7 @@ def verify_password(plain_password: str, hashed_password: str) -> bool:
 
 def get_password_hash(password: str) -> str:
     """Hash a password.
-    
+
     Uses pbkdf2_sha256 which is secure and has no password length limit.
     """
     return pwd_context.hash(password)

frontend/package-lock.json

@@ -11,6 +11,7 @@
         "@dnd-kit/core": "^6.3.1",
         "@dnd-kit/sortable": "^10.0.0",
         "@dnd-kit/utilities": "^3.2.2",
+        "@floating-ui/dom": "^1.7.4",
         "@tanstack/react-query": "^5.90.11",
         "@tiptap/extension-color": "^3.11.1",
         "@tiptap/extension-image": "^3.11.1",
@@ -1185,17 +1186,26 @@
       "resolved": "https://registry.npmjs.org/@floating-ui/core/-/core-1.7.3.tgz",
       "integrity": "sha512-sGnvb5dmrJaKEZ+LDIpguvdX3bDlEllmv4/ClQ9awcmCZrlx5jQyyMWFM5kBI+EyNOCDDiKk8il0zeuX3Zlg/w==",
       "license": "MIT",
-      "optional": true,
       "dependencies": {
         "@floating-ui/utils": "^0.2.10"
       }
     },
+    "node_modules/@floating-ui/dom": {
+      "version": "1.7.4",
+      "resolved": "https://registry.npmjs.org/@floating-ui/dom/-/dom-1.7.4.tgz",
+      "integrity": "sha512-OOchDgh4F2CchOX94cRVqhvy7b3AFb+/rQXyswmzmGakRfkMgoWVjfnLWkRirfLEfuD4ysVW16eXzwt3jHIzKA==",
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "@floating-ui/core": "^1.7.3",
+        "@floating-ui/utils": "^0.2.10"
+      }
+    },
     "node_modules/@floating-ui/utils": {
       "version": "0.2.10",
       "resolved": "https://registry.npmjs.org/@floating-ui/utils/-/utils-0.2.10.tgz",
       "integrity": "sha512-aGTxbpbg8/b5JfU1HXSrbH3wXZuLPJcNEcZQFMxLs3oSzgtVu6nFPkbbGGUvBcUjKV2YyB9Wxxabo+HEH9tcRQ==",
-      "license": "MIT",
-      "optional": true
+      "license": "MIT"
     },
     "node_modules/@humanfs/core": {
       "version": "0.19.1",

frontend/package.json

@@ -17,6 +17,7 @@
     "@dnd-kit/core": "^6.3.1",
     "@dnd-kit/sortable": "^10.0.0",
     "@dnd-kit/utilities": "^3.2.2",
+    "@floating-ui/dom": "^1.7.4",
     "@tanstack/react-query": "^5.90.11",
     "@tiptap/extension-color": "^3.11.1",
     "@tiptap/extension-image": "^3.11.1",