Commit Graph

6 Commits

Author SHA1 Message Date
14cf5e84d3 Remove backward compatibility fields from product forms
Remove automatic addition of ProductName and Price fields when they're not defined as custom AR fields. This ensures tenants using only custom fields won't see unwanted default fields in their products.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-20 23:14:48 -04:00
4d4dbba010 Fix image update issue by adding cache-busting timestamps
Add timestamp query parameters to image URLs to prevent browser caching from showing stale images after updates. Images now display immediately after being updated.
2025-10-20 22:56:07 -04:00
66b88fec03 Strip whitespace from AR field names and labels to prevent image lookup issues
- Add .strip() to field name and label inputs in AR field management
- Implement defensive stripping at model layer for extra safety
- Prevents spacing issues that cause image serving routes to fail
2025-10-20 22:30:54 -04:00
03b4264239 Fix foreign key cascades and add validation for missing AR fields
- Enable SQLite foreign key constraints to properly cascade deletes
- Add validation to prevent adding products when no AR fields configured
- Display helpful warnings on product pages when fields are missing
- Redirect users to AR field configuration when needed
2025-10-20 21:36:01 -04:00
795068c015 Add Entra ID authentication with role-based access control
Implement Microsoft Entra ID (Azure AD) authentication with user and admin roles.

Features:
- OAuth 2.0 authentication flow using MSAL
- User and admin role-based access control
- Tenant ownership and access management
- Server-side session storage
- Protected routes with authentication decorators

Authentication:
- Users authenticate via Microsoft organizational accounts
- Admin role automatically assigned to DEFAULT_ADMIN_EMAIL
- User profiles synced from Microsoft Graph API

Access Control:
- Admins: Full access to all tenants and server settings
- Users: Can create and manage their own tenants only
- Tenant association: Auto-created when user adds products
- API endpoints remain open for AR application access

Database Changes:
- New users table with email, azure_oid, name, and role
- New user_tenants table for many-to-many tenant ownership
- Case-insensitive admin email comparison

Configuration:
- Environment-based config via .env file
- Azure AD credentials (client ID, secret, tenant ID)
- Configurable redirect URI and admin email
- Updated to Flask 2.2.5 for compatibility
2025-10-20 19:37:52 -04:00
f97808c7b3 Refactor application to MVC architecture with Flask blueprints
Major architectural refactoring to improve code organization, maintainability, and scalability:

- Implement MVC pattern with clear separation of concerns
- Organize code into blueprints for different functional areas (main, tenant, admin, api)
- Create models layer to encapsulate all database operations
- Create services layer for business logic (auth, product, barcode)
- Implement application factory pattern for better testability
- Add environment-based configuration management
- Remove old monolithic app.py and consolidate routes

New structure:
- app/models/ - Database operations (Tenant, Product, ARField, Settings)
- app/services/ - Business logic (Auth, Product, Barcode services)
- app/blueprints/ - Controllers organized by function
- app/config.py - Environment configurations
- run.py - Application entry point

All routes remain backward compatible. No changes to API or templates functionality.
2025-10-20 18:11:16 -04:00