Added hasVerified flag to prevent useEffect from running twice
in React 18 StrictMode (development mode).
This was causing:
1. First call: 200 OK - verification successful
2. Second call: 400 Bad Request - already verified
3. Error shown to user despite successful verification
The fix ensures verify() only runs once per component mount.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
AuthContext:
- Added setAuthFromToken() for direct token/profile set
- Used for email verification auto-login (no /login request)
- Properly initializes session with token and profile
Verify.jsx:
- Fixed auto-login: now uses setAuthFromToken() instead of login()
- Added "already_verified" status for better UX
- Auto-redirect to /login after 3s if already verified
- Shows friendly message instead of error
This fixes:
- 422 Unprocessable Entity error during auto-login
- Empty dashboard page after verification (now redirects correctly)
- "Ungültiger Link" error on second click (now shows "bereits bestätigt")
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Backend fixes:
- Fixed timezone-aware datetime comparison in verify_email endpoint
- Added trial_ends_at (14 days) for new registrations
- All datetime.now() calls now use timezone.utc
Frontend additions:
- Added EmailVerificationBanner component for unverified users
- Banner shows warning before trial banner in Dashboard
- Clear messaging about verification requirement
This fixes the 500 error on email verification and ensures new users
see both verification and trial status correctly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Updated CLAUDE.md to reflect new database migrations system:
- Added backend/migrations/ to directory structure
- Added schema_migrations table to database schema
- Updated deployment section with migration workflow
- Added reference to .claude/docs/technical/MIGRATIONS.md
The migrations system automatically applies SQL files (XXX_*.sql pattern)
on container startup, with tracking in schema_migrations table.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Modified run_migrations() to only process files matching pattern: \d{3}_*.sql
This prevents utility scripts (check_features.sql) and manually applied
migrations (v9c_*.sql) from being executed.
Only properly numbered migrations like 003_add_email_verification.sql
will be processed.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Added migration tracking and execution to db_init.py:
- Created schema_migrations table to track applied migrations
- Added run_migrations() to automatically apply pending SQL files
- Migrations from backend/migrations/*.sql are now applied on startup
This fixes the missing email verification columns (migration 003).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fixed build error where AuthContext was imported directly instead of using the useAuth hook.
Changed from import { AuthContext } + useContext(AuthContext) to import { useAuth } + useAuth().
This was blocking the Docker build and production deployment of v9c.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Updates:
- Bug-Fixes: Added BUG-003 (chart extrapolation) and BUG-004 (history refresh)
- v9c Finalization: Self-registration + Trial UI marked as complete
- Moved open items to v9d
v9c is now feature-complete and ready for production deployment.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Component:
- TrialBanner.jsx: Displays remaining trial days with urgency levels
Features:
- Calculates days left from profile.trial_ends_at
- Three urgency levels:
* Normal (>7 days): Accent blue, "Abo wählen"
* Warning (≤7 days): Orange, "Abo wählen"
* Urgent (≤3 days): Red + ⚠️, "Jetzt upgraden"
- Auto-hides when no trial or trial ended
- Responsive flex layout
- Call-to-action button links to /settings?tab=subscription
Integration:
- Added to Dashboard after header greeting
- Uses activeProfile from ProfileContext
- Clean, non-intrusive design
UX:
- Clear messaging: "Trial endet in X Tagen"
- Special case: "morgen" for 1 day left
- Color-coded severity (blue → orange → red)
- Prominent CTA button
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Components:
- Register.jsx: Registration form with validation
- Verify.jsx: Email verification page with auto-login
- API calls: register(), verifyEmail()
Features:
- Form validation (name min 2, email format, password min 8, password confirm)
- Success screen after registration (check email)
- Auto-login after verification → redirect to dashboard
- Error handling for invalid/expired tokens
- Link to registration from login page
Routes:
- /register → public (no login required)
- /verify?token=xxx → public
- Pattern matches existing /reset-password handling
UX:
- Clean success/error states
- Loading spinners
- Auto-redirect after verify (2s)
- "Jetzt registrieren" link on login
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Backend:
- New endpoint: POST /api/auth/register
- New endpoint: GET /api/auth/verify/{token}
- Migration: Add email_verified, verification_token, verification_expires
- Helper: send_email() for reusable SMTP
- Validation: email format, password length (min 8), name
- Auto-login after verification (returns session token)
- Rate limit: 3 registrations per hour per IP
Features:
- Verification token valid for 24h
- Existing users marked as verified (grandfather clause)
- SMTP configured via .env (SMTP_HOST, SMTP_USER, SMTP_PASS)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Changes:
- Show all data points (kcal OR weight, not only both)
- Extrapolate missing kcal values at end (use last known value)
- Dashed lines (strokeDasharray) for extrapolated values
- Solid lines for real measurements
- Weight always interpolates gaps (connectNulls=true)
Visual distinction:
- Solid = Real measurements + gap interpolation
- Dashed = Extrapolation at chart end
Closes: BUG-003
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Solution: Force remount ImportHistory via key prop
- Added importHistoryKey state (timestamp)
- Update key after import → triggers useEffect reload
- ImportHistory now updates immediately after import
Closes: BUG-004
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Layout changes:
- Input tabs at top: ✏️ Einzelerfassung (default) | 📥 Import
- Single entry form shown by default (was hidden in data tab)
- Import panel + history only visible in Import tab
- Analysis section below (unchanged): OverviewCards + Analysis tabs
Benefits:
- Cleaner separation of input methods vs analysis
- Manual entry more discoverable (was buried in data tab)
- Import history only shown when relevant
- Reduces clutter on initial view
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Features:
- Manual entry form above data list
- Date picker with auto-load existing entries
- Upsert logic: creates new or updates existing entry
- Smart button text: "Hinzufügen" vs "Aktualisieren"
- Prevents duplicate entries per day
- Feature enforcement for nutrition_entries
Backend:
- POST /nutrition - Create or update entry (upsert)
- GET /nutrition/by-date/{date} - Load entry by date
- Auto-detects existing entry and switches to UPDATE mode
- Increments usage counter only on INSERT
Frontend:
- EntryForm component with date picker + macros inputs
- Auto-loads data when date changes
- Shows info message when entry exists
- Success/error feedback
- Disabled state while loading/saving
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Added dropdown filter with options:
- Letzte 7 Tage
- Letzte 30 Tage (default)
- Letzte 90 Tage
- Letztes Jahr
- Alle anzeigen
Shows filtered count vs total count in title.
Handles large datasets (7+ years) efficiently.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Features:
- Import history panel showing all CSV imports with date, count, and range
- Edit/delete functionality for nutrition entries (inline editing)
- New backend endpoints: GET /import-history, PUT /{id}, DELETE /{id}
UI Changes:
- Import history displayed under import panel
- "Daten" tab now has edit/delete buttons per entry
- Inline form for editing macros (kcal, protein, fat, carbs)
- Confirmation dialog for deletion
Backend:
- nutrition.py: Added import_history, update_nutrition, delete_nutrition endpoints
- Groups imports by created date to show history
Frontend:
- NutritionPage: New DataTab and ImportHistory components
- api.js: Added nutritionImportHistory, updateNutrition, deleteNutrition
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Problem: Imported nutrition data not visible in UI
Root Cause: NutritionPage only had analysis tabs, no raw data view
Solution: Added "Daten" tab with entries list showing date, kcal, macros
Tested: Entries now visible after CSV import
Closes: BUG-002
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Problem:
- /api/nutrition/weekly crashed with 500 Internal Server Error
- TypeError: strptime() argument 1 must be str, not datetime.date
Root Cause:
- d['date'] from PostgreSQL is already datetime.date object
- datetime.strptime() expects string input
- Line 156: wk=datetime.strptime(d['date'],'%Y-%m-%d').strftime('%Y-W%V')
Solution:
- Added type check before strptime()
- If date already has strftime method → use directly
- Else → parse as string first
- Works with both datetime.date objects and strings
Tested:
- /nutrition page loads without error
- Weekly aggregation works correctly
- Chart displays nutrition data
Closes: BUG-001
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
CLAUDE.md erweitert:
- Verweis auf PENDING_FEATURES.md (ausstehende Enforcement-Items)
- Verweis auf KNOWN_ISSUES.md (Bug-Tracking)
Lokal erstellt (in .claude/):
.claude/docs/PENDING_FEATURES.md:
- Dashboard-Assistent (keine Badges)
- Import-Endpoints ohne Enforcement (Activity CSV, Nutrition CSV)
- Weitere potenzielle Limitierungen (Export-Wiederholungen, etc.)
- Implementierungs-Richtlinien für späteres Nachziehen
.claude/docs/KNOWN_ISSUES.md:
- BUG-001: Nutrition Import-Seite zeigt keine bisherigen Importe
(Daten vorhanden in Verlauf, aber Import-Panel zeigt keine Historie)
- Technische Schulden (alte AI-Limit-Checks, deprecated export_enabled)
- Bug-Meldung-Prozess dokumentiert
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Feature-Enforcement komplett:
- ✅ Phase 1-4 alle abgeschlossen
- 11 Features mit Monitoring, UI-Badges + Blocking
- Verweis auf neue FEATURE_ENFORCEMENT.md Dokumentation
Lokale Dokumentation erstellt:
- .claude/docs/architecture/FEATURE_ENFORCEMENT.md
- Vollständiger Guide für neue Feature-Integration
- Backend + Frontend Pattern mit Beispielen
- Checkliste + Debugging-Tipps
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Alle verbleibenden Screens mit proaktiver Limit-Anzeige:
- ActivityPage: Manuelle Einträge mit Badge + deaktiviertem Button
- Analysis: AI-Analysen (Pipeline + Einzelanalysen) mit Hover-Tooltip
- NutritionPage: Hat bereits Error-Handling (bulk import)
Konsistentes Pattern:
- Usage-Badge im Titel
- Button deaktiviert + Hover-Tooltip bei Limit
- "🔒 Limit erreicht" Button-Text
- Error-Handling für API-Fehler
- Usage reload nach erfolgreichem Speichern
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Dashboard QuickWeight: Feature limit enforcement hinzugefügt
- Hover-Tooltip Fix: Button in div wrapper (disabled buttons zeigen keine nativen tooltips)
- Error handling für Dashboard weight input
- Konsistentes UX über alle Eingabe-Screens
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implementiert User-freundliches Limit-Feedback für Daten-Einträge:
- Button wird deaktiviert wenn Limit erreicht
- Hover-Tooltip erklärt warum ("Limit erreicht X/Y")
- Button-Text zeigt "🔒 Limit erreicht"
- Error-Handling für alle API-Fehler
- Usage-Badge wird nach Speichern aktualisiert
Betrifft: Weight, Circumference, Caliper Screens
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Behebt IndentationError in Zeile 204 der _check_impl() Funktion.
Die Funktion wurde beim Connection-Pool-Fix erstellt, hatte aber
inkonsistente Einrückungen (8 statt 4 Spaces nach der ersten Zeile).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Move all positioning logic from inline styles to CSS
- New classes: .badge-container-right, .badge-button-layout
- All badge styling now in UsageBadge.css (single source)
- Easier to maintain and adjust globally
- Mobile responsive adjustments in one place
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Smaller font (0.65rem), more spacing (10px margin)
- Reduced opacity (0.6), hover effect (0.9)
- OK status now gray instead of green (less prominent)
- Position: right-aligned in headings (flex space-between)
- Buttons: badge on right side of main text, description below
- Much more discreet overall appearance
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Weight page: badge on "Eintrag hinzufügen" heading
- Settings: badges on export buttons (ZIP/JSON)
- Analysis: badges on pipeline and individual analysis titles
- Shows real-time usage status (e.g., "7/5" with red color)
Phase 3: Frontend Display complete
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add user-facing usage overview endpoint
- Returns all features with usage, limits, reset info
- Fully dynamic - automatically includes new features
- Phase 3: Frontend Display preparation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Mark Feature-Enforcement Phase 2 as complete
- Add 4-phase model status overview
- Document feature_logger.py and JSON logging
- Update DB schema section with user_feature_usage
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Create feature_logger.py with JSON logging infrastructure
- Add log_feature_usage() calls to all 9 routers after check_feature_access()
- Logs written to /app/logs/feature-usage.log
- Tracks all usage (not just violations) for future analysis
- Phase 2: Non-blocking monitoring complete
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fixes two critical bugs in AI analysis storage:
1. History now works - analyses are saved, not overwritten
- Removed DELETE statements before INSERT in insights.py
- All analyses are now preserved per scope
- Displayed in descending order by creation date
2. Pipeline saves under correct scope 'pipeline' instead of 'gesamt'
- Changed scope from 'gesamt' to 'pipeline' in pipeline endpoint
- Pipeline results now appear under correct category in history
3. Fixed pipeline appearing twice in UI
- Filter now excludes both 'pipeline_*' and 'pipeline' from individual list
- Pipeline only appears in dedicated section at top
Changes:
- backend/routers/insights.py: Removed DELETE, changed scope to 'pipeline'
- frontend/src/pages/Analysis.jsx: Fixed filter to exclude 'pipeline'
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Reverts all feature enforcement changes (commits 3745ebd, cbad50a, cd4d912, 8415509)
to restore original working functionality.
Issues caused by feature enforcement implementation:
- Export buttons disappeared and never reappeared
- KI analysis counter not incrementing
- New analyses not saving
- Pipeline appearing twice
- Many core features broken
Restored files to working state before enforcement implementation (commit 0210844):
- Backend: auth.py, insights.py, exportdata.py, importdata.py, nutrition.py, activity.py
- Frontend: Analysis.jsx, SettingsPage.jsx, api.js
- Removed: FeatureGate.jsx, useFeatureAccess.js
The original simple AI limit system (ai_enabled, ai_limit_day) is now active again.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Critical bug: usage limits were never resetting after first month because
reset_at timestamp was not updated during ON CONFLICT UPDATE.
This caused users to stay permanently blocked after reaching monthly limit once.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Critical fixes for feature enforcement:
- Add GET /api/features/{feature_id}/check-access endpoint (was missing!)
- Add migration for missing features: data_export, csv_import
- These features were used in frontend but didn't exist in DB
This fixes:
- "No analysis available" when setting KI limit
- Export features not working
- Frontend calling non-existent API endpoint
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
⚠️ MAJOR GAP IDENTIFIED: Feature limits don't work!
- Admin UI exists to configure limits
- But actual enforcement (check_feature_access) is NOT called in endpoints
- Users can exceed limits, use disabled features
Backend TODO (CRITICAL):
- Add feature checks to insights.py (AI analysis)
- Add feature checks to exportdata.py, importdata.py
- Add feature checks to nutrition.py, activity.py (imports)
- Add feature checks to photos.py, data entry endpoints
Frontend TODO (UX):
- Implement useFeatureAccess() hook
- Create <FeatureGate> component
- Hide disabled features
- Show limit counters & upgrade prompts
Estimated work: 2-3 hours
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
