diff --git a/devdocs/v1/IMPLEMENTATION_PLAN.md b/devdocs/v1/IMPLEMENTATION_PLAN.md index e96c913..7d8e932 100644 --- a/devdocs/v1/IMPLEMENTATION_PLAN.md +++ b/devdocs/v1/IMPLEMENTATION_PLAN.md @@ -6,11 +6,12 @@ GoalsBreakDown/ ├── app.py # Flask application entry point ├── config.py # Configuration constants -├── database.py # TinyDB initialization and operations +├── database.py # SQLite database operations ├── auth.py # Authentication helpers -├── requirements.txt # Python dependencies -├── data/ # TinyDB data directory -│ └── db.json # TinyDB database file +├── schema.py # SQLite table creation & migration +├── pyproject.toml # Python dependencies (uv-managed) +├── data/ # SQLite data directory +│ └── db.sqlite # SQLite database file ├── static/ │ ├── css/ │ │ ├── style.css # Global styles @@ -20,14 +21,14 @@ GoalsBreakDown/ │ ├── api.js # API client utilities │ ├── auth.js # Authentication logic │ ├── goals.js # Goal page logic -│ ├── tasks.js # Task page logic -│ └── sortable.min.js # Drag-and-drop library +│ └── tasks.js # Task page logic └── templates/ ├── base.html # Base template with navigation ├── login.html # Login page ├── register.html # Registration page ├── goals.html # Goal CRUD page - └── tasks.html # Task CRUD page with scroll view + ├── tasks.html # Task CRUD page with scroll view + └── admin.html # Admin user management page ``` ## 2. Dependencies & Environment Management @@ -38,80 +39,69 @@ GoalsBreakDown/ uv init --no-readme # Add dependencies -uv add flask tinydb bcrypt +uv add flask bcrypt # Run the application -uv run python app.py +uv run flask run ``` -### 2.2 requirements.txt (managed by uv) -``` -flask==3.0.0 -tinydb==4.8.0 -bcrypt==4.1.2 -``` - -### 2.3 pyproject.toml (auto-generated by uv) +### 2.2 pyproject.toml (managed by uv) ```toml [project] name = "goalsbreakdown" version = "0.1.0" -requires-python = ">=3.10" +requires-python = ">=3.13" dependencies = [ - "flask>=3.0.0", - "tinydb>=4.8.0", - "bcrypt>=4.1.2", + "flask>=3.1.3", + "bcrypt>=5.0.0", ] ``` -## 3. Database Schema (TinyDB) +## 3. Database Schema (SQLite) -### 3.1 Collections (TinyDB Tables) +### 3.1 Tables **users** table: -```json -{ - "user_id": 1, - "username": "admin", - "password_hash": "$2b$12$...", - "role": "admin", - "max_goals": 10 -} +```sql +CREATE TABLE users ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + username TEXT NOT NULL UNIQUE, + password_hash TEXT NOT NULL, + role TEXT NOT NULL DEFAULT 'user', + max_goals INTEGER NOT NULL DEFAULT 5 +); ``` **goals** table: -```json -{ - "goal_id": 1, - "user_id": 1, - "title": "Learn Python", - "activated": true -} +```sql +CREATE TABLE goals ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + user_id INTEGER NOT NULL, + title TEXT NOT NULL, + activated INTEGER NOT NULL DEFAULT 1, + FOREIGN KEY (user_id) REFERENCES users(id) +); ``` **tasks** table: -```json -{ - "task_id": 1, - "goal_id": 1, - "title": "Complete basics", - "desc": "Learn variables, loops, functions", - "status": "doing", - "start_time": "2026-05-08T10:00:00", - "finished_time": null, - "order": 1.0 -} +```sql +CREATE TABLE tasks ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + goal_id INTEGER NOT NULL, + title TEXT NOT NULL, + desc TEXT NOT NULL DEFAULT '', + status TEXT NOT NULL DEFAULT 'todo', + start_time TEXT, + finished_time TEXT, + "order" REAL NOT NULL DEFAULT 0.0, + FOREIGN KEY (goal_id) REFERENCES goals(id) +); ``` -### 3.2 Database Initialization - -```python -# database.py responsibilities: -# - Initialize TinyDB with data/db.json -# - Create tables: users, goals, tasks -# - Seed admin user on first run (username: admin, password: admin123) -# - Provide CRUD helper functions for each table -``` +### 3.2 Database Initialization (schema.py) +- `schema.py` defines SQL table creation and `get_connection()` helper +- `init_db()` creates tables and seeds admin user on first run +- Uses `sqlite3.Row` for dict-like row access ## 4. API Endpoints @@ -426,6 +416,7 @@ uv add flask tinydb bcrypt - `pyproject.toml` (auto-generated by uv) - `uv.lock` (auto-generated by uv) - `config.py` +- `schema.py` - `database.py` - `auth.py` - `app.py` (basic setup) @@ -517,7 +508,7 @@ uv add flask tinydb bcrypt ```python # Database -DB_PATH = "data/db.json" +DB_PATH = "data/db.sqlite" # Default admin credentials DEFAULT_ADMIN_USERNAME = "admin" @@ -559,7 +550,7 @@ PORT = 5000 - Session-based authentication with HTTP-only cookies - CSRF protection (Flask-WTF or manual token) - Input sanitization (prevent XSS) -- SQL injection not applicable (TinyDB), but validate all inputs +- Parameterized SQL queries (sqlite3 placeholders prevent injection) - Rate limiting on auth endpoints (optional) - HTTPS in production diff --git a/devdocs/v1/PRD.md b/devdocs/v1/PRD.md index 20fcbaf..0b80a20 100644 --- a/devdocs/v1/PRD.md +++ b/devdocs/v1/PRD.md @@ -84,7 +84,7 @@ Tech Stack: - Backend: Python + Flask (lightweight, good for small apps) - Frontend: Vanilla JS + HTML/CSS (simple, no build step needed) -- Database: TinyDB (single JSON file, perfect for this scale) +- Database: SQLite (lightweight file-based relational database) - Authentication: Session-based with password hashing (bcrypt) - Drag-and-drop: HTML5 Drag and Drop API or SortableJS