Backend overhaul: new models, routers, schemas for shifts, business day, flags, messages, settings

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 12:12:05 +03:00
parent 603fd45eaa
commit defc49f84f
31 changed files with 2626 additions and 55 deletions
--- a/local_backend/routers/auth.py
+++ b/local_backend/routers/auth.py
@@ -5,6 +5,11 @@ from sqlalchemy.orm import Session
 from database import get_db
 from models.user import User
 from schemas.auth import LoginRequest, TokenResponse
+from pydantic import BaseModel as _PydanticBase
+
+class LoginByIdRequest(_PydanticBase):
+    waiter_id: int
+    pin: str
 from schemas.user import UserOut
 from routers.deps import get_current_user, make_token, decode_token, blacklist_token

@@ -20,6 +25,16 @@ def login(body: LoginRequest, db: Session = Depends(get_db)):
    return TokenResponse(access_token=token, user=UserOut.model_validate(user))


+@router.post("/login-by-id", response_model=TokenResponse)
+def login_by_id(body: LoginByIdRequest, db: Session = Depends(get_db)):
+    """Login using waiter id + PIN (used by the waiter-picker login screen)."""
+    user = db.query(User).filter(User.id == body.waiter_id, User.is_active == True).first()
+    if not user or not bcrypt.checkpw(body.pin.encode(), user.pin_hash.encode()):
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Λανθασμένο PIN")
+    token = make_token(user)
+    return TokenResponse(access_token=token, user=UserOut.model_validate(user))
+
+
@router.post("/refresh", response_model=TokenResponse)
 def refresh(token: str, db: Session = Depends(get_db)):
    payload = decode_token(token)
@@ -40,3 +55,37 @@ def logout(token: str):
@router.get("/me", response_model=UserOut)
 def me(user: User = Depends(get_current_user)):
    return user
+
+
+# ─── Public waiter list (login screen — no auth required) ────────────────────
+
+from pydantic import BaseModel as _BaseModel
+
+class PublicWaiterOut(_BaseModel):
+    id: int
+    full_name: str | None
+    nickname: str | None
+    avatar_url: str | None
+    on_shift: bool
+    model_config = {"from_attributes": True}
+
+
+@router.get("/waiters", response_model=list[PublicWaiterOut])
+def public_waiter_list(db: Session = Depends(get_db)):
+    """Public endpoint — returns active waiters with on-shift flag. No auth required."""
+    from models.shift import WaiterShift
+    waiters = db.query(User).filter(User.role == "waiter", User.is_active == True).all()
+    on_shift_ids = {
+        row.waiter_id
+        for row in db.query(WaiterShift).filter(WaiterShift.ended_at == None).all()
+    }
+    return [
+        PublicWaiterOut(
+            id=w.id,
+            full_name=w.full_name,
+            nickname=w.nickname,
+            avatar_url=w.avatar_url,
+            on_shift=w.id in on_shift_ids,
+        )
+        for w in waiters
+    ]