| Age | Commit message (Collapse) | Author |
|
End-to-end testing (MCP client -> FastMCP -> Django) surfaced a 500:
adding an item with an explicit `unit: null` (as add_to_pantry sends
for items without a unit) hit a NOT NULL violation, because
`item_data.get("unit", "items")` returns None when the key is present.
- views.bulk_pantry_add: `item_data.get("unit") or "items"` — tolerate
null/empty unit.
- mcp_server add_to_pantry: omit quantity/unit from the payload when
unset, so the API applies its own defaults.
- test: bulk-add with unit/quantity = null returns 201 (25 pass).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
|
Backend prerequisites for the FastMCP service (mcp.md §6) — no model
changes, no migration.
- log_cook: accepts `rating`, validates via full_clean (enforces the
exactly-one-recipe rule), and returns `used_ingredients` as a
suggestion set instead of mutating the pantry. Auto-deduct path and
_deduct_ingredient removed — pantry state changes only via set-state
after the user confirms.
- New POST /api/pantry/set-state/ — set in/low/out by ingredient name
(alias-aware), optional location; registered before the router so the
pantry detail route doesn't capture "set-state" as a pk.
- what_can_i_cook: presence-based (exclude 'out', tolerate null
quantity) so the API matcher agrees with the web one.
- bulk-pantry-add: restocks an existing ingredient+location row to 'in'
instead of duplicating; quantity is an optional int.
Tests cover all four + that pantry `state` is serialized (24 pass).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
|
Require login for /app/, with a long sliding session so you log in
once per device and effectively stay in.
- AppLoginRequiredMiddleware gates only /app/; /api/ keeps DRF token
auth and /admin/ keeps its own login (a blanket LoginRequired would
break token requests, whose user isn't resolved until the view runs).
- Login page (styled to the dark palette) via django.contrib.auth.urls;
logout control in the nav.
- Session: ~1 year cookie, sliding (saved every request), survives
browser close.
- Dropped every @csrf_exempt now that a real session + CSRF token are
in place (HTMX already sends X-CSRFToken).
- SECRET_KEY and DEBUG now read from the environment (prod-safe
defaults); systemd loads an optional /var/lib/food/.env.
- Tests authenticate, plus new coverage: /app/ redirects when logged
out, login grants access, /api/ is not caught by the app gate.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
|
Track presence (In/Low/Out) as the primary signal instead of exact
quantities; quantity becomes an optional integer, unit optional too
(migration 0003 backfills state from quantity: 0 -> out, else in).
- Pantry rebuilt as a phone-first card list: colored state rail,
segmented In/Low/Out switch (server-driven HTMX), greyed out-items,
live summary counts.
- Fast add: bottom add bar with type-ahead autocomplete, location
picker, and quick-add chips for things you've run out of.
- Per-item menu (move / set expiry / delete); expiry is now an
optional quiet pill, never required.
- New endpoints: pantry search + set-state; dropped the old
edit-expiry/cancel flow and its partial.
- Recipes matcher made presence-based (have-it beats have-enough);
state added to admin. Tests cover state, add/restock, search,
presence matching, and page rendering.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
|
|