Giorgio Gilestro
f326b41a08
Adds opt-in client-side-encrypted portfolio sync (paid). Browser
PBKDF2(PIN) → AES-GCM, server HKDF(pepper, user_id) outer wrap;
server stores opaque bytes only. Sliding-window rate limit on GET.
- new portfolio_sync table (migration 0015)
- POST/GET/DELETE /api/portfolio/sync + /status
- app/services/portfolio_sync.py crypto + rate limit
- app/routers/sync.py paid-gated
- app/static/js/portfolio-sync.js WebCrypto wrapper
- settings page: enable/disable + PIN modal
- PORTFOLIO_SYNC_PEPPER setting (warn on startup if missing)
Settings + import rework:
- /upload merged into /settings#import (legacy route 302s)
- drop CSV → auto-parse → preview → Import only / Import & sync
- nav slimmed to Dashboard / News / Log
- Settings + Logout moved to a user dropdown
- brand logo links to /
Collateral fixes:
- settings 500: re-fetch User in current session before mutating
referral_code (assign_code_if_missing was refreshing a User
loaded in the auth dep's now-closed session)
- csv_import: distinct error for unfunded T212 pies (all qty=0)
- db.py: drop pool_pre_ping (aiomysql 0.3.2 incompat); pin
isolation_level=READ COMMITTED to avoid gap-lock deadlocks
- alembic env: disable_existing_loggers=False so in-process
migrations don't silence uvicorn's loggers
- docker-compose.override.yml: dev-only volume mount + --reload
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
86 lines
2.9 KiB
HTML
86 lines
2.9 KiB
HTML
{% extends "base.html" %}
|
|
{% block title %}{{ BRAND_NAME }} · Dashboard{% endblock %}
|
|
|
|
{% block main %}
|
|
<div id="dash-header-container"
|
|
style="grid-column: 1 / -1;"
|
|
hx-get="/api/summary/aggregate?as=html"
|
|
hx-trigger="load, every 300s, tone-changed"
|
|
hx-swap="innerHTML">
|
|
<div class="empty">loading aggregate read…</div>
|
|
</div>
|
|
|
|
<section id="indicators-panel" class="panel">
|
|
<div class="panel-header">
|
|
<span class="title">Indicators</span>
|
|
<span class="meta">{% if anchor %}anchor {{ anchor }} · {% endif %}ingest hourly @ :05 UTC</span>
|
|
</div>
|
|
<div class="group-tabs" id="group-tabs">
|
|
{% for g in groups %}
|
|
<button
|
|
class="{% if loop.first %}active{% endif %}"
|
|
hx-get="/api/indicators/{{ g }}?as=html"
|
|
hx-target="#indicators-body"
|
|
hx-trigger="click"
|
|
onclick="document.querySelectorAll('#group-tabs button').forEach(b=>b.classList.remove('active'));this.classList.add('active')"
|
|
>{{ g }}</button>
|
|
{% endfor %}
|
|
</div>
|
|
<div id="indicators-body"
|
|
class="panel-body panel-body--scroll"
|
|
hx-get="/api/indicators/{{ groups[0] }}?as=html"
|
|
hx-trigger="load, tone-changed"
|
|
hx-swap="innerHTML">
|
|
<div class="empty">loading…</div>
|
|
</div>
|
|
</section>
|
|
<script>
|
|
// Auto-refresh the *currently selected* group every 60s by simulating a
|
|
// click on the active tab. Replaces the hard-coded `every 60s` on
|
|
// #indicators-body which always re-fetched groups[0].
|
|
setInterval(function () {
|
|
var active = document.querySelector('#group-tabs button.active');
|
|
if (active) active.click();
|
|
}, 60000);
|
|
</script>
|
|
|
|
<section id="portfolio-panel" class="panel">
|
|
<div class="panel-header">
|
|
<span class="title">Portfolio</span>
|
|
<span class="meta">held locally · prices via /api/universe</span>
|
|
</div>
|
|
<div class="panel-body">
|
|
<div id="pf-mount">
|
|
<div class="empty">loading…</div>
|
|
</div>
|
|
</div>
|
|
</section>
|
|
<script src="{{ url_for('static', path='/js/portfolio-sync.js') }}" defer></script>
|
|
<script src="{{ url_for('static', path='/js/portfolio.js') }}" defer></script>
|
|
|
|
<section id="log-panel" class="panel">
|
|
<div class="panel-header">
|
|
<span class="title">Strategic Log</span>
|
|
<span class="meta">generated hourly @ :20 UTC</span>
|
|
</div>
|
|
<div class="panel-body"
|
|
hx-get="/api/log/latest?as=html"
|
|
hx-trigger="load, every 300s, tone-changed"
|
|
hx-swap="innerHTML">
|
|
<div class="empty">awaiting first log…</div>
|
|
</div>
|
|
</section>
|
|
|
|
<section id="news-panel" class="panel">
|
|
<div class="panel-header">
|
|
<span class="title">Flash News</span>
|
|
<span class="meta">last 24h · ingest hourly @ :10 UTC</span>
|
|
</div>
|
|
<div class="panel-body panel-body--scroll"
|
|
hx-get="/api/news?as=html&limit=40"
|
|
hx-trigger="load, every 60s, tags-changed"
|
|
hx-swap="innerHTML">
|
|
<div class="empty">loading…</div>
|
|
</div>
|
|
</section>
|
|
{% endblock %}
|