Merge pull request #3 from StefBuwalda/development

Update requirements.txt

.github/workflows/docker-ghcr.yml

@@ -14,9 +14,11 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
+      # Checkout code
       - name: Checkout code
         uses: actions/checkout@v4.2.2
 
+      # Log in to GHCR
       - name: Log in to GitHub Container Registry
         uses: docker/login-action@v3.5.0
         with:
@@ -24,13 +26,22 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
+      # Set up Docker Buildx (needed for ARM64 cross-build)
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3.11.1
 
+      # Build and push Docker image with caching
       - name: Build and push ARM64 image
         uses: docker/build-push-action@v6.18.0
         with:
           context: .
           push: true
           platforms: linux/arm64
-          tags: ghcr.io/stefbuwalda/cal_counter:arm64,ghcr.io/stefbuwalda/cal_counter:latest
+          tags: |
+            ghcr.io/stefbuwalda/cal_counter:arm64
+            ghcr.io/stefbuwalda/cal_counter:latest
+          cache-from: type=registry,ref=ghcr.io/stefbuwalda/cal_counter:cache
+          cache-to: type=registry,ref=ghcr.io/stefbuwalda/cal_counter:cache,mode=max
+          build-args: |
+            PIP_NO_CACHE_DIR=1
+

Dockerfile

@@ -2,8 +2,13 @@ FROM python:3.12-slim
 
 # Everything will be done in /app (Not in the main OS Image)
 WORKDIR /app
-COPY . .
+
+COPY requirements.txt .
+
 RUN pip install --no-cache-dir -r requirements.txt
+
+COPY . .
+
 RUN chmod +x ./entrypoint.sh
 
 ENV FLASK_APP=app.py

app.py

@@ -1,28 +1,24 @@
 from flask import (
-    render_template,
     redirect,
     url_for,
-    request,
     send_from_directory,
 )
 from flask_login import (
     login_required,
-    logout_user,
-    login_user,
     current_user,
 )
-from forms import LoginForm
 from models import User
 from application import db, app, login_manager
 from application.admin.routes import admin_bp
 from application.user.routes import user_bp
 from application.add_meal.routes import bp as add_meal_bp
+from application.auth.routes import bp as auth_bp
 from typing import Optional
 
 # Config
 app.config["SECRET_KEY"] = "Stef123"
 
-login_manager.login_view = "login"  # type: ignore
+login_manager.login_view = "auth.login"  # type: ignore
 
 
 @login_manager.user_loader  # type: ignore
@@ -34,6 +30,7 @@ def load_user(user_id: int):
 app.register_blueprint(admin_bp)
 app.register_blueprint(user_bp)
 app.register_blueprint(add_meal_bp)
+app.register_blueprint(auth_bp)
 
 
 # Routes
@@ -49,7 +46,7 @@ def default_return(next_page: Optional[str] = None):
 @app.route("/")
 @login_required
 def index():
-    return redirect(url_for("login"))
+    return redirect(url_for("auth.login"))
 
 
 @app.route("/favicon.ico")
@@ -57,32 +54,6 @@ def favicon():
     return send_from_directory("static", "favicon.ico")
 
 
-@app.route("/login", methods=["GET", "POST"])
-def login():
-    if current_user.is_authenticated:
-        return default_return()
-
-    form = LoginForm()
-    if form.validate_on_submit():
-        user = User.query.filter_by(username=form.username.data).first()
-        if user and user.check_password(password=form.password.data):
-            # User found and password correct
-            next_page = request.args.get("next")  # Get next page if given
-            login_user(user)  # Log in the user
-            return default_return(next_page=next_page)
-        else:
-            pass
-            # invalid user
-    return render_template("login.html", form=form)
-
-
-@app.route("/logout")
-@login_required
-def logout():
-    logout_user()
-    return redirect(url_for("index"))
-
-
 # Run
 if __name__ == "__main__":
     # If there are no users, create admin account

application/add_meal/routes.py

@@ -28,7 +28,7 @@ bp = Blueprint(
 @bp.before_request
 def login_required():
     if not current_user.is_authenticated:
-        return redirect(url_for("login"))
+        return redirect(url_for("auth.login"))
 
 
 @bp.route("/select_meal/<int:meal_type>", methods=["GET"])
@@ -117,6 +117,7 @@ def step3_alt1_post(input: str):
             )
             db.session.commit()
             print("[DEBUG] New FoodItem Added")
+            input = barcode if barcode else name  # update input
         else:
             print(f"Item exists: {item.barcode} {item.name}")
 

application/add_meal/templates/add_item.html

@@ -20,8 +20,13 @@
     </div>
 
     <div class="mb-3">
-        {{ form.protein.label(class="form-label") }}
-        {{ form.protein(class="form-control") }}
+        {{ form.fat.label(class="form-label") }}
+        {{ form.fat(class="form-control") }}
+    </div>
+
+    <div class="mb-3">
+        {{ form.saturated_fat.label(class="form-label") }}
+        {{ form.saturated_fat(class="form-control") }}
     </div>
 
     <div class="mb-3">
@@ -35,13 +40,8 @@
     </div>
 
     <div class="mb-3">
-        {{ form.fat.label(class="form-label") }}
-        {{ form.fat(class="form-control") }}
-    </div>
-
-    <div class="mb-3">
-        {{ form.saturated_fat.label(class="form-label") }}
-        {{ form.saturated_fat(class="form-control") }}
+        {{ form.protein.label(class="form-label") }}
+        {{ form.protein(class="form-control") }}
     </div>
 
     {{ form.submit(class="btn btn-primary") }}

application/admin/routes.py

@@ -1,7 +1,5 @@
-from flask import Blueprint, render_template, abort, redirect, url_for
+from flask import Blueprint, abort
 from flask_login import current_user
-from models import FoodItem
-from application import db
 
 admin_bp = Blueprint(
     "admin",
@@ -15,24 +13,3 @@ admin_bp = Blueprint(
 def admin_required():
     if not current_user.is_admin:
         abort(403)
-
-
-@admin_bp.route("/food_items", methods=["GET"])
-def food_items():
-    items = FoodItem.query.all()
-    return render_template("food_items.html", items=items)
-
-
-@admin_bp.route("/barcode_test", methods=["GET"])
-def barcode_test():
-    return render_template("barcode_test.html")
-
-
-@admin_bp.route("/delete_food/<int:id>", methods=["POST"])
-def delete_food(id):
-    item = FoodItem.query.get(id)
-    if item:
-        if item.owner_id == current_user.id:
-            db.session.delete(item)
-            db.session.commit()
-    return redirect(url_for("admin.food_items"))

application/admin/templates/barcode_test.html

@@ -1,55 +0,0 @@
-{% extends "base.html" %}
-{% block title %}
-ZXing Barcode Scanner
-{% endblock %}
-
-{% block content %}
-<div class="container text-center">
-    <h1 class="mb-4">📷 ZXing Barcode Scanner</h1>
-
-    <div class="mb-3">
-        <video id="video" class="border rounded shadow-sm" width="100%" style="max-width: 500px;"></video>
-    </div>
-
-    <div class="mb-3">
-        <button id="startButton" class="btn btn-primary">Start Scanning</button>
-        <button id="stopButton" class="btn btn-danger ms-2">Stop</button>
-    </div>
-
-    <div>
-        <h5>Result:</h5>
-        <p id="result" class="fw-bold text-success"></p>
-    </div>
-</div>
-
-<script type="module">
-    import { BrowserMultiFormatReader } from 'https://cdn.jsdelivr.net/npm/@zxing/library@0.21.3/+esm';
-
-    const codeReader = new BrowserMultiFormatReader();
-    const videoElement = document.getElementById('video');
-    const resultElement = document.getElementById('result');
-
-    document.getElementById('startButton').addEventListener('click', async () => {
-        await navigator.mediaDevices.getUserMedia({ video: true });
-        console.log('[DEBUG] Start button clicked');
-        const devices = await codeReader.listVideoInputDevices();
-        console.log('[DEBUG] Cameras found:', devices);
-        const selectedDeviceId = devices[0]?.deviceId;
-        if (!selectedDeviceId) {
-            alert('No camera found!');
-            return;
-        }
-        codeReader.decodeFromVideoDevice(selectedDeviceId, videoElement, (result, err, controls) => {
-            if (result) {
-                resultElement.textContent = result.getText();
-                controls.stop();
-            }
-        });
-    });
-
-    document.getElementById('stopButton').addEventListener('click', () => {
-        codeReader.reset();
-        resultElement.textContent = '';
-    });
-</script>
-{% endblock %}

application/admin/templates/food_items.html

@@ -1,47 +0,0 @@
-{% extends "base.html" %}
-
-{% block title %}
-Food Nutritional Info
-{% endblock %}
-
-{% block content %}
-<div class="container mt-5">
-    <h1 class="mb-4">Food Nutritional Information (per 100g/100ml)</h1>
-    <div class="table-responsive">
-        <table class="table table-bordered table-hover align-middle">
-            <thead class="table-dark">
-                <tr>
-                    <th>Name</th>
-                    <th>Energy (kcal)</th>
-                    <th>fat (g)</th>
-                    <th>Saturated fat (g)</th>
-                    <th>Sugars (g)</th>
-                    <th>Carbs (g)</th>
-                    <th>Protein (g)</th>
-                    <th>Actions</th>
-                </tr>
-            </thead>
-            <tbody>
-                {% for food in items %}
-                <tr>
-                    <td class="bg-body-tertiary">{{ food.name }}</td>
-                    <td class="bg-body-tertiary">{{ food.energy_100 }}</td>
-                    <td class="bg-body-tertiary">{{ food.fat_100 }}</td>
-                    <td class="bg-body-tertiary">{{ food.saturated_fat_100 }}</td>
-                    <td class="bg-body-tertiary">{{ food.sugar_100 }}</td>
-                    <td class="bg-body-tertiary">{{ food.carbs_100 }}</td>
-                    <td class="bg-body-tertiary">{{ food.protein_100 }}</td>
-                    <td class="bg-body-tertiary">
-                        <form method="POST" action="{{ url_for('admin.delete_food', id=food.id) }}"
-                            onsubmit="return confirm('Are you sure you want to delete this item?');">
-                            <button type="submit" class="btn btn-danger btn-sm">Delete</button>
-                        </form>
-                    </td>
-                </tr>
-                {% endfor %}
-            </tbody>
-        </table>
-    </div>
-</div>
-
-{% endblock%}

application/auth/routes.py

@@ -0,0 +1,59 @@
+from flask import Blueprint, request, render_template, redirect, url_for
+from flask_login import current_user, login_user, logout_user
+from forms import LoginForm, ChangePasswordForm
+from models import User
+from application.utils import default_return
+from application import db
+
+bp = Blueprint(
+    "auth",
+    __name__,
+    template_folder="templates",
+)
+
+
+@bp.route("/login", methods=["GET", "POST"])
+def login():
+    if current_user.is_authenticated:
+        return default_return()
+
+    form = LoginForm()
+    if form.validate_on_submit():
+        user = User.query.filter_by(username=form.username.data).first()
+        if user and user.check_password(password=form.password.data):
+            # User found and password correct
+            next_page = request.args.get("next")  # Get next page if given
+            login_user(user)  # Log in the user
+            return default_return(next_page=next_page)
+        else:
+            pass
+            # invalid user
+    return render_template("login.html", form=form)
+
+
+@bp.route("/change_password", methods=["GET", "POST"])
+def change_password():
+    if not current_user.is_authenticated:
+        return redirect(url_for("auth.login"))
+
+    form = ChangePasswordForm()
+    if form.validate_on_submit():
+        cur_check = current_user.check_password(
+            password=form.current_password.data
+        )
+        eq_check = form.new_password.data == form.confirm_password.data
+        if cur_check and eq_check:
+            current_user.change_password(form.new_password.data)
+            current_user.set_pw_change(False)
+            db.session.commit()
+            return default_return()
+    return render_template("change_password.html", form=form)
+
+
+@bp.route("/logout")
+def logout():
+    if not current_user.is_authenticated:
+        return redirect(url_for("auth.login"))
+
+    logout_user()
+    return redirect(url_for("index"))

application/auth/templates/change_password.html

@@ -0,0 +1,46 @@
+{% extends "base.html" %}
+
+{% block content %}
+<div class="container d-flex justify-content-center align-items-center">
+    <div class="card shadow-sm p-4" style="width: 100%; max-width: 400px;">
+        <h3 class="mb-4 text-center">Login</h3>
+        <form method="post">
+            {{ form.hidden_tag() }}
+
+            <div class="mb-3">
+                {{ form.current_password.label(class="form-label") }}
+                {{ form.current_password(class="form-control", placeholder="") }}
+                {% if form.current_password.errors %}
+                <div class="text-danger small">
+                    {{ form.current_password.errors[0] }}
+                </div>
+                {% endif %}
+            </div>
+
+            <div class="mb-3">
+                {{ form.new_password.label(class="form-label") }}
+                {{ form.new_password(class="form-control", placeholder="Enter password") }}
+                {% if form.new_password.errors %}
+                <div class="text-danger small">
+                    {{ form.new_password.errors[0] }}
+                </div>
+                {% endif %}
+            </div>
+
+            <div class="mb-3">
+                {{ form.confirm_password.label(class="form-label") }}
+                {{ form.confirm_password(class="form-control", placeholder="Enter password") }}
+                {% if form.confirm_password.errors %}
+                <div class="text-danger small">
+                    {{ form.confirm_password.errors[0] }}
+                </div>
+                {% endif %}
+            </div>
+
+            <div class="d-grid">
+                {{ form.submit(class="btn btn-primary btn-lg") }}
+            </div>
+        </form>
+    </div>
+</div>
+{% endblock%}

application/auth/templates/login.html

@@ -0,0 +1,36 @@
+{% extends "base.html" %}
+
+{% block content %}
+<div class="container d-flex justify-content-center align-items-center">
+    <div class="card shadow-sm p-4" style="width: 100%; max-width: 400px;">
+        <h3 class="mb-4 text-center">Login</h3>
+        <form method="post">
+            {{ form.hidden_tag() }}
+
+            <div class="mb-3">
+                {{ form.username.label(class="form-label") }}
+                {{ form.username(class="form-control", placeholder="Enter username") }}
+                {% if form.username.errors %}
+                <div class="text-danger small">
+                    {{ form.username.errors[0] }}
+                </div>
+                {% endif %}
+            </div>
+
+            <div class="mb-3">
+                {{ form.password.label(class="form-label") }}
+                {{ form.password(class="form-control", placeholder="Enter password") }}
+                {% if form.password.errors %}
+                <div class="text-danger small">
+                    {{ form.password.errors[0] }}
+                </div>
+                {% endif %}
+            </div>
+
+            <div class="d-grid">
+                {{ form.submit(class="btn btn-primary btn-lg") }}
+            </div>
+        </form>
+    </div>
+</div>
+{% endblock%}

application/templates/base.html

@@ -25,6 +25,9 @@
                         <li class="nav-item">
                             <a class="nav-link" href="{{ url_for('user.daily_log') }}">Daily Log</a>
                         </li>
+                        <li class="nav-item">
+                            <a class="nav-link" href="{{ url_for('user.daily_log2') }}">Daily Log (new)</a>
+                        </li>
                         <li class="nav-item">
                             <a class="nav-link" href="{{ url_for('user.dashboard') }}">Dashboard</a>
                         </li>
@@ -32,11 +35,11 @@
                     <ul class="navbar-nav">
                         {% if current_user.is_authenticated %}
                         <li class="nav-item">
-                            <a class="nav-link" href="{{ url_for('logout') }}">Logout</a>
+                            <a class="nav-link" href="{{ url_for('auth.logout') }}">Logout</a>
                         </li>
                         {% else %}
                         <li class="nav-item">
-                            <a class="nav-link" href="{{ url_for('login') }}">Login</a>
+                            <a class="nav-link" href="{{ url_for('auth.login') }}">Login</a>
                         </li>
                         {% endif %}
                         <li class="nav-item">

application/user/routes.py

@@ -12,6 +12,9 @@ from application import db
 from forms import FoodItemForm
 from models import FoodItem, FoodLog
 from datetime import datetime, timezone, timedelta
+from application.utils import login_required
+from typing import cast
+from numpy import array
 
 user_bp = Blueprint(
     "user",
@@ -20,10 +23,58 @@ user_bp = Blueprint(
 )
 
 
-@user_bp.before_request
-def login_required():
-    if not current_user.is_authenticated:
-        return redirect(url_for("login"))
+def macro_arr_to_json(data: list[float]):
+    assert len(data) == 4
+    cal = data[0]
+    pro = data[3]
+    car = data[2]
+    fat = data[1]
+    macros = [
+        {
+            "name": "Calories",
+            "current": cal,
+            "target": 2000,
+            "bar_width": 100 - abs(cal / 20 - 100),
+            "bar_width_overflow": max(0, cal / 20 - 100),
+            "unit": " kcal",
+            "color": "bg-calories",
+            "overflow_color": "bg-calories-dark",
+        },
+        {
+            "name": "Protein",
+            "current": pro,
+            "target": 150,
+            "bar_width": 100 - abs(pro / 1.5 - 100),
+            "bar_width_overflow": max(0, pro / 1.5 - 100),
+            "unit": "g",
+            "color": "bg-protein",
+            "overflow_color": "bg-protein-dark",
+        },
+        {
+            "name": "Carbs",
+            "current": car,
+            "target": 250,
+            "bar_width": 100 - abs(car / 2.5 - 100),
+            "bar_width_overflow": max(0, car / 2.5 - 100),
+            "unit": "g",
+            "color": "bg-carbs",
+            "overflow_color": "bg-carbs-dark",
+        },
+        {
+            "name": "Fat",
+            "current": fat,
+            "target": 70,
+            "bar_width": 100 - abs(fat / 0.7 - 100),
+            "bar_width_overflow": max(0, fat / 0.7 - 100),
+            "unit": "g",
+            "color": "bg-fat",
+            "overflow_color": "bg-fat-dark",
+        },
+    ]
+    return macros
+
+
+user_bp.before_request(login_required)
 
 
 @user_bp.route("/dashboard", methods=["GET"])
@@ -102,6 +153,18 @@ def daily_log(offset: int = 0):
     )
 
 
+@user_bp.route("/daily_log2", methods=["GET"])
+def daily_log2():
+    today = datetime.now(timezone.utc).date()
+    logs_today = current_user.food_logs.filter_by(date_=today).all()
+    macros = array((0.0, 0.0, 0.0, 0.0))
+    for log in logs_today:
+        item = cast(FoodItem, log.food_item)
+        macros += array(item.macros()) / 100 * log.amount
+    macros = macro_arr_to_json(macros.tolist())
+    return render_template("daily_log2.html", macros=macros, logs=logs_today)
+
+
 @user_bp.route("/remove_log/<int:id>", methods=["POST"])
 def remove_log(id: int):
     log = db.session.get(FoodLog, id)

application/user/templates/daily_log.html

@@ -196,7 +196,8 @@ Food Nutritional Info
                         {{ "{:g}".format(log.amount) }}
                     </div>
                     <div class="col-auto text-end align-self-start" style="min-width: 80px;">
-                        <form method="POST" action="{{url_for('user.remove_log', id=log.id)}}" class="d-inline">
+                        <form method="POST" action="{{url_for('user.remove_log', id=log.id)}}" class="d-inline"
+                            onsubmit="return confirm('Are you sure you want to delete this item?');">
                             <button type="submit" class="btn btn-sm btn-danger px-3 py-1"
                                 title="Delete">&times;</button>
                         </form>

application/user/templates/daily_log2.html

@@ -0,0 +1,67 @@
+{% extends 'base.html' %}
+
+{% block title %}Daily Calorie Dashboard{% endblock %}
+
+{% block content %}
+<link rel="stylesheet" href="{{ url_for('static', filename='css/macros.css') }}">
+
+<div class="container my-4">
+    <h2 class="mb-3">Daily Calorie Dashboard</h2>
+
+    <!-- Macro Summary -->
+    <div class="card p-3 mb-3">
+        <h5>Macros</h5>
+        {% for macro in macros %}
+        <div class="mb-2">
+            <span class="macro-text">{{ macro.name }}: {{ macro.current }} / {{ macro.target }}</span>
+            <div class="progress rounded" style="height: 24px;">
+                <div class="progress-bar bg-danger macro-bar" role="progressbar"
+                    style="width: {{ macro.bar_width_overflow }}%">
+                    {{ macro.current - macro.target }}{{ macro.unit }}
+                </div>
+                <div class="progress-bar bg-success macro-bar" role="progressbar" style="width: {{ macro.bar_width }}%">
+                    {{ macro.current }}{{ macro.unit }}
+                </div>
+            </div>
+        </div>
+        {% endfor %}
+    </div>
+
+    <!-- Items List -->
+    <div class="card p-3">
+        <h5>Items Eaten Today</h5>
+        <div class="list-group list-group-flush">
+            {% for log in logs %}
+            <div class="list-group-item item-row d-flex justify-content-between align-items-center bg-dark text-light">
+                <span>({{ log.amount }}g) {{ log.food_item.name }}</span>
+                <span>{{ log.food_item.energy_100 }} kcal</span>
+            </div>
+            {% endfor %}
+        </div>
+    </div>
+
+
+</div>
+
+<!-- Bottom Navigation Buttons -->
+<div class="container-fluid fixed-bottom py-2">
+    <div class="d-flex p-3">
+        <!-- Left Button -->
+        <a href="" class="btn btn-outline-light flex-fill me-2 rounded-pill">
+            ‹ Previous
+        </a>
+
+        <!-- Center Button (highlighted) -->
+        <a href="{{ url_for('add_meal.step1', meal_type=0) }}"
+            class="btn btn-success flex-fill mx-2 fw-bold rounded-pill">
+            ＋ Add Item
+        </a>
+
+        <!-- Right Button -->
+        <a href="" class="btn btn-outline-light flex-fill ms-2 rounded-pill">
+            Next ›
+        </a>
+    </div>
+</div>
+
+{% endblock %}

application/utils.py

@@ -0,0 +1,21 @@
+from flask_login import current_user
+from flask import redirect, url_for, flash
+from typing import Optional
+
+
+def login_required():
+    if not current_user.is_authenticated:
+        return redirect(url_for("auth.login"))
+    if current_user.must_change_password:
+        flash("You have to change your password")
+        return redirect(url_for("auth.change_password"))
+    return
+
+
+def default_return(next_page: Optional[str] = None):
+    return redirect(url_for("user.daily_log"))
+    if next_page:
+        return redirect(next_page)
+    if current_user.is_admin:
+        return redirect(url_for("admin.food_items"))
+    return redirect(url_for("dashboard"))

forms.py

@@ -3,7 +3,6 @@ from wtforms import (
     StringField,
     PasswordField,
     SubmitField,
-    IntegerField,
     FloatField,
 )
 from wtforms.validators import DataRequired, InputRequired, Optional
@@ -12,19 +11,52 @@ from wtforms.validators import DataRequired, InputRequired, Optional
 class LoginForm(FlaskForm):
     username = StringField("Username", validators=[DataRequired()])
     password = PasswordField("Password", validators=[DataRequired()])
-    submit = SubmitField("Login")
+    submit = SubmitField("Log in")
+
+
+class ChangePasswordForm(FlaskForm):
+    current_password = PasswordField(
+        "Current password", validators=[DataRequired()]
+    )
+    new_password = PasswordField("New password", validators=[DataRequired()])
+    confirm_password = PasswordField(
+        "Confirm new password", validators=[DataRequired()]
+    )
+    submit = SubmitField("Change password")
 
 
 class FoodItemForm(FlaskForm):
     barcode = StringField("Barcode", validators=[Optional()])
     name = StringField("Product Name", validators=[DataRequired()])
-    energy = IntegerField("Energy per 100g", validators=[InputRequired()])
-    protein = FloatField("protein per 100g", validators=[InputRequired()])
-    carbs = FloatField("carbs per 100g", validators=[InputRequired()])
-    sugar = FloatField("sugar per 100g", validators=[Optional()])
-    fat = FloatField("fat per 100g", validators=[InputRequired()])
+    energy = FloatField(
+        "Energy per 100g",
+        validators=[InputRequired()],
+        render_kw={"inputmode": "decimal"},
+    )
+    protein = FloatField(
+        "protein per 100g",
+        validators=[InputRequired()],
+        render_kw={"inputmode": "decimal"},
+    )
+    carbs = FloatField(
+        "carbs per 100g",
+        validators=[InputRequired()],
+        render_kw={"inputmode": "decimal"},
+    )
+    sugar = FloatField(
+        "sugar per 100g",
+        validators=[Optional()],
+        render_kw={"inputmode": "decimal"},
+    )
+    fat = FloatField(
+        "fat per 100g",
+        validators=[InputRequired()],
+        render_kw={"inputmode": "decimal"},
+    )
     saturated_fat = FloatField(
-        "saturated_fat per 100g", validators=[Optional()]
+        "saturated_fat per 100g",
+        validators=[Optional()],
+        render_kw={"inputmode": "decimal"},
     )
     submit = SubmitField("Add Item")
 

migrations/versions/101002a6ef17_.py

@@ -0,0 +1,40 @@
+"""empty message
+
+Revision ID: 101002a6ef17
+Revises: dea130d45cec
+Create Date: 2025-08-11 17:16:34.617851
+
+"""
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = "101002a6ef17"
+down_revision = "dea130d45cec"
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("user", schema=None) as batch_op:
+        batch_op.add_column(
+            sa.Column(
+                "must_change_password",
+                sa.Boolean(),
+                nullable=False,
+                server_default="1",
+            )
+        )
+
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("user", schema=None) as batch_op:
+        batch_op.drop_column("must_change_password")
+
+    # ### end Alembic commands ###

migrations/versions/dea130d45cec_.py

@@ -0,0 +1,38 @@
+"""empty message
+
+Revision ID: dea130d45cec
+Revises: f5fbbe915d51
+Create Date: 2025-08-11 16:51:55.485569
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'dea130d45cec'
+down_revision = 'f5fbbe915d51'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('food_item', schema=None) as batch_op:
+        batch_op.alter_column('energy_100',
+               existing_type=sa.INTEGER(),
+               type_=sa.Float(),
+               existing_nullable=False)
+
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('food_item', schema=None) as batch_op:
+        batch_op.alter_column('energy_100',
+               existing_type=sa.Float(),
+               type_=sa.INTEGER(),
+               existing_nullable=False)
+
+    # ### end Alembic commands ###

models.py

@@ -12,17 +12,23 @@ class User(UserMixin, db.Model):
     username = db.Column(db.String(150), unique=True, nullable=False)
     password = db.Column(db.String, nullable=False)
     is_admin = db.Column(db.Boolean, nullable=False, default=False)
+    must_change_password = db.Column(db.Boolean, nullable=False, default=False)
 
     food_items = db.relationship("FoodItem", lazy="dynamic", backref="user")
     food_logs = db.relationship("FoodLog", lazy="dynamic", backref="user")
 
     def __init__(
-        self, username: str, password: str, is_admin: bool = False
+        self,
+        username: str,
+        password: str,
+        is_admin: bool = False,
+        must_change_password: bool = False,
     ) -> None:
         super().__init__()
         self.username = username
         self.password = generate_password_hash(password=password)
         self.is_admin = is_admin
+        self.must_change_password = must_change_password
 
     def check_password(self, password: str) -> bool:
         return check_password_hash(pwhash=self.password, password=password)
@@ -30,6 +36,9 @@ class User(UserMixin, db.Model):
     def change_password(self, password: str) -> None:
         self.password = generate_password_hash(password=password)
 
+    def set_pw_change(self, change: bool) -> None:
+        self.must_change_password = change
+
 
 class Unit(db.Model):
     __tablename__ = "unit"
@@ -40,17 +49,18 @@ class Unit(db.Model):
 
 class FoodItem(db.Model):
     __tablename__ = "food_item"
+
     id = db.Column(db.Integer, primary_key=True)
     barcode = db.Column(db.String)
     owner_id = db.Column(db.Integer, db.ForeignKey("user.id"), nullable=False)
     name = db.Column(db.String(150), nullable=False)
 
-    energy_100 = db.Column(db.Integer, nullable=False)
-    protein_100 = db.Column(db.Float, nullable=False)
-    carbs_100 = db.Column(db.Float, nullable=False)
-    sugar_100 = db.Column(db.Float)
-    fat_100 = db.Column(db.Float, nullable=False)
-    saturated_fat_100 = db.Column(db.Float)
+    energy_100: float = db.Column(db.Float, nullable=False)
+    protein_100: float = db.Column(db.Float, nullable=False)
+    carbs_100: float = db.Column(db.Float, nullable=False)
+    sugar_100: Optional[float] = db.Column(db.Float)
+    fat_100: float = db.Column(db.Float, nullable=False)
+    saturated_fat_100: Optional[float] = db.Column(db.Float)
 
     food_logs = db.relationship(
         "FoodLog",
@@ -68,7 +78,7 @@ class FoodItem(db.Model):
         self,
         name: str,
         owner_id: int,
-        energy: int,
+        energy: float,
         protein: float,
         carbs: float,
         fat: float,
@@ -90,26 +100,20 @@ class FoodItem(db.Model):
 
     def updateFromForm(self, form: FoodItemForm):
         self.name = form.name.data
-        self.energy_100 = form.energy.data
-        self.protein_100 = form.protein.data
-        self.carbs_100 = form.carbs.data
+        self.energy_100 = form.energy.data or 0
+        self.protein_100 = form.protein.data or 0
+        self.carbs_100 = form.carbs.data or 0
         self.sugar_100 = form.sugar.data
-        self.fat_100 = form.fat.data
+        self.fat_100 = form.fat.data or 0
         self.saturated_fat_100 = form.saturated_fat.data
 
-    def to_dict(self):
-        return {
-            "id": self.id,
-            "barcode": self.barcode,
-            "name": self.name,
-            "owner_id": self.owner_id,
-            "energy_100": self.energy_100,
-            "protein_100": self.protein_100,
-            "carbs_100": self.carbs_100,
-            "sugar_100": self.sugar_100,
-            "fat_100": self.fat_100,
-            "saturated_fat_100": self.saturated_fat_100,
-        }
+    def macros(self) -> tuple[float, float, float, float]:
+        return (
+            self.energy_100,
+            self.fat_100,
+            self.carbs_100,
+            self.protein_100,
+        )
 
 
 class FoodLog(db.Model):

requirements.txt

@@ -1,18 +1,71 @@
 alembic==1.16.1
 blinker==1.9.0
+certifi==2025.4.26
+charset-normalizer==3.4.2
 click==8.2.1
 colorama==0.4.6
+contourpy==1.3.2
+cycler==0.12.1
+easyocr==1.7.2
+filelock==3.18.0
 Flask==3.1.1
 Flask-Login==0.6.3
 Flask-Migrate==4.1.0
 Flask-SQLAlchemy==3.1.1
 Flask-WTF==1.2.2
+fonttools==4.58.2
+fsspec==2025.5.1
 greenlet==3.2.2
+huggingface-hub==0.33.0
+idna==3.10
+imageio==2.37.0
 itsdangerous==2.2.0
 Jinja2==3.1.6
+kiwisolver==1.4.8
+lazy_loader==0.4
 Mako==1.3.10
 MarkupSafe==3.0.2
+matplotlib==3.10.3
+mpmath==1.3.0
+mypy==1.17.1
+mypy_extensions==1.1.0
+networkx==3.5
+ninja==1.11.1.4
+numpy==2.3.0
+opencv-python==4.11.0.86
+opencv-python-headless==4.11.0.86
+packaging==25.0
+pandas==2.3.0
+pathspec==0.12.1
+pillow==11.2.1
+psutil==7.0.0
+py-cpuinfo==9.0.0
+pyclipper==1.3.0.post6
+pyparsing==3.2.3
+python-bidi==0.6.6
+python-dateutil==2.9.0.post0
+pytz==2025.2
+PyYAML==6.0.2
+regex==2024.11.6
+requests==2.32.4
+safetensors==0.5.3
+scikit-image==0.25.2
+scipy==1.15.3
+shapely==2.1.1
+six==1.17.0
 SQLAlchemy==2.0.41
+sqlalchemy-stubs==0.4
+sympy==1.14.0
+tifffile==2025.6.11
+tokenizers==0.21.1
+torch==2.7.1
+torchvision==0.22.1
+tqdm==4.67.1
+transformers==4.52.4
 typing_extensions==4.13.2
+tzdata==2025.2
+ultralytics==8.3.153
+ultralytics-thop==2.0.14
+urllib3==2.4.0
 Werkzeug==3.1.3
 WTForms==3.2.1